[Bug 16882] Multiple Windows service processes fail to start/ hang due to missing SECURITY_SERVICE_RID in process token ( Microsoft WMI core 1.5 service, PostgreSQL, AMMYY Admin v3.x)
wine-bugs at winehq.org
wine-bugs at winehq.org
Sat May 19 05:18:13 CDT 2018
https://bugs.winehq.org/show_bug.cgi?id=16882
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Multiple Windows service |Multiple Windows service
|processes fail to |processes fail to
|start/hang due to missing |start/hang due to missing
|SECURITY_SERVICE_RID in |SECURITY_SERVICE_RID in
|process token (Microsoft |process token (Microsoft
|WMI core 1.5 service, |WMI core 1.5 service,
|PostgreSQL) |PostgreSQL, AMMYY Admin
| |v3.x)
--- Comment #14 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
AMMYY Admin v3.0 also needs this (now that bug 32907 is fixed).
The app starts a "helper" service which starts another process via
'CreateProcessAsUser' which exits due to missing SECURITY_LOCAL_SYSTEM_RID in
user token, leading to endless launch loop.
As already said, Windows SCM automatically adds SECURITY_LOCAL_SYSTEM_RID when
starting a service.
--- snip ---
...
0033:Call advapi32.SetTokenInformation(00000088,0000000c,007efdc8,00000004)
ret=0041fbf1
0033:fixme:ntdll:NtSetInformationToken TokenSessionId stub!
0033:Ret advapi32.SetTokenInformation() retval=00000001 ret=0041fbf1
0033:Call advapi32.CreateProcessAsUserW(00000088,00000000,004d17c4
L"\"Z:\\home\\focht\\Downloads\\install\\AA_v3.exe\"",00000000,00000000,00000000,00000000,00000000,00000000,007efdd8,007efe1c)
ret=0041fdab
0033:fixme:advapi:CreateProcessAsUserW 0x88 (null)
L"\"Z:\\home\\focht\\Downloads\\install\\AA_v3.exe\"" (nil) (nil) 0 0x00000000
(nil) (null) 0x7efdd8 0x7efe1c - semi-stub
...
0035:Call KERNEL32.__wine_kernel_init() ret=7bc6cef2
0033:Ret advapi32.CreateProcessAsUserW() retval=00000001 ret=0041fdab
...
0035:Call KERNEL32.ProcessIdToSessionId(00000034,004afd40) ret=00424d80
0035:Ret KERNEL32.ProcessIdToSessionId() retval=00000001 ret=00424d80
...
0035:Call advapi32.OpenProcessToken(ffffffff,00020008,0033f288) ret=0040756f
0035:Ret advapi32.OpenProcessToken() retval=00000001 ret=0040756f
0035:Call
advapi32.GetTokenInformation(00000078,00000001,0033d278,00002000,0033f284)
ret=004075b8
0035:Ret advapi32.GetTokenInformation() retval=00000001 ret=004075b8
0035:Call KERNEL32.CloseHandle(00000078) ret=004075c3
0035:Ret KERNEL32.CloseHandle() retval=00000001 ret=004075c3
0035:Call advapi32.ConvertSidToStringSidA(0033d280,0033f28c) ret=004075f9
0035:Ret advapi32.ConvertSidToStringSidA() retval=00000001 ret=004075f9
0035:Call msvcrt._stricmp(00167d70 "S-1-5-21-0-0-0-1000",004a13a0 "S-1-5-18")
ret=00407610
0035:Ret msvcrt._stricmp() retval=00000001 ret=00407610
...
--- snip ---
The concept of using a helper service to run a process under specified user
identity is demonstrated here:
http://read.pudn.com/downloads178/sourcecode/windows/829566/CreateProcessAsUser.cpp__.htm
--- snip ---
// CreateProcessAsUser.cpp
//
// Written by Valery Pryamikov (1999)
//
// Command line utility that executes a command under specified user identity
// by temporarily installing itself as a service.
//
// Based on Keith Brown's AsLocalSystem utility (http://www.develop.com/kbrown)
// Uses some code from Mike Nelson's dcomperm sample utility
// and from tlist sample (Microsoft Source Code Samples)
//
// Use:
// CreateProcessAsUser.exe [-i[nteractive]]|[-s[ystem]]|
// [-u"UserName" -d"DomainName" -p"Password"]|[-a"AppID"] command
// Command must begin with the process (path to the exe file) to launch
// -i process will be launched under credentials of the
// "Interactive User" (retrieved from winlogon\shell process)
// -a process will be launched under credentials of the user
// specified in "RunAs" parameter of AppID.
// -s process will be launched as local system
// -u -d -p process will be launched on the result token of the
// LogonUser(userName,domainName,password,LOGON32_LOGON_BATCH...)
//
// either (-s) or (-i) or (-a) or (-u -d -p) parameters must supplied
//
// Examples:
// CreateProcessAsUser -s cmd.exe
// CreateProcessAsUser -a"{731A63AF-2990-11D1-B12E-00C04FC2F56F}" winfile.exe
//
--- snip ---
$ sha1sum AA_v3.exe
63c52b0ac68ab7464e2cd777442a5807db9b5383 AA_v3.exe
$ du -sh AA_v3.exe
756K AA_v3.exe
$ wine --version
wine-3.8-128-g8e9ea7a8a1
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list