Azure Az CLI install fails on Kali 2021.3

[juushya]

Hello,

Axiom installation attempted on Kali rolling release 2021.3. Package azure-cli is already installed via apt-get install azure-cli.

Please enter your provider (do, linode, ibm, azure, gcp): 
>> azure    
Installing azure az...
Hit:1 http://kali.download/kali kali-rolling InRelease                 
Hit:2 https://packages.microsoft.com/ubuntu/16.04/prod xenial InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
apt-transport-https is already the newest version (2.3.9).
curl is already the newest version (7.74.0-1.3+b1).
gnupg is already the newest version (2.2.27-2).
lsb-release is already the newest version (11.1.0).
The following packages were automatically installed and are no longer required:
  cryptsetup-run gir1.2-gst-plugins-base-1.0 gir1.2-keybinder-3.0 gnome-session-canberra gstreamer1.0-pulseaudio kazam
  libavresample4:i386 libepsilon1 libgdal28 libgeos-3.9.0 libidn11 libisl22 libntfs-3g883 libobjc-9-dev libomp-9-dev
  libomp5-9 libperl5.30 libperl5.30:i386 libpython3.8 libpython3.8-minimal libpython3.8-stdlib librest-0.7-0 libsane
  libsane:i386 libsnmp35 libsnmp35:i386 libstrictures-perl libxml-dom-perl libxml-perl libxml-regexp-perl libyara4
  linux-image-5.9.0-kali2-amd64 python3-humanize python3-ipython-genutils python3-jupyter-core python3-nbformat
  python3-plotly
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 134 not upgraded.
Unable to find a package for your system. Please check if an existing package in https://packages.microsoft.com/repos/azure-cli/dists/ can be used in your system and install with the dist name: 'curl -sL https://aka.ms/InstallAzureCLIDeb | sudo DIST_CODE=<dist_code_name> bash'

[juushya]

@0xtavian Thanks, this new check lets the configuration move ahead. However, Az cli API throws an error next:

Please enter your default region: (Default 'eastus', press enter) 
>>                                                                                                                      
Selected default option 'eastus'
Please enter your default size: (Default 'Standard_B1s)', press enter) 
>>                                                                                                                      
Selected default option 'Standard_B1s'
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code XXX to authenticate.                                                                                                                  
[
  {
    "cloudName": "AzureCloud",
    "homeTenantId": "XXX",
    "id": "XXX",
    "isDefault": true,
    "managedByTenants": [],
    "name": "Visual Studio Enterprise Subscription",
    "state": "Enabled",
    "tenantId": "XXX",
    "user": {
      "name": "newuser@somedomain.onmicrosoft.com", <--- this has Owner role on the subscription
      "type": "user"
    }
  }
]
{
  "id": "/subscriptions/XXX/resourceGroups/axiom",
  "location": "eastus",
  "managedBy": null,
  "name": "axiom",
  "properties": {
    "provisioningState": "Succeeded"
  },
  "tags": null,
  "type": "Microsoft.Resources/resourceGroups"
}
ERROR: CLIInternalError: The command failed with an unexpected error. Here is the traceback:
ERROR: API version 2020-04-01-preview does not have operation group 'role_assignments'
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/knack/cli.py", line 231, in invoke
    cmd_result = self.invocation.execute(args)
  File "/usr/lib/python3/dist-packages/azure/cli/core/commands/__init__.py", line 659, in execute
    raise ex
  File "/usr/lib/python3/dist-packages/azure/cli/core/commands/__init__.py", line 722, in _run_jobs_serially
    results.append(self._run_job(expanded_arg, cmd_copy))
  File "/usr/lib/python3/dist-packages/azure/cli/core/commands/__init__.py", line 714, in _run_job
    return cmd_copy.exception_handler(ex)
  File "/usr/lib/python3/dist-packages/azure/cli/command_modules/role/commands.py", line 69, in graph_err_handler
    raise ex
  File "/usr/lib/python3/dist-packages/azure/cli/core/commands/__init__.py", line 693, in _run_job
    result = cmd_copy(params)
  File "/usr/lib/python3/dist-packages/azure/cli/core/commands/__init__.py", line 330, in __call__
    return self.handler(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/azure/cli/core/__init__.py", line 786, in default_command_handler
    return op(**command_args)
  File "/usr/lib/python3/dist-packages/azure/cli/command_modules/role/custom.py", line 1414, in create_service_principal_for_rbac
    role_client = _auth_client_factory(cmd.cli_ctx).role_assignments
  File "/usr/lib/python3/dist-packages/azure/mgmt/authorization/_authorization_management_client.py", line 196, in role_assignments
    raise ValueError("API version {} does not have operation group 'role_assignments'".format(api_version))
ValueError: API version 2020-04-01-preview does not have operation group 'role_assignments'
To open an issue, please run: 'az feedback'
Please enter your GPG Recipient Email (for encryption of boxes): (optional, press enter) 
>>                      

In case you'd like me to open a new ticket for this, please let me know & I'll do that, or maybe re-open this issue.

Thanks.

[0xtavian]

@juushya just to bypass this error, trying login manually via the CLI before running axiom-account-setup azure. Im not sure why this bug happens but i've been able to get around it by logging in to az manually first. I'll try to see if i can troubleshoot whats exactly happening. Any feedback is welcomed. Reopening until we can figure out a better solution.

[juushya]

@0xtavian I was able to resolve this issue tonight. I found that Microsoft Azure CLI package installation is probably not really considerate of kali rolling release. Only the traditional *nix versions are tested and supported directly. I also tried the Azure-cli package from Kali repo, but it too didn't work.

Here's what I did to fix the issue.

# uname -a 
Linux kali 5.10.0-kali9-amd64 #1 SMP Debian 5.10.46-4kali1 (2021-08-09) x86_64 GNU/Linux

This Kali version is based on Debian stable release - buster. So, I manually set the AZ_REPO env variable to buster and installed the official Microsoft Azure Az cli package.

I've listed the steps below:

sudo apt remove azure-cli -y && sudo apt autoremove -y
sudo apt-get update
sudo apt-get install ca-certificates curl apt-transport-https lsb-release gnupg
curl -sL https://packages.microsoft.com/keys/microsoft.asc |
    gpg --dearmor |
    sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null
export AZ_REPO=buster
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" |
    sudo tee /etc/apt/sources.list.d/azure-cli.list
sudo apt-get update
sudo apt-get install azure-cli

Once this set up completes, I proceed with bash <(curl -s https://raw.githubusercontent.com/pry0cc/axiom/master/interact/axiom-configure) and it works good from there on.

The packer build process runs for a while, and I've noticed a handful of warnings & errors during the run.

Your build completed successfully in 26 minutes! You should run axiom-update && axiom-build weekly to get the latest and greatest updates!                                                                                                      
To initialize an instance, run axiom-init
You may need to restart your shell: /usr/bin/bash

Next, restart the shell - bash, and then:

$axiom-init

Initializing 'morse21'
Initialized instance 'morse21' at '1.3.3.7'!
To connect, run 'axiom-ssh morse21' or 'axiom-connect' 
$ axiom-ssh morse21

 ▄▄▄      ▒██   ██▒ ██▓ ▒█████   ███▄ ▄███▓
▒████▄    ▒▒ █ █ ▒░▓██▒▒██▒  ██▒▓██▒▀█▀ ██▒
▒██  ▀█▄  ░░  █   ░▒██▒▒██░  ██▒▓██    ▓██░
░██▄▄▄▄██  ░ █ █ ▒ ░██░▒██   ██░▒██    ▒██
 ▓█   ▓██▒▒██▒ ▒██▒░██░░ ████▓▒░▒██▒   ░██▒
 ▒▒   ▓▒█░▒▒ ░ ░▓ ░░▓  ░ ▒░▒░▒░ ░ ▒░   ░  ░
  ▒   ▒▒ ░░░   ░▒ ░ ▒ ░  ░ ▒ ▒░ ░  ░      ░

Public IP: 1.3.37 - Instance: morse21

morse21:~:% 

At some point, Kali and / or Microsoft Az cli updates might break stuff. But till then, I hope the steps above will help others.

I've spent some time playing with axiom's different features now, and all are working as expected. 👍

Awesome work, Thanks.!

[0xtavian]

@juushya thanks again, i've implemented a version of what u have above into master. Please let me know if it works for you! :D

[juushya]

@0xtavian I've added a comment on the fix. Have a look - code to check release and assign name

HTH

[0xtavian]

@juushya sorry for the delay. Thanks for the suggestion. Its been merged to master. :)