Fedora 35 system not seeing Debian 11.1 system and vice versa #78

@harishpillay commented on GitHub (Nov 4, 2021):

% head -5 /var/log/wiretrustee/client.log
time="2021-11-04T17:19:11+08:00" level=info msg="starting service"
time="2021-11-04T17:19:11+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory"
time="2021-11-04T17:19:12+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory"
time="2021-11-04T17:19:14+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory"
time="2021-11-04T17:19:16+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory"

is repeatedly posted although it exists:

% ls -lat /etc/wiretrustee/config.json
-rw-------. 1 root root 443 Nov 4 17:24 /etc/wiretrustee/config.json

Happy to continue to test Fedora 35 (and RHEL/CentOS systems).

@harishpillay commented on GitHub (Nov 4, 2021): % head -5 /var/log/wiretrustee/client.log time="2021-11-04T17:19:11+08:00" level=info msg="starting service" time="2021-11-04T17:19:11+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory" time="2021-11-04T17:19:12+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory" time="2021-11-04T17:19:14+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory" time="2021-11-04T17:19:16+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: no such file or directory" is repeatedly posted although it exists: % ls -lat /etc/wiretrustee/config.json -rw-------. 1 root root 443 Nov 4 17:24 /etc/wiretrustee/config.json Happy to continue to test Fedora 35 (and RHEL/CentOS systems).

saavagebueno commented

@harishpillay commented on GitHub (Nov 4, 2021):

I have installed on a CentOS Stream 8 system and I am able to ping the Debian 11.1 (and vice versa) and able to login via ssh. But the CentOS Stream 8 can't ping the Fedora 35 system.

On the F35:

-rw-------. 1 root root unconfined_u:object_r:etc_t:s0 443 Nov  4 17:24 /etc/wiretrustee/config.json

On the CentOS Stream 8:

-rw-------. 1 root root unconfined_u:object_r:etc_t:s0 443 Nov  4 20:34 /etc/wiretrustee/config.json

On the Debian 11.1:

-rw------- 1 root root ? 443 Nov  4 18:21 /etc/wiretrustee/config.json

So, SELinux does not seem to be an issue.

I will test further.

Harish

@harishpillay commented on GitHub (Nov 4, 2021): I have installed on a CentOS Stream 8 system and I am able to ping the Debian 11.1 (and vice versa) and able to login via ssh. But the CentOS Stream 8 can't ping the Fedora 35 system. On the F35: ``` ls -latZ /etc/wiretrustee/config.json -rw-------. 1 root root unconfined_u:object_r:etc_t:s0 443 Nov 4 17:24 /etc/wiretrustee/config.json ``` On the CentOS Stream 8: ``` ls -latZ /etc/wiretrustee/config.json -rw-------. 1 root root unconfined_u:object_r:etc_t:s0 443 Nov 4 20:34 /etc/wiretrustee/config.json ``` On the Debian 11.1: ``` ls -latZ /etc/wiretrustee/config.json -rw------- 1 root root ? 443 Nov 4 18:21 /etc/wiretrustee/config.json ``` So, SELinux does not seem to be an issue. I will test further. Harish

saavagebueno commented

@braginini commented on GitHub (Nov 5, 2021):

thank you @harishpillay
we have planned some tests on Fedora for tomorrow

@braginini commented on GitHub (Nov 5, 2021): thank you @harishpillay we have planned some tests on Fedora for tomorrow

saavagebueno commented

@harishpillay commented on GitHub (Nov 6, 2021):

thanks @braginini. looking forward to the updated rpms.

@harishpillay commented on GitHub (Nov 6, 2021): thanks @braginini. looking forward to the updated rpms.

saavagebueno commented

@harishpillay commented on GitHub (Nov 6, 2021):

I've updated all the systems with 0.2.3 and only the CentOS Stream 8 and Debian 11.1 can ping each other. The F35 systems can't.

@harishpillay commented on GitHub (Nov 6, 2021): I've updated all the systems with 0.2.3 and only the CentOS Stream 8 and Debian 11.1 can ping each other. The F35 systems can't.

saavagebueno commented

@mlsmaycon commented on GitHub (Nov 7, 2021):

Hello @harishpillay, after testing the installation, I couldn't reproduce the issue on a fresh Fedora 35 installation and Wiretrustee v0.2.3.

