gufw segfaults on Ubuntu 20.04 and 22.04
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gufw (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
This issue appears to affect both Ubuntu 20.04 and 22.04, while it didn't exist on Ubuntu 18.04 (all with latest updates). XFCE was used as the desktop environment in every case, with connections via xrdp using xorg driver.
The same symptoms are present whether user starts `gufw` via terminal, or via the Firewall Configuration menu entry, as soon as user authenticates via the popup window.
The issue seems to involve pkexec, and one way to fix it seems to be by replacing the following entry in `/usr/bin/gufw`:
```
pkexec gufw-pkexec $c_user
```
with
```
pkexec /usr/bin/
```
Here's a sample error output:
```
student@desktop:~$ gufw
/bin/gufw: line 2: [: too many arguments
Unable to init server: Could not connect: Connection refused
Unable to init server: Could not connect: Connection refused
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gdk-CRITICAL **: 14:10:32.294: gdk_keymap_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.294: _gtk_replace_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.295: _gtk_style_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.295: _gtk_style_
(gufw.py:2076): Gtk-CRITICAL **: 14:10:32.295: _gtk_style_
/bin/gufw-pkexec: line 10: 2076 Segmentation fault (core dumped) python3 ${LOCATIONS[${i}]} $1
```
Thank you!
affects: | launchpad → ubuntu |
affects: | ubuntu → gufw (Ubuntu) |
tags: | added: focal jammy |
Running Kubuntu 22.04.1 LTS, I do *not* have this issue; gufw(8) v22.04.0 starts up properly.
I find the initial output line in the above odd:
/bin/gufw: line 2: [: too many arguments
1st, gufw is in /usr/bin, not /bin (this *may* be a copy-paste mistake?).
2nd, Line 2 of /usr/bin/gufw does not (directly) contain any "["s:
2.1$ $ nl -ba /usr/bin/gufw ld-linux- x86-64. so.2, BuildID[ sha1]=a18184f5d 26fce82fe5ccf84 2d3cf7b9c729030 f, for GNU/Linux 3.2.0, stripped
1 #!/bin/bash
2 c_user=$(whoami)
3 pkexec gufw-pkexec $c_user
2.2$ file $(which whoami)
/usr/bin/whoami: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/
What happens if you run gufw using the bash(1) shell's -x option? I get:
2.3$ $ bash -x $(which gufw)
++ whoami
+ c_user=USER
+ pkexec gufw-pkexec USER
Error executing command as another user: Not authorized
This incident has been reported.
where USER is my username. The "not authorized" is because I cancelled rather than enter my password (for this test, for other tests I entered the password and gufw itself started entirely as expected).