Ubuntu
wireguard package

Cannot install wireguard-tools on systems without .deb kernel - Drop useless depends on wireguard-modules / wireguard-dkms

Bug #2008086 reported by Dimitri John Ledkov
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
wireguard (Ubuntu)
Fix Released
Undecided
Unassigned
Jammy
Incomplete
Undecided
Unassigned
Kinetic
Incomplete
Undecided
Unassigned
Lunar
Fix Released
Undecided
Unassigned

Bug Description

[ Impact ]

 * wireguard package has historic depends on wireguard-modules | wireguard-dkms, which are now useless. Wireguard module has been built-in since forever, and wireguard-dkms has been removed from the archive. Drop these as no longer required.

 * This can be safely dropped in jammy sru as well, to allow wireguard-tools userspace package to be installable with hwe kernels from lunar, and inside containers.

[ Test Plan ]

 * install wireguard-tools package inside container without linux kernel installed

[ Where problems could occur ]

 * This change will allow to drop wireguard-modules provides calculation in all ubuntu kernel meta's.

 * "There likely exist users who use their own kernel builds. They may not match ours. If they have automation that just installs "wireguard" and that works today, this change would break that automation." => that's not true rbasak because there is no dkms provider for wireguard anymore.

[ Other Info ]

 * This probably should have been done before jammy release.

See original description

Related branches

~xnox/ubuntu/+source/wireguard:lp2008086/jammy
Ubuntu Stable Release Updates Team: Pending requested
Diff: 36 lines (+8/-2)
2 files modified
debian/changelog (+8/-0)
debian/control (+0/-2)
~xnox/ubuntu/+source/wireguard:lp2008086/kinetic
Ubuntu Stable Release Updates Team: Pending requested
Diff: 36 lines (+8/-2)
2 files modified
debian/changelog (+8/-0)
debian/control (+0/-2)
Dimitri John Ledkov (xnox)
summary: - Drop useless depends on wireguard-modules / wireguard-dkms
+ Cannot install wireguard-tools on systems without .deb kernel - Drop
+ useless depends on wireguard-modules / wireguard-dkms
Changed in wireguard (Ubuntu Lunar):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package wireguard - 1.0.20210914-1ubuntu3

---------------
wireguard (1.0.20210914-1ubuntu3) lunar; urgency=medium

  * Drop depends on wireguard-modules (always built-in), wireguard-dkms
    (removed from the archive). This makes wireguard package sort of
    redundant. LP: #2008086
  * Drop 0002-Avoid-requiring-glibc-2.25-for-wireguard-tools.patch as
    glibc-2.25 has been around since forever.
  * Cherry-pick upstream fixups from master.

 -- Dimitri John Ledkov <email address hidden> Wed, 22 Feb 2023 12:35:51 +0000

Changed in wireguard (Ubuntu Lunar):
status: In Progress → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

What is broken with wireguard that justifies an SRU? There is no wireguard-modules package in either release, this is a virtual package provided by all of the kernels. This looks like needless churn of the wireguard package to me.

Changed in wireguard (Ubuntu Kinetic):
status: New → Incomplete
Revision history for this message
Steve Langasek (vorlon) wrote : Proposed package upload rejected

An upload of wireguard to kinetic-proposed has been rejected from the upload queue for the following reason: "No response from submitter to request for justification".

Robie Basak (racb)
description: updated
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

@vorlon

1) a container or chroot running on jammy or kinetic host, cannot install wireguard userspace tooling and use it, without needlesly installing an unused kernel package.

2) On Ubuntu Desktop (as shipped for the xinyi/desktop-fde project) with kernel provided by a snap, there is nothing in deb userspace that allows to install something that provies "wireguard-modules", meaning it is not possible to use wireguard.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

@racb

Please do not edit bug description without consultation.

> * There likely exist users who use their own kernel builds. They may not match ours. If they have automation that just installs "wireguard" and that works today, this change would break that automation.

That assessment is incorrect. If self-built kernel doesn't provide wireguard.ko, no dependencies will create it (i.e. there is no dkms package that would compile wireguard.ko). Instead, currently a useless copy of ubuntu kernel will be demanded to be installed to satisfy the virtual provides. Or the userspace package will not be installed at all. Meaning "just installing `wireguard` on a kernel that chose not to copile wireguard.ko, does not result in a working wireguard today with or without this change.

I am removing your addition, which is factually incorrect.

description: updated
Changed in wireguard (Ubuntu Kinetic):
status: Incomplete → In Progress
Changed in wireguard (Ubuntu Jammy):
status: New → In Progress
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

In jammy there still is dkms module, which is severely out of date, compared to the supported kernels and the wireguard they ship:

 wireguard-dkms | 1.0.20210606-1 | jammy/universe | all

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Also note https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/1873288 request to not recommend wireguard-dkms in jammy

Revision history for this message
Robie Basak (racb) wrote :

> [ Impact ]

> * wireguard package has historic depends on wireguard-modules | wireguard-dkms, which are now useless. Wireguard module has been built-in since forever, and wireguard-dkms has been removed from the archive. Drop these as no longer required.

This doesn't describe how users of stable releases are impacted, which is necessary to consider if an SRU is appropriate. It's a true statement but not really part of any user impact as far as I can tell?

> * This can be safely dropped in jammy sru as well, to allow wireguard-tools userspace package to be installable with hwe kernels from lunar, and inside containers.

How does this impact users, though? What scenarios exist where users are trying to install wireguard-tools inside containers? Why can't you just provide the wireguard-modules Provides in your HWE backports from Lunar?

> 2) On Ubuntu Desktop (as shipped for the xinyi/desktop-fde project) with kernel provided by a snap, there is nothing in deb userspace that allows to install something that provies "wireguard-modules", meaning it is not possible to use wireguard.

Why can that project not provide an equivs-style deb that Provides: wireguard-modules in scenarios where it is ensuring that such a kernel is available? Wouldn't this reduce risk to existing users of Jammy?

Revision history for this message
Robie Basak (racb) wrote :

Marking as Incomplete for the benefit of SRU reviewers. Please set back once my questions are answered.

Changed in wireguard (Ubuntu Jammy):
status: In Progress → Incomplete
Changed in wireguard (Ubuntu Kinetic):
status: In Progress → Incomplete
Revision history for this message
Robie Basak (racb) wrote :

An upload of wireguard to jammy-proposed has been rejected from the upload queue for the following reason: "Question in https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/2008086 outstanding for more than a month".

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.