Tomcat9", logs directory will be inserted unwanted two ACLs

Norimasa Yamamoto (Jira) Fri, 18 Nov 2022 05:53:05 -0800

Norimasa Yamamoto created DAEMON-450:
----------------------------------------


             Summary: Invoked "bin\tomcat9 //US/Tomcat9", logs directory will 
be inserted unwanted two ACLs
                 Key: DAEMON-450
                 URL: https://issues.apache.org/jira/browse/DAEMON-450
             Project: Commons Daemon
          Issue Type: Bug
          Components: prunsrv
    Affects Versions: 1.3.2
         Environment: Windows 7 SP1 x64

Apache Tomcat 9.0.69 x86 (zip-dist)

 
            Reporter: Norimasa Yamamoto


Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted 
two ACLs.

Repro at Tomcat9 directory on Admin Command Prompt (not Admin PowerShell).

> ren logs logs1

> md logs

> icacls logs

logs NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
     NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
     BUILTIN\Administrators:(I)(OI)(CI)(F)
     BUILTIN\Users:(I)(OI)(CI)(M)

> bin\tomcat9.exe //US/Tomcat9

> icacls logs

logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
     NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
     BUILTIN\Administrators:(I)(OI)(CI)(F)
     BUILTIN\Users:(I)(OI)(CI)(M)

> bin\tomcat9.exe //US/Tomcat9

> icacls logs

logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
     NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
     BUILTIN\Administrators:(I)(OI)(CI)(F)
     BUILTIN\Users:(I)(OI)(CI)(M)

> for /l %i in (1,0,1) do bin\tomcat9.exe //US/Tomcat9

  : (...after 1000-2000 times...)
[2022-11-18 17:46:20] [warn]  [ 2456] Failed to grant service user 'NT 
AUTHORITY\LocalService' write permissions to log path 
'<full/path/to/tomcat9>\logs' due to error '1340: The inherited access control 
list (ACL) or access control entry (ACE) could not be built.'
  :

> icacls logs
logs NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\LOCAL SERVICE:(RX,W)
  :
     NT AUTHORITY\LOCAL SERVICE:(RX,W)
     NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(IO)(GR,GW,GE)
     NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(M)
     NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
     BUILTIN\Administrators:(I)(OI)(CI)(F)
     BUILTIN\Users:(I)(OI)(CI)(M)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (DAEMON-450) Invoked "bin\tomcat9 //US/Tomcat9", logs directory will be inserted unwanted two ACLs

Reply via email to