Unable to find raspberrypi-kernel-headers package

Question

I'm trying to get Wireguard going on my RPi, just to mess around with it. I think I correctly followed the various directions I've seen about how to get up-and-running, but I can't find the raspberrypi-kernel-headers package mentioned in a couple places, so when I install the wireguard package the module can't be built (I think) and is thus unavailable to the kernel when I try to bring up that interface. I've tried various apt search commands to see if the package name has changed, and see no indication in my reading that it would be in some optional repository. Here's my version info:

# uname -a
Linux raspberrypi 5.4.72-v7l+ #1356 SMP Thu Oct 22 13:57:51 BST 2020 armv7l GNU/Linux

Here's the sum of my various sources.list type files:

# cat /etc/apt/sources.list /etc/apt/sources.list.d/*.list
deb http://raspbian.raspberrypi.org/raspbian/ buster main contrib non-free rpi
# Uncomment line below then 'apt-get update' to enable 'apt-get source'$ apt search raspberrypi-kernel-headers

Sorting... Done Full Text Search... Done

deb-src http://raspbian.raspberrypi.org/raspbian/ buster main contrib non-free rpi
deb http://deb.debian.org/debian/ unstable main
deb http://httpredir.debian.org/debian buster-backports main contrib non-free
#deb http://archive.raspberrypi.org/debian/ buster main
# Uncomment line below then 'apt-get update' to enable 'apt-get source'
#deb-src http://archive.raspberrypi.org/debian/ buster main

I'm not the sharpest tool in the shed, but I think that uncommented deb-src line with "rpi" at the end should make kernel sources available to me. I must be missing something.

edit in response to comments:

Lack of a raspberrypi-kernel-headers package:

$ apt search raspberrypi-kernel-headers
Sorting... Done
Full Text Search... Done

Why "I think" the module isn't built: One, one of the things I read indicated the wireguard module automatically on install. Two, I don't have the necessary headers (see apt search result above). Taken together, it seems highly unlikely that I have a workable wireguard module.

/lib/modules directory contents:

$ ls /lib/modules
5.4.72+  5.4.72-v7+  5.4.72-v7l+  5.4.72-v8+

I'm not sure quite what to look for, but uname -a suggests I should poke around in 5.4.72-v7l+, so I tried that:

$ find /lib/modules/5.4.72-v7l+/ -type f | xargs egrep -li wireguard | wc -l
0

Similarly, I don't find "wg" or "wireguard" in any of the filenames. https://upcloud.com/community/tutorials/get-started-wireguard-vpn/ $ find /lib/modules/5.4.72-v7l+/ -type f | egrep -i 'wireguard|wg' | wc -l 0

Just for completeness, here's the output I get when trying to start the wireguard module. Rereading the output, I get the impression there is a wireguard module to load, but it doesn't load properly.

# systemctl status wg-quick@wg0.service | cat
● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
   Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sun 2021-01-17 08:21:00 CST; 1 day 4h ago
     Docs: man:wg-quick(8)
           man:wg(8)
           https://www.wireguard.com/
           https://www.wireguard.com/quickstart/
           https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
           https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
 Main PID: 451 (code=exited, status=1/FAILURE)
Jan 17 08:21:00 raspberrypi systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Jan 17 08:21:00 raspberrypi wg-quick[451]: [#] ip link add wg0 type wireguard
Jan 17 08:21:00 raspberrypi wg-quick[451]: Error: Unknown device type.
Jan 17 08:21:00 raspberrypi wg-quick[451]: Unable to access interface: Protocol not supported
Jan 17 08:21:00 raspberrypi wg-quick[451]: [#] ip link delete dev wg0
Jan 17 08:21:00 raspberrypi wg-quick[451]: Cannot find device "wg0"
Jan 17 08:21:00 raspberrypi systemd[1]: wg-quick@wg0.service: Main process exited, code=exited, status=1/FAILURE
Jan 17 08:21:00 raspberrypi systemd[1]: wg-quick@wg0.service: Failed with result 'exit-code'.
Jan 17 08:21:00 raspberrypi systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.

I checked out the wg-quick@wg0.service file and decided to try explicitly up'ing the service:

# wg-quick up wg0
[#] ip link add wg0 type wireguard
Error: Unknown device type.
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"

Sure enough, there is no /dev/wg0. I don't recall seeing an explicit command to "makedev /dev/wg0" (or whatever modern Linux device creation incantation is). Is that maybe all that's wrong? I don't see a makedev command on my system. apt search shows me there is a makedev package, but that it's not installed. Install and start from scratch? (It never occurred to me that something as basic as makedev wouldn't simply be part of the standard suite of admin tools.)

