(Kali) Can't create GVM user, throws an error "Failed to create user: Invalid characters in user name"

@JhonezTI sounds like bug in kali library. you should file bug report in kali bug tracker.

Eero

I confirm having the exact same problem on an old install that’s been running for years. The updates from a couple of days before broke something. The webgui sends an empty string instead of the username, hence the “Authentication failure for ‘’ from x.x.x.x” warning in /var/log/gvm/gsad.log.
Creating a new user shows the exact same problems as described above.
I’ve run into an old thread from ~2020 that mentioned a double quoting issue when sending the username to the app server. Could this be the same problem?

Are you sure it’s Kali the real culprit?

We didn’t change any codeline in this regard. Containers, source build and enterprise version are still working fine. It must be an issue in Kali. It’s caused by a regex not working as before that is in our code for years. Personally I would bet for an undesired change in glib.

1 Like

I’ve noticed a few threads in the Kali Bug Tracker regarding this issue as well. It looks indeed like a string manipulation problem.

If it’s glib, shouldn’t more packages get broken really nasty? I mean the problem should have gotten noticed by a lot of people…

It could possibly be an escaping issue but in that case some implicit behavior must have changed. Somebody could just try to install an older glib version.

1 Like

Maybe you could link-up with the Kali guys, someone suggested gsad or one of its components:
https://bugs.kali.org/view.php?id=7926
I’ll cross reference this thread in the Kali thread as well.

The warning is raised in https://raw.githubusercontent.com/greenbone/gvmd/v21.4.5/src/manage_sql.c line 51281 because the validate_username function two lines before fails.

The validate_username function can be founde at https://github.com/greenbone/gvmd/blob/v21.4.5/src/manage.c#L6179 which actually only calls a glib regexp function.

validate_username (const gchar * name)
{
  if (g_regex_match_simple ("^[[:alnum:]-_.]+$", name, 0, 0))
    return 0;
  else
    return 1;
}

that’s it. If somebody finds a culprit here I am happy to fix it.

4 Likes

One additional thing to check could be also using a standard bash shell and a standard terminal:

AFAICT Kali used a highly customized ZSH shell with additional modifications etc., this could also send wrong data (e.g. some additional chars not matching that regex) or similar which could cause this issue.

The same happen on a standard Debian testing with bash so this seems to be not the case.

I’m not able to put any more work / time into triaging which updated package is causing this but if a community member wants to go down the rabbit hole maybe try to install Kali Linux 2022.2 and then update every package from 2022.3 step-wise to determine which updated package had caused this problem.

2 Likes

really now?
Can we have an official response from KALI LINUX Support Team?

@Panos,

No, they need time to investigate, while also handling multiple other things related to maintaining a distribution. They have received bug report(s), but repeated pinging or asking for status updates or responses (here or Kali directly) will not help the situation or speed up the resolution. Thank you for understanding.

1 Like

Thank you for your response as well; an estimated fix time would certainly help though…

A quick general note:

If you have reported on the Kali Bug Tracker (or planning to) please keep it technical and related to facts on the software and that specific issue only. A bug tracker is generally different than a forum or a general support channel (and has a different style of conversation). Here are some hints from Kali on how you can make your bug report useful for them:

In turn, when you submit a bug, or follow up to an existing bug report, they may need more information from you or request your help in testing proposed solutions (many times that’s not needed, but it’s good to be prepared for that case).

Also, Kali is volunteer-driven and developed, which is important to keep in mind when reporting issues. :slight_smile:

Thanks!

3 Likes

Bjorn, you were right on the spot! The Kali team confirmed the issue in glib =)))

""I confirm the issue. It seems to be caused by the package libglib2.0-0 version 2.73.3-3. If I re-installed the previous version 2.72.3-1, it fixes the issue. To re-install the old version is not a valid fix (it removes several packages depending on the latest version and it may create other issues). I will work on a real fix.""
3 Likes

Update: it’s been acknowledged and reproduced by the package maintainer in the Kali Team. From this point they are fully in the lead. But typically there are a couple of paths to resolution (I can’t speak for this specific instance yet):

they are able to fix it on their end - or -
they have to contact additional projects for further information/investigation
(sometimes it’s both cases)

There is probably no ETA until they say there is one, and in the meantime what we can do is follow any recommendations they have and be available if they have followup questions. Thanks! :slight_smile:

Reference: 0007926: Unable to log in to greenbone after full upgrade and reboot - Kali Linux Bug Tracker

2 Likes

And always please be patient and respectful with the maintainers. They are doing the maintenance for free for you. If you don’t have a service level agreement with someone they don’t owe you anything. This things are hard to tackle and may happen every time.

So after this gets fixed please leave them a a big thank you message in the bug tracker!

5 Likes

A bug report about this issue created for the glib project / team is now available here:

2 Likes

OMG! I’ve been battling this too all week! My update failed, so I started over. Fresh new Kali server, fresh new GVM, and no user possible. Thanks all for proving I’m not nuts!
(guess i didn’t need to rebuild those last three servers trying to find out what I did wrong)
I will try to monitor DeeAnn’s latest link to 0007926.

Some additional recent info (IIUC so no guarantee for correctness/completeness):

  • GLib seems to have recently switched from PCRE to PCRE2 (in GLib version 2.73.2/2.73.3, see replace pcre1 with pcre2 (!2529) · Merge requests · GNOME / GLib · GitLab)
  • At least one previously PCRE compatible regex used in gvmd (for the user name validation functionality) is now not compatible with the newly introduced PCRE2 functionality
  • For the Greenbone Community Edition currently only the latest Debian stable version (currently: 11) is AFAIK supported which doesn’t ship this newer GLib version and thus seems to be not affected

What i have seen so far is:

1 Like

All hail to the guys @ Kali, they figured things out really quickly! Now GVM works again.
Big thanks to this community as well, really great people here.

2 Likes