The current code allocates memory and initializes the Everyone "World" security identifier but with a Null authority identifier. This is utterly wrong on so many levels, more so partly because a Null authority identifier is 0 so after the Everyone SID is initialized, it is actually initialized as S-1-0-0 instead of S-1-1-0.
ReactOS Setup is an integral component that is part of the operating system responsible for the installation of ROS during 2nd installation stage. The situation with current master branch is like this -- the Services component always tries to create the process
on behalf of the logged in user with its own security context. That user doesn't have the privileges and access rights like SYSTEM thus the Services component tries to create the process but it fails to do so because of lacking of required access right, TOKEN_DUPLICATE, in order for the calling thread to impersonate as self.
- Added zh-HK translation for following files:
- [BASE/SERVICES/W32TIME]
- [BASE/SYSTEM/...] (except CMD console only applications)
- [FDEBUG]
- [DLL/CPL/...] (except Wine related applications)
- [DLL/SHELLEXT/...]
- [DLL/WIN32/...] (not all applications are translated, and Wine related applications are excluded from this part)
- [MODULES/ROSAPPS/APPLICATIONS/...] (not all applications are translated)
- [SCREENSAVERS]
- [NTVDM]
- [USERSRV]
- Translation Improvement
- Fix header for zh-TW and zh-HK translation files
Reviewed-by: Luo Yufan <njlyf2011@hotmail.com>
Reviewed-by: Hermès Bélusca-Maïto <hermes.belusca-maito@reactos.org>
Reviewed-by: Stanislav Motylkov <x86corez@gmail.com>
Partial revert of 0.4.15-dev-4274-g d31a557237
As hbelusca explained the special character will warn only
once for each non-UTF8-file and not every time, unlike I anticipated.
The g_dwServiceBits is not important right now, but hpoussin expects it
to be a preparation step for making the stuff passed to the
function SetServiceBits() persistent
https://docs.microsoft.com/en-us/windows/win32/api/lmserver/nf-lmserver-setservicebits
for (yet unknown) features to come.
Fixes some typos like "alread"->"already"
and kill g_dwServiceBits in rpcserver.cpp
and omit points and exclamation marks at end of prints.
On GCC8.4.0dbg RosBE2.2.1 this shrinks the file for me from 210.432 to 209.920
The file is loaded many times into memory, therefore
optimization pays off here at runtime memory consumption.
Also shorten to H. Poussineau in the header sections,
to stop git from displaying diff in that line on each review
due to that special char.
- Reserve the pipe NtControlPipe0 for the security process.
- Count regular service control pipes from 1.
- Use I_ScIsSecurityProcess to identify the security process.
- Services.exe uses the SECURITY_SERVICES_STARTED event to notify the security process that NtControlPipe0 is ready for use.
- Add a function that creates a new control set and deletes unused control sets in case of a successful boot.
- Add a stub function that will soon switch to the last known good control set in case of an unsuccessful boot.
This fixes services not being found.
With that commit and the previous one, I_QueryTagInformation is now fully
functionnal and properly returns service name for a specific tag
- Flush the new control set after the control set has been created.
- Make sure that we create a new control set only on the first boot after setup.
- Move the control set copy code to a separate function.
- Get rid of the global control set values.
Also comment about the observed behaviour of the returned number of "characters"
returned by the ANSI versions of these APIs (which is tested by advapi32_winetest:service).
[ADVAPI32:SCM] Add a comment concerning wide characters vs. bytes mismatch.
- Encrypt passwords before passing them to the service manager. Right now, we are using a fixed encryption key. This will be fixed later.
- Replace the calls to ZeroMemory which are used to wipe the password buffers by calls to SecureZeroMemory.
as documented in "Advanced Windows NT" by Jeffrey M. Richter (Microsoft Press),
and in https://is.muni.cz/el/1433/jaro2010/PB167/um/cv5/undocumented_CreateProcess.pdf .
[INCLUDE][SERVICES][WIN32K:NTUSER] Add an undocumented STARTF_INHERITDESKTOP flag
for the STARTUPINFO::dwFlags structure member, whose purpose is to tell Win32k
that the created handles to the window station and desktop to which the
process is connecting to, can be inherited by its child processes.
It is used when starting interactive services.
Observed via API monitoring on Windows 2003.
This effectively removes the temporary hacks introduced in r73486 (a35a785b)
and in r73487 (0ce031f7) for the LocalService and NetworkService accounts.
Now these accounts (and their corresponding user profiles) are created
on the fly, the first time a service that needs these is started.
The code introduced in r73501 (ade0d2cd) is now re-enabled: this has
been made possible thanks to commit f42b4bbe (thanks Eric!).
Dedicated to Joachim Henze ;-)
CORE-12541, CORE-12279
- RI_ScSetServiceBitsA: Just call RI_ScSetServiceBitsW.
- RI_ScSetServiceBitsW: Store the service bits in the service list entry.
TODO: Merge all service bits in a global variable and pass it to the server service. Maybe use netapi.I_NetServerSetServiceBits(Ex)?
