WireGuard fails to build on CentOS 7.1908

Dario Pilori dario.pilori at astrogeo.va.it
Sat Sep 7 09:41:50 CEST 2019

Hi Jason,

In a nutshell, RHEL 7 is a rolling release. Point releases are basically 
moments where several packages are updated at the same time, and these 
updates usually bring bigger changes than standard RHEL updates.

RHEL 7.7 was released on August 6th, and support for RHEL 7.6 was 
immediately dropped. This is almost transparent to RHEL users, since a 
simple 'yum update' would automatically upgrade all packages to latest 
RHEL 7.x release. Only (paying) RHEL customers, with an additional 
support contract, can keep an old RHEL point release for some time.

CentOS does not offer such support contract, therefore as soon as a 
point release is released, the previous one is immediately dropped.

Since CentOS is a recompilation of RHEL, there is a lag (~ several 
months) between RHEL and CentOS releases. The "Continuous-Release" (CR) 
repository is basically a beta version of the next CentOS point release, 
which is based on an already-released RHEL point release. While the CR 
release is not widely used (since it's a development version), it is a 
very faithful representation on what the next official version would be, 
since CentOS is only a mere recompilation of RHEL.

CentOS 7.7.1908 (based on RHEL 7.7) was released on the CR repo on 
August 30th. Usually it stays there for several weeks, then it is 
released with very minor changes. When it happens, the support of CentOS 
7.6.1804 (based on RHEL 7.6) will be immediately dropped, and the update 
to this version will be sent to all CentOS 7 machines.

For the "WireGuard support" perspective, right now it works on latest 
"official" CentOS 7 kernel. I suspect that it doesn't compile on the 
already-released RHEL 7.7, but I don't have a RHEL7 installation where I 
can test it.  However, when CentOS 7.7.1908 (based on RHEL 7.7) will be 
released, which should happen in some weeks, it is highly probable that 
WireGuard will not be compatible with the latest (and only supported) 
RHEL/CentOS 7 kernel.

To answer to your question, I agree with you that it is worth only 
supporting the most recent official RHEL/CentOS kernel, since the CR 
release is meant only for testing. However, "be prepared" that, when 
CentOS 7.7.1908 will be released, it is highly probable that WG will not 
compile on it.


On 07/09/2019 00:47, Jason A. Donenfeld wrote:
> Hey Dario,
> I'm not super familiar with the RHEL release varieties. Maybe you or
> somebody can clarify and help define how we'll approach it?
> What we've done in the past is support whatever the "latest" RHEL
> kernel is. IIRC, 7.6 was released not so long ago, and we did the
> compat.h work on 7.6, and then dropped support for RHEL 7.5. It sounds
> to me like what you're saying now is that 7.6 has already been
> replaced by 7.7? Or there's a stable 7.6 and then an "in-development"
> 7.7 that is rolling? If it's the latter case, do you know if that's
> widely used and worthwhile for us to support?
> In other words, I'm not so sure of the RHEL landscape, but if you make
> a description and argument for what we should support in WireGuard's
> compat layer, as long as it's somewhat reasonable, I'm happy to
> oblige.
> Jason

More information about the WireGuard mailing list