Checking SELinux contexts your config file seems ok, please ensure that the folder is following the same context as below:

 ls -latZ /etc/wiretrustee
total 4
drwxr-xr-x. 1 root root system_u:object_r:etc_t:s0     4648 Nov  7 10:48 ..
drwxr-x---. 1 root root unconfined_u:object_r:etc_t:s0   22 Nov  7 10:47 .
-rw-------. 1 root root unconfined_u:object_r:etc_t:s0  443 Nov  7 10:47 config.json

Can you confirm that you are running the service with sudo?

Besides that, we can check if there are any entries in the audit.log file that needs to be applied (not expected in default SELinux mode):

sudo grep wiretrustee /var/log/audit/audit.log | audit2allow

@mlsmaycon commented on GitHub (Nov 7, 2021): Hello @harishpillay, after testing the installation, I couldn't reproduce the issue on a fresh Fedora 35 installation and Wiretrustee v0.2.3. Checking SELinux contexts your config file seems ok, please ensure that the folder is following the same context as below: ```shell ls -latZ /etc/wiretrustee total 4 drwxr-xr-x. 1 root root system_u:object_r:etc_t:s0 4648 Nov 7 10:48 .. drwxr-x---. 1 root root unconfined_u:object_r:etc_t:s0 22 Nov 7 10:47 . -rw-------. 1 root root unconfined_u:object_r:etc_t:s0 443 Nov 7 10:47 config.json ``` Can you confirm that you are running the service with sudo? Besides that, we can check if there are any entries in the audit.log file that needs to be applied (not expected in default SELinux mode): ```shell sudo grep wiretrustee /var/log/audit/audit.log | audit2allow ```

saavagebueno commented

@harishpillay commented on GitHub (Nov 7, 2021):

@mlsmaycon

Hi. Thanks for the suggestions:

Hello @harishpillay, after testing the installation, I couldn't reproduce the issue on a fresh Fedora 35 installation and Wiretrustee v0.2.3.

Checking SELinux contexts your config file seems ok, please ensure that the folder is following the same context as below:
 ls -latZ /etc/wiretrustee
total 4
drwxr-xr-x. 1 root root system_u:object_r:etc_t:s0     4648 Nov  7 10:48 ..
drwxr-x---. 1 root root unconfined_u:object_r:etc_t:s0   22 Nov  7 10:47 .
-rw-------. 1 root root unconfined_u:object_r:etc_t:s0  443 Nov  7 10:47 config.json

the above is the exactly same in the CentOS Stream 8 and Fedora 35 systems.

Can you confirm that you are running the service with sudo?

as in systemctl? the setup done was the same on all of the systems. what would I need to do to check?

Besides that, we can check if there are any entries in the audit.log file that needs to be applied (not expected in default SELinux mode):
sudo grep wiretrustee /var/log/audit/audit.log | audit2allow

says, "Nothing to do".

On the F35:

$ tail -f /var/log/wiretrustee/client.log 
time="2021-11-07T19:13:04+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: too many open files"
time="2021-11-07T19:13:21+08:00" level=error msg="failed creating connection to Management Service context deadline exceeded"
time="2021-11-07T19:13:21+08:00" level=warning msg="rpc error: code = FailedPrecondition desc = failed connecting to Management Service : context deadline exceeded"
time="2021-11-07T19:13:40+08:00" level=error msg="failed to connect to the signalling server context deadline exceeded"
time="2021-11-07T19:13:40+08:00" level=error msg="error while connecting to the Signal Exchange Service signal2.wiretrustee.com:10000: context deadline exceeded"
time="2021-11-07T19:13:40+08:00" level=error msg="rpc error: code = FailedPrecondition desc = failed connecting to Signal Service : context deadline exceeded"
time="2021-11-07T19:14:06+08:00" level=error msg="failed to connect to the signalling server context deadline exceeded"
time="2021-11-07T19:14:06+08:00" level=error msg="error while connecting to the Signal Exchange Service signal2.wiretrustee.com:10000: context deadline exceeded"
time="2021-11-07T19:14:06+08:00" level=error msg="rpc error: code = FailedPrecondition desc = failed connecting to Signal Service : context deadline exceeded"
time="2021-11-07T19:14:27+08:00" level=error msg="failed to connect to the signalling server context deadline exceeded"
time="2021-11-07T19:14:27+08:00" level=error msg="error while connecting to the Signal Exchange Service signal2.wiretrustee.com:10000: context deadline exceeded"
time="2021-11-07T19:14:27+08:00" level=error msg="rpc error: code = FailedPrecondition desc = failed connecting to Signal Service : context deadline exceeded"

