NetworkManager profiles that use 802.1x authentication, MACsec, or Wi-Fi fail to activate if the wpa_supplicant package is missing
Environment
- Red Hat Enterprise Linux 8
Issue
- Connection profiles that use 802.1x authentication fail to activate.
- Media Control Access Security (MACsec) connections fail to activate.
- NetworkManager logs "device (macsec0): No agents were available for this request"
- Wi-Fi connections fail to activate.
Resolution
1.) Manually install the wpa_supplicant package:
# yum install wpa_supplicant
# systemctl enable wpa_supplicant.service
# systemctl start wpa_supplicant.service
2.) To use a Wi-Fi connection, install the NetworkManager-wifi package:
# yum install NetworkManager-wifi
3.) Restart the NetworkManager service:
# systemctl restart NetworkManager
Root Cause
RHEL requires the wpa_supplicant package to support 802.1x authentication and MACsec. It also requires the NetworkManager-wifi package to connect to a Wi-Fi network.
-
RHEL does not install the wpa_supplicant and NetworkManager-wifi packages when you select the Minimal Install base environment during the RHEL installation.
-
The wpa_supplicant or the NetworkManager-wifi packages have been removed from the system.
Diagnostic Steps
1.) Verify that the wpa_supplicant package is installed:
# yum list installed wpa_supplicant
2.) To use a Wi-Fi connection, verify that the NetworkManager-wifi package is installed:
# yum list installed wpa_supplicant
If these commands do not display the package name and the version, the required packages are not installed.
And the NetworkManager failes after 25 seconds to activate the macsec device.
NetworkManager: <info> device (macsec0): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
NetworkManager: <info> device (macsec0): carrier: link connected
NetworkManager: <info> audit: op="connection-add" uuid="b152d4c8-7aae-4e8a-9a00-8e66417c6fe0" name="macsec0" pid=5474 uid=0 result="success"
NetworkManager: <info> device (macsec0): state change: unavailable -> disconnected (reason 'none', sys-iface-state: 'managed')
NetworkManager: <info> policy: auto-activating connection 'macsec0' (b152d4c8-7aae-4e8a-9a00-8e66417c6fe0)
NetworkManager: <info> device (macsec0): Activation: starting connection 'macsec0' (b152d4c8-7aae-4e8a-9a00-8e66417c6fe0)
NetworkManager: <info> device (macsec0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
NetworkManager: <info> device (macsec0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
NetworkManager: <info> device (macsec0): Activation: connection 'macsec0' has security, but secrets are required.
NetworkManager: <info> device (macsec0): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
NetworkManager: <info> device (macsec0): state change: need-auth -> prepare (reason 'none', sys-iface-state: 'managed')
NetworkManager: <info> device (macsec0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
NetworkManager: <info> device (macsec0): Activation: connection 'macsec0' requires no security. No secrets needed.
NetworkManager: <warn> device (macsec0): Activation: (macsec) association took too long.
NetworkManager: <info> device (macsec0): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
NetworkManager: <warn> device (macsec0): Activation: (macsec) asking for new secrets
NetworkManager: <warn> device (macsec0): No agents were available for this request.
NetworkManager: <info> device (macsec0): state change: need-auth -> failed (reason 'no-secrets', sys-iface-state: 'managed')
NetworkManager: <warn> device (macsec0): Activation: failed for connection 'macsec0'
NetworkManager: <info> device (macsec0): state change: failed -> disconnected (reason 'none', sys-iface-state: 'managed')
NetworkManager: <info> device (macsec0): state change: disconnected -> unmanaged (reason 'user-requested', sys-iface-state: 'managed')
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments