From 31b8d2868a96425425e7b988cda950e979bb2a12 Mon Sep 17 00:00:00 2001 From: "Lee E. Hinman" Date: Tue, 18 Jun 2024 14:52:45 -0500 Subject: [PATCH] fix merge conflicts --- internal/pkg/agent/install/install_windows.go | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/internal/pkg/agent/install/install_windows.go b/internal/pkg/agent/install/install_windows.go index 09e1d757e56..a8461053191 100644 --- a/internal/pkg/agent/install/install_windows.go +++ b/internal/pkg/agent/install/install_windows.go @@ -81,26 +81,16 @@ func withServiceOptions(username string, groupName string) ([]serviceOpt, error) // // gives user the ability to control the service, needed when installed with --unprivileged or // ReExec is not possible on Windows. -<<<<<<< HEAD func servicePostInstall(ownership utils.FileOwner) error { - if ownership.UID == "" { - // no user, running with LOCAL SYSTEM (do nothing) - return nil -======= -func serviceConfigure(ownership utils.FileOwner) error { // Modify registry to allow logging to eventlog as "Elastic Agent". err := eventlog.InstallAsEventCreate(paths.ServiceName, eventlog.Info|eventlog.Warning|eventlog.Error) if err != nil && !strings.Contains(err.Error(), "registry key already exists") { return fmt.Errorf("unable to create registry key for logging: %w", err) } - // https://learn.microsoft.com/en-us/windows-hardware/drivers/kernel/sddl-for-device-objects - sddl := "D:(A;;GA;;;SY)" + // SDDL_LOCAL_SYSTEM -> SDDL_GENERIC_ALL - "(A;;GA;;;BA)" + // SDDL_BUILTIN_ADMINISTRATORS -> SDDL_GENERIC_ALL - "(A;;GR;;;WD)" + // SDDL_EVERYONE -> SDDL_GENERIC_READ - "(A;;GRGX;;;NS)" // SDDL_NETWORK_SERVICE -> SDDL_GENERIC_READ|SDDL_GENERIC_EXECUTE - if ownership.UID != "" { - sddl += fmt.Sprintf("(A;;GA;;;%s)", ownership.UID) // Ownership UID -> SDDL_GENERIC_ALL ->>>>>>> 6c20730d5c ([windows] if `elastic-agent run` fails, log error to Application EventLog (#4846)) + + if ownership.UID == "" { + // no user, running with LOCAL SYSTEM (do nothing) + return nil } // https://learn.microsoft.com/en-us/windows-hardware/drivers/kernel/sddl-for-device-objects