Thanks to the other commenters for the references to Git and pivpn. I'll check them out if I'm completely unsuccessful trying the normal route.

Thanks GAD3R. I am much further along. The raspberrypi-kernel-headers are installed and I see a module:

# uname -a
Linux raspberrypi 5.4.83-v7l+ #1379 SMP Mon Dec 14 13:11:54 GMT 2020 armv7l GNU/Linux
# find /lib/modules/5.4.83-v7l+ -type f  | xargs egrep -li wireguard
/lib/modules/5.4.83-v7l+/kernel/net/wireguard.ko

Executing

systemctl enable wg-quick@wg0

runs with no output, but modprobe complains

# modprobe wireguard
modprobe: FATAL: Module wireguard not found in directory /lib/modules/5.4.83-v7l+

The location of the .ko file seems a little odd. There are no other .ko files at that level, just directories containing .ko files.

# ls -ltr /lib/modules/5.4.83-v7l+/kernel/net
total 296
-rw-r--r-- 1 root root 151996 Jan 20 13:35 wireguard.ko
drwxr-xr-x 3 root root   4096 Jan 20 13:40 sunrpc
drwxr-xr-x 3 root root   4096 Jan 20 13:40 bridge
drwxr-xr-x 5 root root   4096 Jan 20 13:40 bluetooth
drwxr-xr-x 2 root root   4096 Jan 20 13:40 batman-adv
...
# ls -ltr /lib/modules/5.4.83-v7l+/kernel/net/ipv4
total 260
-rw-r--r-- 1 root root  6424 Jan  7 09:54 xfrm4_tunnel.ko
-rw-r--r-- 1 root root  9184 Jan  7 09:54 udp_tunnel.ko
-rw-r--r-- 1 root root  8656 Jan  7 09:54 tunnel4.ko
-rw-r--r-- 1 root root  6096 Jan  7 09:54 tcp_westwood.ko
-rw-r--r-- 1 root root  7980 Jan  7 09:54 tcp_htcp.ko
-rw-r--r-- 1 root root  6152 Jan  7 09:54 tcp_diag.ko
-rw-r--r-- 1 root root  8140 Jan  7 09:54 tcp_bic.ko
-rw-r--r-- 1 root root 13428 Jan  7 09:54 tcp_bbr.ko
-rw-r--r-- 1 root root 17080 Jan  7 09:54 ip_vti.ko
-rw-r--r-- 1 root root 28112 Jan  7 09:54 ip_tunnel.ko
-rw-r--r-- 1 root root 15232 Jan  7 09:54 ipip.ko
-rw-r--r-- 1 root root 31008 Jan  7 09:54 ip_gre.ko

Messing around with kernel functionality takes me way out of my depth, and I have no good install to compare it with. FWIW, I am looking at this how-to page.

Answer 1

Installing the kernel headers

Your /etc/apt/sources.list.d/raspi.list is misconfigurated , you should have

deb http://archive.raspberrypi.org/debian/ buster main

(which provide the raspberrypi-kernel-headers package.)

instead of :

deb http://deb.debian.org/debian/ unstable main

(debian unstable repository, it will break your system if an apt-preferences file isn't set correctly.) There is no raspberrypi-kernel-headers package in this debian repository which explain why apt search return nothing.

Then run:

sudo apt update
apt policy raspberrypi-kernel-headers

sample output:

  raspberrypi-kernel-headers:
  Installed: (none)
  Candidate: 1.20210108-1
  Version table:
     1.20210108-1 500
        500 http://archive.raspberrypi.org/debian buster/main armhf Packages

Install it:

sudo apt install raspberrypi-kernel-headers

Installing WireGuard and loading the kernel module

Append testing to your sources repositories:

printf "%s\n" "deb http://archive.raspbian.org/raspbian testing main" | \
sudo tee  /etc/apt/sources.list.d/testing.list

important: Create a preferences file:

cat <<EOF | sudo tee /etc/apt/preferences.d/testing-preferences
Package: *
Pin: release a=testing
Pin-Priority: 50
EOF

Install dkms and wireguard:

sudo apt update
sudo apt install dkms
sudo apt install wireguard

The package wireguard is only available from testing, the kernel module should built correctly through dkms.

Loding the kernel module (-v = with verbosity):

sudo modprobe -v wireguard

sample output:

insmod /lib/modules/5.4.83-v7+/kernel/net/ipv4/udp_tunnel.ko 
insmod /lib/modules/5.4.83-v7+/kernel/net/ipv6/ip6_udp_tunnel.ko 
insmod /lib/modules/5.4.83-v7+/kernel/net/wireguard.ko