View Issue Details

IDProjectCategoryView StatusLast Update
0008024Kali LinuxKali Package Bugpublic2023-01-05 04:39
ReporterX0RW3LL Assigned Toarnaudr  
PrioritylowSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Product Version2022.3 
Summary0008024: kali-tweaks crashes on unhandled UnicodeDecodeError
Description

kali-tweaks will crash when selecting the Hardening screen. Reason being that the samba helper script [kali-tweaks/helpers/samba] will call assert_config_file_valid() on line 36 (https://gitlab.com/kalilinux/packages/kali-tweaks/-/blob/kali/master/helpers/samba#L36), which in turn calls testparm /etc/samba/smb.conf --suppress-prompt

The real issue here is that testparm will return improperly encoded bytes that Python's not handling gracefully in the run command.
We've gone through the relevant functions and helper scripts for kali-tweaks to verify it wasn't a bug with the package itself, but rather how it handled the UnicodeDecodeError exception.

Many thanks to Arszilla for helping out with this, and the team for their consideration

Steps To Reproduce

1) Pull the latest package upgrades
sudo apt update && sudo apt upgrade
2) Run kali-tweaks from terminal, and select the Hardening screen
kali-tweaks > hardening

Additional Information

#################################################################################
$ kali-tweaks # followed by selecting Hardening
Traceback (most recent call last):
File "/usr/bin/kali-tweaks", line 33, in <module>
sys.exit(load_entry_point('kali-tweaks==2022.4.0', 'console_scripts', 'kali-tweaks')())
File "/usr/lib/python3/dist-packages/kali_tweaks/main.py", line 1108, in main
do_main_screen()
File "/usr/lib/python3/dist-packages/kali_tweaks/main.py", line 1099, in do_main_screen
ret = func()
File "/usr/lib/python3/dist-packages/kali_tweaks/main.py", line 870, in do_hardening_screen
config = SambaSetting().load()
File "/usr/lib/python3/dist-packages/kali_tweaks/settings/samba.py", line 24, in load
value = self.get_client_min_protocol()
File "/usr/lib/python3/dist-packages/kali_tweaks/settings/samba.py", line 45, in get_client_min_protocol
res = run(cmd)
File "/usr/lib/python3/dist-packages/kali_tweaks/utils.py", line 121, in run
return _run(cmd, kwargs)
File "/usr/lib/python3/dist-packages/kali_tweaks/utils.py", line 112, in _run
res = subprocess.run(cmd, capture_output=(not interactive), shell=True, text=True)
File "/usr/lib/python3.10/subprocess.py", line 503, in run
stdout, stderr = process.communicate(input, timeout=timeout)
File "/usr/lib/python3.10/subprocess.py", line 1152, in communicate
stdout, stderr = self._communicate(input, endtime, timeout)
File "/usr/lib/python3.10/subprocess.py", line 2045, in _communicate
stderr = self._translate_newlines(stderr,
File "/usr/lib/python3.10/subprocess.py", line 1029, in _translate_newlines
data = data.decode(encoding, errors)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd6 in position 28: invalid continuation byte
#################################################################################
$ testparm /etc/samba/smb.conf --suppress-prompt
Load smb config files from �R/�U
Error loading services.
#################################################################################
$ uname -a
Linux FX7 5.19.0-kali2-amd64 0000001 SMP PREEMPT_DYNAMIC Debian 5.19.11-1kali2 (2022-10-10) x86_64 GNU/Linux
#################################################################################
$ cat /etc/os-release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2022.3"
VERSION_ID="2022.3"
VERSION_CODENAME="kali-rolling"
ID_LIKE=debian
ANSI_COLOR="1;31"
HOME_URL="https://www.kali.org/&quot;
SUPPORT_URL="https://forums.kali.org/&quot;
BUG_REPORT_URL="https://bugs.kali.org/&quot;
#################################################################################
$ apt policy kali-tweaks
kali-tweaks:
Installed: 2022.4.0
Candidate: 2022.4.0
Version table:
** 2022.4.0 500
500 https://kali.download/kali kali-rolling/main amd64 Packages
500 https://kali.download/kali kali-rolling/main i386 Packages
100 /var/lib/dpkg/status
#################################################################################
$ apt policy samba
samba:
Installed: 2:4.16.5+dfsg-2+b1
Candidate: 2:4.16.5+dfsg-2+b1
Version table:
2:4.16.5+dfsg-2+b1 500
500 https://kali.download/kali kali-rolling/main amd64 Packages
100 /var/lib/dpkg/status
#################################################################################

Activities

X0RW3LL

X0RW3LL

2022-10-26 11:32

reporter   ~0017003

Update: testparm will display this issue when /etc/samba/smb.conf is explicitly passed as an argument. Since testparm will pull configs from that location by default without explicit paths, we can use a workaround where we rely on the implicit location instead.

Proposed changes for kali-tweaks/helpers/samba lines 43 and 45 are as follows:
Remove the $SAMBA_CONFIG variable
#######################################################################
Line 43: https://gitlab.com/kalilinux/packages/kali-tweaks/-/blob/kali/master/helpers/samba#L43

  • if ! testparm $SAMBA_CONFIG --suppress-prompt >/dev/null 2>&1; then
  • if ! testparm --suppress-prompt >/dev/null 2>&1; then
    #######################################################################
    Line 45: https://gitlab.com/kalilinux/packages/kali-tweaks/-/blob/kali/master/helpers/samba#L45
  • testparm $SAMBA_CONFIG --suppress-prompt
  • testparm --suppress-prompt
    #######################################################################
arnaudr

arnaudr

2022-10-26 14:52

manager   ~0017004

Last edited: 2022-10-26 14:53

Thanks for reporting! The variables SAMBA_CONFIG is needed for unit tests, where we don't use the default location /etc/samba/smb.conf. So we can't remove it.

