[jira] [Commented] (DAEMON-450) Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted two ACLs

Tue, 22 Nov 2022 10:02:08 -0800 


    [ 
https://issues.apache.org/jira/browse/DAEMON-450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17637393#comment-17637393
 ] 

Mark Thomas commented on DAEMON-450:
------------------------------------

The original report was for Windows 7 which is no longer supported.

This behaviour is not observed with a fully patched Windows 8.1 or fully 
patched Windows 10. I can repeat this with Windows Server 2012.

I'll take a look at the proposed patch.

> Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted 
> two ACLs
> -------------------------------------------------------------------------------------
>
>                 Key: DAEMON-450
>                 URL: https://issues.apache.org/jira/browse/DAEMON-450
>             Project: Commons Daemon
>          Issue Type: Bug
>          Components: prunsrv
>    Affects Versions: 1.3.2
>         Environment: Windows 7 SP1 x64
> Apache Tomcat 9.0.69 x86 (zip-dist)
>  
>            Reporter: Norimasa Yamamoto
>            Priority: Major
>
> Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted 
> two ACLs.
> Repro at Tomcat9 directory on Admin Command Prompt (not Admin PowerShell).
> > ren logs logs1
> > md logs
> > icacls logs
> logs NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
>      NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
>      BUILTIN\Administrators:(I)(OI)(CI)(F)
>      BUILTIN\Users:(I)(OI)(CI)(M)
> > bin\tomcat9.exe //US/Tomcat9
> > icacls logs
> logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
>      NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
>      BUILTIN\Administrators:(I)(OI)(CI)(F)
>      BUILTIN\Users:(I)(OI)(CI)(M)
> > bin\tomcat9.exe //US/Tomcat9
> > icacls logs
> logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
>      NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
>      BUILTIN\Administrators:(I)(OI)(CI)(F)
>      BUILTIN\Users:(I)(OI)(CI)(M)
> > for /l %i in (1,0,1) do bin\tomcat9.exe //US/Tomcat9
>   : (...after 1000-2000 times...)
> [2022-11-18 17:46:20] [warn]  [ 2456] Failed to grant service user 'NT 
> AUTHORITY\LocalService' write permissions to log path 
> '<full/path/to/tomcat9>\logs' due to error '1340: The inherited access 
> control list (ACL) or access control entry (ACE) could not be built.'
>   :
> > icacls logs
> logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\LOCAL SERVICE:(RX,W)
>   :
>      NT AUTHORITY\LOCAL SERVICE:(RX,W)
>      NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
>      NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
>      NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
>      BUILTIN\Administrators:(I)(OI)(CI)(F)
>      BUILTIN\Users:(I)(OI)(CI)(M)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to