You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Mark Thomas (Jira)" <ji...@apache.org> on 2022/11/22 19:11:00 UTC
[jira] [Resolved] (DAEMON-450) Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted two ACLs
[ https://issues.apache.org/jira/browse/DAEMON-450?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mark Thomas resolved DAEMON-450.
--------------------------------
Fix Version/s: 1.3.3
Resolution: Fixed
Thanks for the proposed patch and the information on the leaks.
> Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted two ACLs
> -------------------------------------------------------------------------------------
>
> Key: DAEMON-450
> URL: https://issues.apache.org/jira/browse/DAEMON-450
> Project: Commons Daemon
> Issue Type: Bug
> Components: prunsrv
> Affects Versions: 1.3.2
> Environment: Windows 7 SP1 x64
> Apache Tomcat 9.0.69 x86 (zip-dist)
>
> Reporter: Norimasa Yamamoto
> Priority: Major
> Fix For: 1.3.3
>
>
> Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted two ACLs.
> Repro at Tomcat9 directory on Admin Command Prompt (not Admin PowerShell).
> > ren logs logs1
> > md logs
> > icacls logs
> logs NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
> NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
> BUILTIN\Administrators:(I)(OI)(CI)(F)
> BUILTIN\Users:(I)(OI)(CI)(M)
> > bin\tomcat9.exe //US/Tomcat9
> > icacls logs
> logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
> NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
> BUILTIN\Administrators:(I)(OI)(CI)(F)
> BUILTIN\Users:(I)(OI)(CI)(M)
> > bin\tomcat9.exe //US/Tomcat9
> > icacls logs
> logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
> NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
> BUILTIN\Administrators:(I)(OI)(CI)(F)
> BUILTIN\Users:(I)(OI)(CI)(M)
> > for /l %i in (1,0,1) do bin\tomcat9.exe //US/Tomcat9
> : (...after 1000-2000 times...)
> [2022-11-18 17:46:20] [warn] [ 2456] Failed to grant service user 'NT AUTHORITY\LocalService' write permissions to log path '<full/path/to/tomcat9>\logs' due to error '1340: The inherited access control list (ACL) or access control entry (ACE) could not be built.'
> :
> > icacls logs
> logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\LOCAL SERVICE:(RX,W)
> :
> NT AUTHORITY\LOCAL SERVICE:(RX,W)
> NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
> NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
> NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
> BUILTIN\Administrators:(I)(OI)(CI)(F)
> BUILTIN\Users:(I)(OI)(CI)(M)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)