The bug is really new. I tested and couldn't reproduce it. Then I upgraded the system:

<pre>
The following packages will be upgraded:
blueman catfish dirmngr ethtool firefox-esr fonts-urw-base35 gdisk gir1.2-nm-1.0 gnupg gnupg-l10n gnupg-utils gpg
gpg-agent gpg-wks-client gpg-wks-server gpgconf gpgsm gpgv gsfonts gstreamer1.0-plugins-good keyboard-configuration
libde265-0 libedit2 libfaad2 libflite1 libfuse2 libglu1-mesa libigdgmm12 libmfx1 libmysofa1 libnm0 libopenmpt0 libpopt0
libsndfile1 libsoup-3.0-0 libsoup-3.0-common libspeechd2 libtheora0 man-db network-manager opensc opensc-pkcs11
pinentry-curses pinentry-gnome3 python-apt-common python3-apt python3-speechd python3-webencodings runit-helper
speech-dispatcher speech-dispatcher-audio-plugins speech-dispatcher-espeak-ng xbitmaps
</pre>

And then I could reproduce the bug. At first glance, it's not easy to see what package is guilty... However:

<pre>
┌──(kali㉿kali)-[~]
└─$ ldd /usr/bin/testparm | grep libpopt
libpopt.so.0 => /lib/x86_64-linux-gnu/libpopt.so.0 (0x00007f9b8aa87000)

┌──(kali㉿kali)-[~]
└─$ apt show libpopt0
[...]
Description: lib for parsing cmdline parameters
[...]
</pre>

Surely that's where the regression comes from. I opened an issue on the Debian bugtracker: https://bugs.debian.org/1022826

X0RW3LL

X0RW3LL

2022-10-26 18:36

reporter   ~0017005

Thank you so much, arnaudr!

Yeah, I thought the workaround was a long shot, but now I'm really curios as to how you got to the point of locating the exact package/library that caused this. Only if you have the time to share your thought process though!

I've never submitted any bug reports outside of here tbh, so it's a bit of a learning curve for me. I really appreciate you doing this <3 Many thanks!

arnaudr

arnaudr

2022-10-27 01:30

manager   ~0017006

Last edited: 2022-10-27 01:32

how you got to the point of locating the exact package/library that caused this

I was just lucky :) I picked up a one week-old Kali VM, the bugs didn't manifest, I upgraded it, and the bug was there. So the bug was introduced by one of the packages that were pulled in by the upgrade (list above). Then I just had to find which package was related to testparm.

"testparm" is provided by samba-common-bin (you can see that with "apt-file search bin/testparm"), then I looked at the dependencies for samba-common-bin (with "apt show samba-common-bin"), compared that with the packages that were upgraded. libpopt0 was the only one that I spot. I could confirm that testparm links against libpopt with "ldd /usr/bin/testparm | grep libpopt". Plus, libpopt is a library to parse cmdline arguments, and that's exactly the problem that we have here, testparm chokes if we pass it a config file in argument.

But if I didn't have a (rather short) list of packages that were brought in by the "apt full-upgrade" command, it would have been much harder to find out.

arnaudr

arnaudr

2022-10-27 01:47

manager   ~0017007

Anyway, so a new version of Samba was uploaded to Debian unstable, it should be in Kali at some point next week.

Ideally, kali-tweaks should handle this kind of unexpected errors more gracefully, and a setting that is not functional should just be greyed out, or something like that. I opened an issue for that: https://gitlab.com/kalilinux/packages/kali-tweaks/-/issues/36

arnaudr

arnaudr

2022-10-27 02:06

manager   ~0017008

And finally, I just released kali-tweaks 2022.4.1 with the workaround that you mentioned (ie. not giving a config file to testparm). Should land in Kali rolling in a day or so, I'll keep an eye on it.

Thanks again for the detailed report!

X0RW3LL

X0RW3LL

2022-10-27 05:20

reporter   ~0017010

Awesome! That's exactly what I was looking for!
Thank you so much for taking the time to share your thought process, arnaudr :)

kali-tweaks has been one of my favorite tools for quickly managing configs, so many thanks for such a great solution!

Issue History

Date Modified Username Field Change
2022-10-26 11:05 X0RW3LL New Issue
2022-10-26 11:32 X0RW3LL Note Added: 0017003
2022-10-26 14:52 arnaudr Note Added: 0017004
2022-10-26 14:53 arnaudr Note Edited: 0017004
2022-10-26 14:53 arnaudr Note Edited: 0017004
2022-10-26 18:36 X0RW3LL Note Added: 0017005
2022-10-27 01:30 arnaudr Note Added: 0017006
2022-10-27 01:32 arnaudr Note Edited: 0017006
2022-10-27 01:47 arnaudr Note Added: 0017007
2022-10-27 02:06 arnaudr Note Added: 0017008
2022-10-27 02:06 arnaudr Assigned To => arnaudr
2022-10-27 02:06 arnaudr Status new => assigned
2022-10-27 05:20 X0RW3LL Note Added: 0017010
2023-01-05 04:39 arnaudr Status assigned => resolved
2023-01-05 04:39 arnaudr Resolution open => fixed