Hi,
I installed and ran Twingate on Ubuntu 20.04 in Windows WSL2: it works fine.
When I reboot the PC and restart WSL2, the service fails to start with this message:
pmosconi@LAPTOP-2981SPJ4:~$ sudo twingate service-start
Failed to start twingated
Execution returned an error code with the message: No such file or directory (os error 2)
To make Twingate work again I have to remove and reinstall it.
Thanks for helping
paolo
Hi Paolo,
We haven’t seen this issue crop up before.
Do you have any drives/storage mounted “cross-platform” between your windows host and the WSL guest?
The normal location for twingated should be /usr/sbin/twingated - can you confirm whether or not that file is actually missing after a reboot/restart of WSL2?
Hi Arthur,
thanks for your quick reply.
Meanwhile things have gotten worse: Twingate is not restarting even after reinstallation.
pmosconi@LAPTOP-2981SPJ4:~$ sudo twingate service-start
Twingate has been started; user authentication is required for access to Resources
pmosconi@LAPTOP-2981SPJ4:~$ twingate start
Starting Twingate service
Twingate has been started; user authentication is required for access to Resources
Starting UI notifications
It looks like desktop notifications aren't supported in your environment.
You can run `/usr/bin/twingate-notifier console` in order to receive
authentication requests from the Twingate service.
pmosconi@LAPTOP-2981SPJ4:~$ ps -ef | grep twingate
pmosconi 748 9 0 16:33 pts/0 00:00:00 grep --color=auto twingate
pmosconi@LAPTOP-2981SPJ4:~$ /usr/bin/twingate-notifier console
14:34:02 [ERROR] twingate_notifier::notifier::Notifier::start message process error: Connection refused (os error 111)
twingated is located in /usr/sbin as you expected.
I don’t have anything special for storage (Windows storage is mounted on /mnt/c), but I had to disable changes to /etc/resolv.conf to avoid loosing DNS resolution due to a well known wsl2 issue: https://github.com/Microsoft/WSL/issues/1908
Best
paolo
Hi Paolo,
Can you please provide the output of twingate report (will be a ZIP file) - this will give us the full logs and something may make itself obvious.
Hi,
see attached
Thanks
paolo
(Attachment twingate-report_20220718-171706.zip is missing)
Hm. It’s REALLY having trouble starting because we’re not even getting any log output.
Do you get any different output if you try starting the service via sudo systemctl restart twingate
As well, can you provide the output of sudo systemctl status twingate
Hi Arthur,
thanks for helping.
Unfortunately systemctl is not available in wsl2. There are some workarounds, but they seem to do more harm than good.
paolo
Ok, I did some more tests.
Why the service is not starting?
I had done sudo chattr +i /etc/resolv.conf to prevent wsl2 to wipe my dns when rebooting (this is a known issue).
If /etc/resolv.conf is modifiable twingate is able to change it to its 4 name servers and start twingated.
What happens next?
Unfortunately still nothing: twingate_notifier error is still there and no logs are present.
Given that twingate uses systemctl, can logs be missing because systemctl is missing?
I wonder how I made it work once, after the first installation…
A more general question:
Is this really the right approach? Wouldn’t it be possible to route traffic from wsl2 to windows and use twingate resolver there?
Thanks
paolo
The logs should still be generated. Sorry about the SystemCTL question I didn’t realize it wasn’t there by default in WSL2.
In chatting with our internal team, we have actually seen a number of hiccups getting the Linux client to work correctly in a WSL2 guest and if it can work correctly it can often have stability issues. We just haven’t been able to make things fully compatible yet.
It MAY work to run the Windows client on the Windows host and then route traffic from the WSL2 guest through Windows and out to Twingate - however the DNS would be the biggest issue as the client isn’t listening for resolution anywhere but on the Windows machine and theoretically DNS lookups direct from the WSL2 guest against the Windows host would potentially fail.
If you were using strictly IP based resources this would not be an issue.
I want to make some time to reproduce this issue and see if I can find some tweaks that might get you going, but I can’t promise on speed. Hopefully by the end of this week.
If you do attempt the Windows client method, I would love to hear your experience.
I’ll reach out later this week once I’ve had a chance to investigate.
Hi Arthur,
once again thank you very much for your help and support.
In fact I have been using Windows Twingate from wsl2 for IP based resources for months to ssh into ec2 instances via their private address: I just gave it for granted and never thought much about what was really happening under the hood.
(This is really an indication of great software: praise to you!)
I am now trying to reach named based resources and as you previously mentioned it doesn’t work, so I went down the installation route.
I really appreciate you taking the time to reproduce and try to fix this: I’ll get back to updating security groups and the like with my ip address, so I’m in no hurry.
Best regards
paolo
Hi, is there any update on this?
Thanks
paolo