VirtualBox

Changeset 69804 in vbox


Ignore:
Timestamp:
Nov 22, 2017 12:11:32 PM (7 years ago)
Author:
vboxsync
Message:

VirtualBoxClient: Dropped the WMI non-sense to get service status, because the information is readily available in the structure with the service account from. Also, only request minimum SCM access rights when doing the query.

Location:
trunk/src/VBox/Main
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Main/include/VirtualBoxClientImpl.h

    r69791 r69804  
    7272
    7373#ifdef VBOX_WITH_SDS
    74     int     i_getServiceAccount(const wchar_t *pwszServiceName, wchar_t *pwszAccountName, size_t cwcAccountName);
    75     HRESULT i_isServiceDisabled(const wchar_t *pwszServiceName, bool *pfOutIsDisabled);
     74    int     i_getServiceAccountAndStartType(const wchar_t *pwszServiceName,
     75                                            wchar_t *pwszAccountName, size_t cwcAccountName, uint32_t *puStartType);
    7676#endif
    7777

  • trunk/src/VBox/Main/src-client/VirtualBoxClientImpl.cpp

    r69792 r69804  
    197197     * Check that the VBoxSDS service is configured to run as LocalSystem and is enabled.
    198198     */
    199     WCHAR wszBuffer[256];
    200     int vrc = i_getServiceAccount(L"VBoxSDS", wszBuffer, RT_ELEMENTS(wszBuffer));
     199    WCHAR    wszBuffer[256];
     200    uint32_t uStartType;
     201    int vrc = i_getServiceAccountAndStartType(L"VBoxSDS", wszBuffer, RT_ELEMENTS(wszBuffer), &uStartType);
    201202    if (RT_SUCCESS(vrc))
    202203    {
    203         LogRelFunc(("VBoxSDS service is running under the '%ls' account.\n", wszBuffer));
     204        LogRelFunc(("VBoxSDS service is running under the '%ls' account with start type %u.\n", wszBuffer, uStartType));
    204205        if (RTUtf16Cmp(wszBuffer, L"LocalSystem") != 0)
    205206            return setError(hrcCaller,
    206                             tr("VBoxSDS should be run under SYSTEM account, but it started under '%ls' account:\n"
    207                                "Change VBoxSDS Windows Service Logon parameters in Service Control Manager. \n%Rhrc"),
    208                             wszBuffer, hrcCaller);
     207                            tr("VBoxSDS is misconfigured to run under the '%ls' account instead of the SYSTEM one.\n"
     208                               "You ccan fix this by using the Windows Service Control Manager or by running\n"
     209                               "'qc config VBoxSDS obj=LocalSystem' on a command line."),  wszBuffer);
     210        if (uStartType == SERVICE_DISABLED)
     211            return setError(hrcCaller,
     212                            tr("The VBoxSDS windows service is disabled.\n"
     213                               "To reenable the service, set it to 'Manual' startup type in the Windows Service\n"
     214                               "management console, or run 'sc config VBoxSDS start=demand' on a command line"));
    209215    }
    210216    else
    211217        LogRelFunc(("VirtualBoxClient::i_getServiceAccount failed: %Rrc\n", vrc));
    212 
    213     bool fIsVBoxSDSDisabled = false;
    214     hrc = i_isServiceDisabled(L"VBoxSDS", &fIsVBoxSDSDisabled);
    215     if (SUCCEEDED(hrc) && fIsVBoxSDSDisabled)
    216         return setError(hrcCaller,
    217                         tr("The VBoxSDS windows service is disabled.\n"
    218                            "Enable VBoxSDS Windows Service using Windows Service Management Console.\n %Rhrc"), hrcCaller);
    219     if (FAILED(hrc))
    220         LogRelFunc(("Warning: Failed to get information about VBoxSDS using WMI:: %Rhrc", hrc));
    221 # endif /* VBOX_WITH_SDS */
     218# endif
    222219
    223220    /*
     
    380377
    381378# ifdef VBOX_WITH_SDS
    382 
    383 int VirtualBoxClient::i_getServiceAccount(const wchar_t *pwszServiceName, wchar_t *pwszAccountName, size_t cwcAccountName)
     379int VirtualBoxClient::i_getServiceAccountAndStartType(const wchar_t *pwszServiceName,
     380                                                      wchar_t *pwszAccountName, size_t cwcAccountName, uint32_t *puStartType)
    384381{
    385382    AssertPtr(pwszServiceName);
     
    387384    Assert(cwcAccountName);
    388385    *pwszAccountName = '\0';
     386    *puStartType     = SERVICE_DEMAND_START;
    389387
    390388    int vrc;
    391389
    392390    // Get a handle to the SCM database.
    393     SC_HANDLE hSCManager = OpenSCManagerW(NULL /*pwszMachineName*/, NULL /*pwszDatabaseName*/, SC_MANAGER_ALL_ACCESS);
     391    SC_HANDLE hSCManager = OpenSCManagerW(NULL /*pwszMachineName*/, NULL /*pwszDatabaseName*/, SC_MANAGER_CONNECT);
    394392    if (hSCManager != NULL)
    395393    {
     
