Hi Magnus,
After trying to unlock the nul device using:
Subinacl /service NULL /grant="authenticated users"=QSEILU
It doesn't solve the problem (even after restating the machine)
Here is the new output from running "Subinacl /service NULL" after the change
For Administrator:
==============
+Service NULL
==============
/control=0x0
/owner =system
/primary group =system
/audit ace count =1
/aace =everyone SYSTEM_AUDIT_ACE_TYPE-0x2
FAILED_ACCESS_ACE_FLAG-0x80 FAILED_ACCESS_ACE_FLAG-0x0x80
SERVICE_ALL_ACCESS
/perm. ace count =6
/pace =system ACCESS_ALLOWED_ACE_TYPE-0x0
SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8
SERVICE_START-0x10 SERVICE_STOP-0x20 SERVICE_PAUSE_CONTINUE-0x40 SERVICE
_INTERROGATE-0x80
READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100
/pace =builtin\administrators ACCESS_ALLOWED_ACE_TYPE-0x0
SERVICE_ALL_ACCESS
/pace =interactive ACCESS_ALLOWED_ACE_TYPE-0x0
SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8
SERVICE_INTERROGATE-0x80 READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100
/pace =service ACCESS_ALLOWED_ACE_TYPE-0x0
SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8
SERVICE_INTERROGATE-0x80 READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100
/pace =builtin\power users ACCESS_ALLOWED_ACE_TYPE-0x0
SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8
SERVICE_START-0x10 SERVICE_STOP-0x20 SERVICE_PAUSE_CONTINUE-0x40 SERVICE
_INTERROGATE-0x80
READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100
/pace =authenticated users ACCESS_ALLOWED_ACE_TYPE-0x0
SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4 SERVICE_ENUMERATE_DEPEND-0x8
SERVICE_INTERROGATE-0x80 READ_CONTROL-0x20000 SERVICE_USER_DEFINED_CONTROL-0x0100
Elapsed Time: 00 00:00:00
Done: 1, Modified 0, Failed 0, Syntax errors 0
Last Done : NULL
Anyway,
It obvious that it some kind of permission issue, but even if this command would have solved the problem it is still mean that the installer shell run that command before calling to initDB, in order to validate that the user can run the initDB (as it written today), Or adding limitation\Warning to the user for known issue and suggest the workaround device,
Or
Changing the initDB code that it should test the nul device permission before forwarding output to there
Or
Fix the code as I suggested (but unfortunately rejected by Tom).
Regards
Dror
> Subject: RE: [HACKERS] Bug with initDB under windows 2003
> Date: Mon, 21 Aug 2006 13:26:11 +0200
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]; kleptog@svana.org
> CC: pgsql-hackers@postgresql.org
>
> > > I'd be interested in seeing the output from the command:
> > > Subinacl /service NULL
> > >
> > > On a system where this does not work.
> > >
> >
> > Here is the output for "Subinacl /service NULL"
> > Both, for the Administrator user and for the Postgres user:
>
> Thanks.
>
>
> > Postgres user:
> > >Subinacl /service NULL
> > SeSecurityPrivilege : Access is denied.
> > WARNING :Unable to set SeSecurityPrivilege privilege. This
> > privilege may be required.
> > Error OpenSCManager : Access is denied.
>
> That's quite normal - the postgres user doesn't have permission to open
> the SC Manager to view the permissions, because it's not a Power User.
>
>
> > Administrator user:
>
> This is good. It shows one very clear difference from what I have on a
> working system, which is:
>
> > /pace =authenticated users ACCESS_ALLOWED_ACE_TYPE-0x0
> > SERVICE_USER_DEFINED_CONTROL-0x0100
>
> On my system, I have:
> /pace =authenticated users ACCESS_ALLOWED_ACE_TYPE-0x0
> SERVICE_QUERY_CONFIG-0x1 SERVICE_QUERY_STATUS-0x4
>
> SERVICE_ENUMERATE_DEPEND-0x8
> SERVICE_INTERROGATE-0x80 READ_CONTROL-0x20000
>
> SERVICE_USER_DEFINED_CONTROL-0x0100
>
>
>
> So this is the problem. Now to figure out how to fix it :-) From what I
> can tell it simply needs to add back the missing ACE flags. This command
> hopefully should work (not tested apart from the syntax, since I don't
> have a good testig place, but please try it and if it doesn't work see
> if you can figure out what to change):
>
> Subinacl /service NULL /grant="authenticated users"=QSEILU
>
>
> You need to run this as administrator of course, but it should hopefully
> unlock the NUL device again.
>
> //Magnus
>
Express yourself instantly with Windows Live Messenger! Windows Live Messenger!
