From 3d4b6f576d54321de078adb68cd29c3329cf98c8 Mon Sep 17 00:00:00 2001 From: Michal Pristas Date: Wed, 21 Oct 2020 14:56:44 +0200 Subject: [PATCH] [Ingest Manager] Use ML_SYSTEM to detect if agent is running as a service (#21884) [Ingest Manager] Use ML_SYSTEM to detect if agent is running as a service (#21884) --- x-pack/elastic-agent/CHANGELOG.next.asciidoc | 3 +++ x-pack/elastic-agent/pkg/agent/install/svc_windows.go | 8 ++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/x-pack/elastic-agent/CHANGELOG.next.asciidoc b/x-pack/elastic-agent/CHANGELOG.next.asciidoc index 616af60d80e4..88bb0560ba44 100644 --- a/x-pack/elastic-agent/CHANGELOG.next.asciidoc +++ b/x-pack/elastic-agent/CHANGELOG.next.asciidoc @@ -16,6 +16,9 @@ - Include inputs in action store actions {pull}21298[21298] - Fix issue where inputs without processors defined would panic {pull}21628[21628] - Partial extracted beat result in failure to spawn beat {issue}21718[21718] +- Use ML_SYSTEM to detect if agent is running as a service {pull}21884[21884] +- Use local temp instead of system one {pull}21883[21883] +- Rename monitoring index from `elastic.agent` to `elastic_agent` {pull}21932[21932] - Fix issue with named pipes on Windows 7 {pull}21931[21931] - Rename monitoring index from `elastic.agent` to `elastic_agent` {pull}21932[21932] diff --git a/x-pack/elastic-agent/pkg/agent/install/svc_windows.go b/x-pack/elastic-agent/pkg/agent/install/svc_windows.go index 9084f3b5ea70..a60aadb54944 100644 --- a/x-pack/elastic-agent/pkg/agent/install/svc_windows.go +++ b/x-pack/elastic-agent/pkg/agent/install/svc_windows.go @@ -10,10 +10,14 @@ import ( "golang.org/x/sys/windows" ) +const ( + ML_SYSTEM_RID = 0x4000 +) + // RunningUnderSupervisor returns true when executing Agent is running under // the supervisor processes of the OS. func RunningUnderSupervisor() bool { - serviceSid, err := allocSid(windows.SECURITY_SERVICE_RID) + serviceSid, err := allocSid(ML_SYSTEM_RID) if err != nil { return false } @@ -40,7 +44,7 @@ func RunningUnderSupervisor() bool { func allocSid(subAuth0 uint32) (*windows.SID, error) { var sid *windows.SID - err := windows.AllocateAndInitializeSid(&windows.SECURITY_NT_AUTHORITY, + err := windows.AllocateAndInitializeSid(&windows.SECURITY_MANDATORY_LABEL_AUTHORITY, 1, subAuth0, 0, 0, 0, 0, 0, 0, 0, &sid) if err != nil { return nil, err