Hello Katherine, TL;DR: “iw reg set US” correctly set the regulatory region from userland but Guix can't set it just from the kernel.
Katherine Cox-Buday <cox.katherin...@gmail.com> writes: > #+BEGIN_EXAMPLE > [ 8.280462] cfg80211: Loading compiled-in X.509 certificates for > regulatory database > [ 8.282686] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' > [ 8.284394] platform regulatory.0: Direct firmware load for > regulatory.db failed with error -2 > [ 8.284415] cfg80211: failed to load regulatory.db > #+END_EXAMPLE There is three way to make the module cfg80211 load a regulatory database: 1. Baking the DB into the kernel at build time by replacing the kernel's limited DB with the one from 'wireless-regdb' via the option CONFIG_CFG80211_INTERNAL_REGDB¹. 2. Loading the DB at boot time as a signed firmware file (lib/firmware/regulatory.db from 'wirerless-regdb') via the module 'cfg80211'. 3. Doing it in userland with the helper 'crda' trough the utility 'iwd' or its predecesor 'wpa_supplicant'.² >From what I understand and what I tested, only the third method works in Guix System ATM. It could be usefull to also support the first or second method to not depend on the userland setting the wireless regulatory settings. The error you are experiencing come from the second method failing to load the signed firmware file. The issue is that Guix's 'wireless-regdb' is build from source and not just copied as other distribution do, where the provided binary also has a signature which the kernel accept through a built in public key. Our build version isn't signed at all, the commentaries in the definition for the package say Guix don't want to maintain its own key for signing this package, which is understable and state that Guix architecture already provide a similar level of authenticity (I'm not so sure of that part). So this error message should be harmless expected in some less common context, such as having the rootfs on an NFS and using a wireless connection to connect to the NFS server. We could fix that without maintaining keys by baking the DB into the kernel (first method). > #+BEGIN_EXAMPLE > $ find -L /run/current-system -name regulatory.db > /run/current-system/profile/lib/firmware/regulatory.db > #+END_EXAMPLE We don't need the regulatory.db from 'wirelress-regdb' to be in the system profile, instead it should be added to the operating-system's firmware field. And the kernel will find it the directory contained in “/sys/module/firmware_class/parameters/path”. ¹ https://cateee.net/lkddb/web-lkddb/CFG80211_INTERNAL_REGDB.html ² https://wireless.wiki.kernel.org/en/developers/regulatory/crda#changing_regulatory_domains Cheers, - Brice