    401399            {
    402400                Assert(GetLastError() == ERROR_INSUFFICIENT_BUFFER);
    403                 LPQUERY_SERVICE_CONFIGW pSc = (LPQUERY_SERVICE_CONFIGW)RTMemTmpAllocZ(cbNeeded);
     401                LPQUERY_SERVICE_CONFIGW pSc = (LPQUERY_SERVICE_CONFIGW)RTMemTmpAllocZ(cbNeeded + _1K);
    404402                if (pSc)
    405403                {
    406404                    DWORD cbNeeded2 = 0;
    407                     if (QueryServiceConfigW(hService, pSc, cbNeeded, &cbNeeded2))
     405                    if (QueryServiceConfigW(hService, pSc, cbNeeded + _1K, &cbNeeded2))
    408406                    {
     407                        *puStartType = pSc->dwStartType;
    409408                        vrc = RTUtf16Copy(pwszAccountName, cwcAccountName, pSc->lpServiceStartName);
    410409                        if (RT_FAILURE(vrc))
     
    422421                else
    423422                {
    424                     LogRel(("Error: Failed allocating %#x bytes of memory for service config!\n", cbNeeded));
     423                    LogRel(("Error: Failed allocating %#x bytes of memory for service config!\n", cbNeeded + _1K));
    425424                    vrc = VERR_NO_TMP_MEMORY;
    426425                }
     
    449448    return vrc;
    450449}
    451 
    452 
    453 HRESULT VirtualBoxClient::i_isServiceDisabled(const wchar_t *pwszServiceName, bool* pfOutIsDisabled)
    454 {
    455     /** @todo r=bird: there must be a way we can get this information from the
    456      *        service manager.  This is overly complicated. */
    457     AssertPtr(pwszServiceName);
    458     AssertPtr(pfOutIsDisabled);
    459     *pfOutIsDisabled = false;
    460 
    461     ComPtr<IWbemLocator> aLocator;
    462     HRESULT hr = CoCreateInstance(CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (void **)aLocator.asOutParam());
    463     if (FAILED(hr))
    464     {
    465         LogRel(("Error: Cannot instantiate WbemLocator: %Rhrc", hr));
    466         return hr;
    467     }
    468 
    469     ComPtr<IWbemServices> aService;
    470     hr = aLocator->ConnectServer(com::Bstr(L"ROOT\\CIMV2").raw(), // Object path of WMI namespace
    471                                  NULL,                    // User name. NULL = current user
    472                                  NULL,                    // User password. NULL = current
    473                                  0,                       // Locale. NULL indicates current
    474                                  NULL,                    // Security flags.
    475                                  0,                       // Authority (for example, Kerberos)
    476                                  0,                       // Context object
    477                                  aService.asOutParam());  // pointer to IWbemServices proxy
    478     if (FAILED(hr))
    479     {
    480         LogRel(("Error: Cannot connect to Wbem Service: %Rhrc\n", hr));
    481         return hr;
    482     }
    483 
    484     // query settings for VBoxSDS windows service
    485     ComPtr<IEnumWbemClassObject> aEnumerator;
    486     hr = aService->ExecQuery(com::Bstr("WQL").raw(),
    487                              com::BstrFmt("SELECT * FROM Win32_Service WHERE Name='%ls'", pwszServiceName).raw(),
    488                              WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
    489                              NULL,
    490                              aEnumerator.asOutParam());
    491     if (FAILED(hr) || aEnumerator == NULL)
    492     {
    493         LogRel(("Error: querying service settings from WMI: %Rhrc\n", hr));
    494         return hr;
    495     }
    496 
    497     ULONG uReturn = 0;
    498     ComPtr<IWbemClassObject> aVBoxSDSObj;
    499     hr = aEnumerator->Next(WBEM_INFINITE, 1, aVBoxSDSObj.asOutParam(), &uReturn);
    500     if (FAILED(hr))
    501     {
    502         LogRel(("Error: Cannot get Service WMI record: %Rhrc\n", hr));
    503         return hr;
    504     }
    505     if (aVBoxSDSObj == NULL || uReturn == 0)
    506     {
    507         LogRel(("Error: Service record didn't exist in WMI: %Rhrc\n", hr));
    508         return hr;
    509     }
    510 
    511     // Get "StartMode" property
    512     VARIANT vtProp;
    513     VariantInit(&vtProp);
    514     hr = aVBoxSDSObj->Get(L"StartMode", 0, &vtProp, 0, 0);
    515     if (FAILED(hr) || (vtProp.vt & VT_NULL) == VT_NULL)
    516     {
    517         LogRel(("Error: Didn't found StartMode property: %Rhrc\n", hr));
    518         return hr;
    519     }
    520 
    521     Assert((vtProp.vt & VT_BSTR) == VT_BSTR);
    522 
    523     *pfOutIsDisabled = RTUtf16Cmp((RTUTF16*)vtProp.bstrVal, (RTUTF16*)L"Disabled") == 0;
    524 
    525     LogRel(("Service start mode is '%ls' \n", vtProp.bstrVal));
    526     VariantClear(&vtProp);
    527     return S_OK;
    528 }
    529 
    530450# endif /* VBOX_WITH_SDS */
    531451
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette