- Reserve the pipe NtControlPipe0 for the security process.
- Count regular service control pipes from 1.
- Use I_ScIsSecurityProcess to identify the security process.
- Services.exe uses the SECURITY_SERVICES_STARTED event to notify the security process that NtControlPipe0 is ready for use.
This fixes services not being found.
With that commit and the previous one, I_QueryTagInformation is now fully
functionnal and properly returns service name for a specific tag
as documented in "Advanced Windows NT" by Jeffrey M. Richter (Microsoft Press),
and in https://is.muni.cz/el/1433/jaro2010/PB167/um/cv5/undocumented_CreateProcess.pdf .
[INCLUDE][SERVICES][WIN32K:NTUSER] Add an undocumented STARTF_INHERITDESKTOP flag
for the STARTUPINFO::dwFlags structure member, whose purpose is to tell Win32k
that the created handles to the window station and desktop to which the
process is connecting to, can be inherited by its child processes.
It is used when starting interactive services.
Observed via API monitoring on Windows 2003.
This effectively removes the temporary hacks introduced in r73486 (a35a785b)
and in r73487 (0ce031f7) for the LocalService and NetworkService accounts.
Now these accounts (and their corresponding user profiles) are created
on the fly, the first time a service that needs these is started.
The code introduced in r73501 (ade0d2cd) is now re-enabled: this has
been made possible thanks to commit f42b4bbe (thanks Eric!).
Dedicated to Joachim Henze ;-)
CORE-12541, CORE-12279
services\database.c:
- Refactor ScmControlService() so that it can be used to send the dispatcher loop stop command.
- Separate the code to decrement the image run counter from the service image cleanup code.
services\rpcserver.c:
- RSetServiceStatus(): Stop the dispatcher loop when the image run counter is zero and remove the service image after that.
advapi32\service\sctrl.c:
- Do not terminate the service dispatcher loop when the last service is being stopped. Wait for an explicit dispatcher stop command (empty service name).
CORE-12413
- The initial dwWin32ExitCode for a disabled service is ERROR_SERVICE_DISABLED and ERROR_SRVICE_NEVER_STARTED for non-disabled services.
- The initial dwWaitHint is 2000 (2 seconds) for (user-mode) services and 0 for drivers.
- Move all driver-related code to driver.c.