@harishpillay commented on GitHub (Nov 7, 2021): @mlsmaycon Hi. Thanks for the suggestions: > Hello @harishpillay, after testing the installation, I couldn't reproduce the issue on a fresh Fedora 35 installation and Wiretrustee v0.2.3. > > Checking SELinux contexts your config file seems ok, please ensure that the folder is following the same context as below: > > ```shell > ls -latZ /etc/wiretrustee > total 4 > drwxr-xr-x. 1 root root system_u:object_r:etc_t:s0 4648 Nov 7 10:48 .. > drwxr-x---. 1 root root unconfined_u:object_r:etc_t:s0 22 Nov 7 10:47 . > -rw-------. 1 root root unconfined_u:object_r:etc_t:s0 443 Nov 7 10:47 config.json > ``` the above is the exactly same in the CentOS Stream 8 and Fedora 35 systems. > Can you confirm that you are running the service with sudo? as in systemctl? the setup done was the same on all of the systems. what would I need to do to check? > Besides that, we can check if there are any entries in the audit.log file that needs to be applied (not expected in default SELinux mode): > > ```shell > sudo grep wiretrustee /var/log/audit/audit.log | audit2allow > ``` says, "Nothing to do". On the F35: ```shell $ tail -f /var/log/wiretrustee/client.log time="2021-11-07T19:13:04+08:00" level=error msg="failed reading config /etc/wiretrustee/config.json open /etc/wiretrustee/config.json: too many open files" time="2021-11-07T19:13:21+08:00" level=error msg="failed creating connection to Management Service context deadline exceeded" time="2021-11-07T19:13:21+08:00" level=warning msg="rpc error: code = FailedPrecondition desc = failed connecting to Management Service : context deadline exceeded" time="2021-11-07T19:13:40+08:00" level=error msg="failed to connect to the signalling server context deadline exceeded" time="2021-11-07T19:13:40+08:00" level=error msg="error while connecting to the Signal Exchange Service signal2.wiretrustee.com:10000: context deadline exceeded" time="2021-11-07T19:13:40+08:00" level=error msg="rpc error: code = FailedPrecondition desc = failed connecting to Signal Service : context deadline exceeded" time="2021-11-07T19:14:06+08:00" level=error msg="failed to connect to the signalling server context deadline exceeded" time="2021-11-07T19:14:06+08:00" level=error msg="error while connecting to the Signal Exchange Service signal2.wiretrustee.com:10000: context deadline exceeded" time="2021-11-07T19:14:06+08:00" level=error msg="rpc error: code = FailedPrecondition desc = failed connecting to Signal Service : context deadline exceeded" time="2021-11-07T19:14:27+08:00" level=error msg="failed to connect to the signalling server context deadline exceeded" time="2021-11-07T19:14:27+08:00" level=error msg="error while connecting to the Signal Exchange Service signal2.wiretrustee.com:10000: context deadline exceeded" time="2021-11-07T19:14:27+08:00" level=error msg="rpc error: code = FailedPrecondition desc = failed connecting to Signal Service : context deadline exceeded" ```

saavagebueno commented

@harishpillay commented on GitHub (Nov 7, 2021):

# wg
interface: wt0
  public key: /dDJVo3o70xPhTYi65JfZC3YO/k8FZuuNWJdEAePvjc=
  private key: (hidden)
# tail -f tail -f /var/log/wiretrustee/client.log
# systemctl start wiretrustee.service 
time="2021-11-07T19:25:04+08:00" level=info msg="starting service"
time="2021-11-07T19:25:06+08:00" level=error msg="failed configuring Wireguard interface [wt0]: read: wguser: errno=-98"
time="2021-11-07T19:25:06+08:00" level=error msg="error while starting Wiretrustee Connection Engine: read: wguser: errno=-98"
time="2021-11-07T19:25:09+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-07T19:25:09+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-07T19:25:12+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-07T19:25:12+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-07T19:25:17+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-07T19:25:17+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"

strange that it says the wt0 is busy. it was created but no IP was assigned.

@harishpillay commented on GitHub (Nov 7, 2021): ```# systemctl start wiretrustee.service # wg interface: wt0 public key: /dDJVo3o70xPhTYi65JfZC3YO/k8FZuuNWJdEAePvjc= private key: (hidden) # tail -f tail -f /var/log/wiretrustee/client.log # systemctl start wiretrustee.service time="2021-11-07T19:25:04+08:00" level=info msg="starting service" time="2021-11-07T19:25:06+08:00" level=error msg="failed configuring Wireguard interface [wt0]: read: wguser: errno=-98" time="2021-11-07T19:25:06+08:00" level=error msg="error while starting Wiretrustee Connection Engine: read: wguser: errno=-98" time="2021-11-07T19:25:09+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-07T19:25:09+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-07T19:25:12+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-07T19:25:12+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-07T19:25:17+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-07T19:25:17+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" ``` strange that it says the wt0 is busy. it was created but no IP was assigned.

saavagebueno commented

@harishpillay commented on GitHub (Nov 8, 2021):

I've done more testing and here are the results:

Setup 1:
a) NUC running CentOS Stream 8 native with wt enabled.
b) Debian 11.1 VM on that NUC with wt enabled.
c) Fedora 35 VM on that NUC with wt enabled. This F35 VM is freshly installed from F35 ISO.
d) 5 other upgraded F35 systems on the LAN that the NUC is attached to and two of them with wt enabled.

In Setup 1, all three can ping, ssh etc between themselves. The F35s in the LAN can't ping each other or with the ones in the NUC and vice versa.

Setup 2 (remote location):
a) Dell server running RHEL 6 (wt NOT enabled)
b) F35 VM on Dell server with wt enabled. This is a freshly installed F35.
c) Upgraded F35 VM on the same Dell with wt enabled.
d) 2nd instance of F35 VM on the Dell with wt enabled. This is also freshly installed.

In Setup 2, Upgraded F35 can't ping the two freshly installed F35 VMs. Those two F35 VMs can ping each other.

None of the systems from Setup 1 can access Setup 2 and vice versa.

Hope these additional scenarios are useful for debugging.

@harishpillay commented on GitHub (Nov 8, 2021): I've done more testing and here are the results: Setup 1: a) NUC running CentOS Stream 8 native with wt enabled. b) Debian 11.1 VM on that NUC with wt enabled. c) Fedora 35 VM on that NUC with wt enabled. This F35 VM is freshly installed from F35 ISO. d) 5 other upgraded F35 systems on the LAN that the NUC is attached to and two of them with wt enabled. In Setup 1, all three can ping, ssh etc between themselves. The F35s in the LAN can't ping each other or with the ones in the NUC and vice versa. Setup 2 (remote location): a) Dell server running RHEL 6 (wt NOT enabled) b) F35 VM on Dell server with wt enabled. This is a freshly installed F35. c) Upgraded F35 VM on the same Dell with wt enabled. d) 2nd instance of F35 VM on the Dell with wt enabled. This is also freshly installed. In Setup 2, Upgraded F35 can't ping the two freshly installed F35 VMs. Those two F35 VMs can ping each other. None of the systems from Setup 1 can access Setup 2 and vice versa. Hope these additional scenarios are useful for debugging.

saavagebueno commented

@mlsmaycon commented on GitHub (Nov 8, 2021):

hello @harishpillay could you run the following commands to enable a more verbose log:

sudo wiretrustee service stop
sudo wiretrustee service uninstall
sudo wiretrustee service install --log-level debug
sudo wiretrustee service start

After that it will be great if you can share the log files of at least 2 peers that can't communicate.

@mlsmaycon commented on GitHub (Nov 8, 2021): hello @harishpillay could you run the following commands to enable a more verbose log: ```shell sudo wiretrustee service stop sudo wiretrustee service uninstall sudo wiretrustee service install --log-level debug sudo wiretrustee service start ``` After that it will be great if you can share the log files of at least 2 peers that can't communicate.

saavagebueno commented

@harishpillay commented on GitHub (Nov 8, 2021):

OK. Here's output from two F35 systems (that were upgraded from F34):

System 1:

tail -f /var/log/wiretrustee/client.log
time="2021-11-09T10:18:59+08:00" level=debug msg="configuring Wireguard interface wt0"
time="2021-11-09T10:18:59+08:00" level=debug msg="adding Wireguard private key"
time="2021-11-09T10:18:59+08:00" level=debug msg="got Wireguard device wt0"
time="2021-11-09T10:18:59+08:00" level=error msg="failed configuring Wireguard interface [wt0]: read: wguser: errno=-98"
time="2021-11-09T10:18:59+08:00" level=error msg="error while starting Wiretrustee Connection Engine: read: wguser: errno=-98"
time="2021-11-09T10:19:01+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:01+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:01+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073"
time="2021-11-09T10:19:02+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-09T10:19:02+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-09T10:19:04+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:05+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:05+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073"
time="2021-11-09T10:19:06+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-09T10:19:06+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-09T10:19:09+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:09+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:10+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073"
time="2021-11-09T10:19:10+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-09T10:19:10+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-09T10:19:13+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:14+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"

System 2:

# tail -f /var/log/wiretrustee/client.log 
time="2021-11-09T10:19:16+08:00" level=debug msg="configuring Wireguard interface wt0"
time="2021-11-09T10:19:16+08:00" level=debug msg="adding Wireguard private key"
time="2021-11-09T10:19:16+08:00" level=debug msg="got Wireguard device wt0"
time="2021-11-09T10:19:16+08:00" level=error msg="failed configuring Wireguard interface [wt0]: read: wguser: errno=-98"
time="2021-11-09T10:19:16+08:00" level=error msg="error while starting Wiretrustee Connection Engine: read: wguser: errno=-98"
time="2021-11-09T10:19:17+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:17+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:18+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073"
time="2021-11-09T10:19:19+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-09T10:19:19+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-09T10:19:21+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:22+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:22+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073"
time="2021-11-09T10:19:23+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-09T10:19:23+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-09T10:19:26+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:26+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:27+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073"
time="2021-11-09T10:19:28+08:00" level=error msg="failed creating interface wt0: [device or resource busy]"
time="2021-11-09T10:19:28+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy"
time="2021-11-09T10:19:31+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073"
time="2021-11-09T10:19:32+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073"

Hope this helps.

@harishpillay commented on GitHub (Nov 8, 2021): OK. Here's output from two F35 systems (that were upgraded from F34): System 1: ``` tail -f /var/log/wiretrustee/client.log time="2021-11-09T10:18:59+08:00" level=debug msg="configuring Wireguard interface wt0" time="2021-11-09T10:18:59+08:00" level=debug msg="adding Wireguard private key" time="2021-11-09T10:18:59+08:00" level=debug msg="got Wireguard device wt0" time="2021-11-09T10:18:59+08:00" level=error msg="failed configuring Wireguard interface [wt0]: read: wguser: errno=-98" time="2021-11-09T10:18:59+08:00" level=error msg="error while starting Wiretrustee Connection Engine: read: wguser: errno=-98" time="2021-11-09T10:19:01+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:01+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:01+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073" time="2021-11-09T10:19:02+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-09T10:19:02+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-09T10:19:04+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:05+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:05+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073" time="2021-11-09T10:19:06+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-09T10:19:06+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-09T10:19:09+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:09+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:10+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073" time="2021-11-09T10:19:10+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-09T10:19:10+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-09T10:19:13+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:14+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" ``` System 2: ``` # tail -f /var/log/wiretrustee/client.log time="2021-11-09T10:19:16+08:00" level=debug msg="configuring Wireguard interface wt0" time="2021-11-09T10:19:16+08:00" level=debug msg="adding Wireguard private key" time="2021-11-09T10:19:16+08:00" level=debug msg="got Wireguard device wt0" time="2021-11-09T10:19:16+08:00" level=error msg="failed configuring Wireguard interface [wt0]: read: wguser: errno=-98" time="2021-11-09T10:19:16+08:00" level=error msg="error while starting Wiretrustee Connection Engine: read: wguser: errno=-98" time="2021-11-09T10:19:17+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:17+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:18+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073" time="2021-11-09T10:19:19+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-09T10:19:19+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-09T10:19:21+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:22+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:22+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073" time="2021-11-09T10:19:23+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-09T10:19:23+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-09T10:19:26+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:26+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:27+08:00" level=debug msg="peer logged in to Management Service api.wiretrustee.com:33073" time="2021-11-09T10:19:28+08:00" level=error msg="failed creating interface wt0: [device or resource busy]" time="2021-11-09T10:19:28+08:00" level=error msg="error while starting Wiretrustee Connection Engine: device or resource busy" time="2021-11-09T10:19:31+08:00" level=debug msg="connecting to management server api.wiretrustee.com:33073" time="2021-11-09T10:19:32+08:00" level=debug msg="connected to management server api.wiretrustee.com:33073" ``` Hope this helps.

saavagebueno commented

@mlsmaycon commented on GitHub (Nov 9, 2021):

Thank you @harishpillay, it seems like that at some point the interface wasn't removed correctly. Can you the commands below on both systems:

sudo ip link delete wt0
sudo wiretrustee service stop
sudo wiretrustee service start

After that you can try to ping each and if needed, send us the logs for troubleshoot

@mlsmaycon commented on GitHub (Nov 9, 2021): Thank you @harishpillay, it seems like that at some point the interface wasn't removed correctly. Can you the commands below on both systems: ``` sudo ip link delete wt0 sudo wiretrustee service stop sudo wiretrustee service start ``` After that you can try to ping each and if needed, send us the logs for troubleshoot

saavagebueno commented

@harishpillay commented on GitHub (Nov 9, 2021):

Did just that and no luck. Same messages as in the logs above.

Not able to ping any of the others.

@harishpillay commented on GitHub (Nov 9, 2021): Did just that and no luck. Same messages as in the logs above. Not able to ping any of the others.

saavagebueno commented

@mlsmaycon commented on GitHub (Nov 9, 2021):

Can you disable SELinux and check if the interface is created ?

ip a
sudo ip link delete wt0
sudo wiretrustee service stop
sudo setenforce 0
sudo wiretrustee service start
ip a

Can you confirm if both runs of the ip a returns the wt0 interface?

Once you are done with the command, you can enable SElinux by running:

sudo setenforce 1

@mlsmaycon commented on GitHub (Nov 9, 2021): Can you disable SELinux and check if the interface is created ? ``` ip a sudo ip link delete wt0 sudo wiretrustee service stop sudo setenforce 0 sudo wiretrustee service start ip a ``` Can you confirm if both runs of the ``ip a`` returns the wt0 interface? Once you are done with the command, you can enable SElinux by running: ``` sudo setenforce 1 ```

saavagebueno commented

@harishpillay commented on GitHub (Nov 9, 2021):

# ip a s wt0
22: wt0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500
    link/none 
    inet 100.64.0.6/24 brd 100.64.0.255 scope global wt0
       valid_lft forever preferred_lft forever
    inet6 fe80::c955:3d5e:bf0b:41b2/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever
# wiretrustee service stop
Wiretrustee service has been stopped
# setenforce 0
# wiretrustee service start
Wiretrustee service has been started
# ip a s wt0
23: wt0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500
    link/none 
    inet 100.64.0.6/24 brd 100.64.0.255 scope global wt0
       valid_lft forever preferred_lft forever
    inet6 fe80::9190:f0f6:42b3:c60b/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever

still not pinging and the log has the same error messages.

@harishpillay commented on GitHub (Nov 9, 2021): ``` # ip a s wt0 22: wt0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500 link/none inet 100.64.0.6/24 brd 100.64.0.255 scope global wt0 valid_lft forever preferred_lft forever inet6 fe80::c955:3d5e:bf0b:41b2/64 scope link stable-privacy valid_lft forever preferred_lft forever # wiretrustee service stop Wiretrustee service has been stopped # setenforce 0 # wiretrustee service start Wiretrustee service has been started # ip a s wt0 23: wt0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500 link/none inet 100.64.0.6/24 brd 100.64.0.255 scope global wt0 valid_lft forever preferred_lft forever inet6 fe80::9190:f0f6:42b3:c60b/64 scope link stable-privacy valid_lft forever preferred_lft forever ``` still not pinging and the log has the same error messages.

saavagebueno commented