Re: Bug with initDB under windows 2003 - Mailing list pgsql-hackers
From | dror |
---|---|
Subject | Re: Bug with initDB under windows 2003 |
Date | |
Msg-id | BAY124-W116B0FA104CD76959B548AF9400@phx.gbl Whole thread Raw |
In response to | Bug with initDB under windows 2003 ("dror bar" <dror_b@hotmail.com>) |
Responses |
Re: Bug with initDB under windows 2003
|
List | pgsql-hackers |
Hi Magnus,<br /> <br /> Magnus Wrote:<br /> > I'd be interested in seeing the output from the command:<br />> Subinacl /service NULL<br/>> <br />> On a system where this does not work.<br />> <br /> <br /> Here is the outputfor "Subinacl /service NULL"<br /> Both, for the Administrator user and for the Postgres user:<br /> <br /> Postgresuser:<br /> >Subinacl /service NULL<br />SeSecurityPrivilege : Access is denied.<br /> WARNING :Unable to setSeSecurityPrivilege privilege. This privilege may be required.<br />Error OpenSCManager : Access is denied.<br /><br />ElapsedTime: 00 00:00:00<br />Done: 0, Modified 0, Failed 0, Syntax errors 0<br /><br /> ----------------------------------------------------------------------------------<br/> Administrator user:<br /> <br />==============<br />+Service NULL<br />==============<br />/control=0x0<br />/owner =system<br />/primary group =system<br />/audit ace count =1<br />/aace =everyone SYSTEM_AUDIT_ACE_TYPE-0x2<br /> FAILED_ACCESS_ACE_FLAG-<font>0x80</font> FAILED_ACCESS_ACE_FLAG-0x0x80<br /> SERVICE_ALL_ACCESS<br />/perm. acecount =6<br />/pace =system ACCESS_ALLOWED_ACE_TYPE-<font>0x0</font><br /> SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8<br /> SERVICE_START-0x10 SERVICE_STOP-0x20 SERVICE_PAUSE_CONTINUE-0x40<br />_INTERROGATE-0x80<br/> READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100<br />/pace =builtin\administrators ACCESS_ALLOWED_ACE_TYPE-<font>0x0</font><br /> SERVICE_ALL_ACCESS<br />/pace =interactive ACCESS_ALLOWED_ACE_TYPE-<font>0x0</font><br /> SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8<br /> SERVICE_INTERROGATE-<font>0x80</font> READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100<br/>/pace =service ACCESS_ALLOWED_ACE_TYPE-<font>0x0</font><br /> SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8<br /> SERVICE_INTERROGATE-<font>0x80</font> READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100<br/>/pace =authenticated users ACCESS_ALLOWED_ACE_TYPE-<font>0x0</font><br /> SERVICE_USER_DEFINED_CONTROL-0x0100<br />/pace =builtin\power users ACCESS_ALLOWED_ACE_TYPE-<font>0x0</font><br/> SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8<br /> SERVICE_START-0x10 SERVICE_STOP-0x20 SERVICE_PAUSE_CONTINUE-0x40<br />_INTERROGATE-0x80<br /> READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100<br /><br />Elapsed Time: 00 00:00:00<br />Done: 1, Modified 0, Failed 0, Syntax errors 0<br />Last Done : NULL<br /> ----------------------------------------------------------------------------------------------------<br/> <br /> As youcan see it failed to set SeSecurityPrivilege privilege for the Postgres user.<br /> Regards<br /> Dror;<br /><br /><br/><br /><br /><br /><br /><hr id="stopSpelling" /><br /> > Subject: Re: [HACKERS] Bug with initDB under windows 2003<br/>> Date: Fri, 18 Aug 2006 14:33:58 +0200<br />> From: mha@sollentuna.net<br />> To: mha@sollentuna.net;kleptog@svana.org; dror_b@hotmail.com<br />> CC: pgsql-hackers@postgresql.org<br />> <br />>> > Have you been able to determine *why* Microsoft made this<br />> > braindead<br />> > > decision? Or where it's documented? Their own knowledgebase is<br/>> > filled<br />> > > with examples of using the device, so I imagine they'll have to<br/>> > post a<br />> > > workaround somewhere...<br/>> > <br />> > AFAIK, nobody has posted any links to information that shows that<br/>> > Microsoft actually *did* change this. I've searched their KB some<br/>> > (including the partner-only one for people with the paid<br/>> > agreements, which contains information about bugs that they don't<br/>> > want to be public), and find nothing about it.<br/>> > <br />> > Unless you can reproduce this on a clean system, I'm definitely<br/>> > inclined to say this is caused by some other piece of software on<br/>> > the machine - firewall, antivirus, antispyware or virus/spyware<br/>> > itself.<br />> <br />> Actually, I've been able to find some more information about this, which<br/>> confirms that the problem is access rights on the NUL device, but it's<br/>> *NOT* set by a MS security patch.<br />><br />> I'd be interested in seeing the output from the command:<br />> Subinacl /service NULL<br />> <br/>> On a system where this does not work.<br />> <br />> (If you get an empty update, make sure you have a version of subinacl<br/>> that corresponds to your windows version)<br/>> <br />> (There are known apps that mess this up, but my NDA prevents me from<br/>> telling you which one(s)...)<br />> <br/>> //Magnus<br />> <br />> <br />> ---------------------------(end of broadcast)---------------------------<br/>> TIP 4: Have you searched our list archives?<br/>> <br />> http://archives.postgresql.org<br /><br /><br/><hr />Be one of the first to try Windows Live Mail. <a href="http://ideas.live.com/programpage.aspx?versionId=5d21c51a-b161-4314-9b0e-4911fb2b2e6d"target="_new">Windows Live Mail.</a>
pgsql-hackers by date: