Jira (PUP-10258) Register and Start Puppet Agent as protected service

8 views
Skip to first unread message

Gheorghe Popescu (JIRA)

unread,
Jan 28, 2020, 8:00:05 AM1/28/20
to puppe...@googlegroups.com
Gheorghe Popescu created an issue
 
Puppet / Task PUP-10258
Register and Start Puppet Agent as protected service
Issue Type: Task Task
Assignee: Unassigned
Created: 2020/01/28 4:59 AM
Priority: Normal Normal
Reporter: Gheorghe Popescu

Currently the service creation is handled in: https://github.com/puppetlabs/puppet/blob/master/ext/windows/service/daemon.rb

Puppet service must be registered with the system before it can be started as protected: https://docs.microsoft.com/en-us/windows/win32/services/protecting-anti-malware-services-#registering-the-service-without-rebooting-the-system

Starting the service as protected:

  1. Call the CreateService API to create a service object and add it to the service control manager (SCM) database.
  1. Call the SetServiceObjectSecurity API to set the security descriptor of the service object created in step 1.
  1. Call the ChangeServiceConfig2 API to mark the service as protected, specifying the new SERVICE_CONFIG_LAUNCH_PROTECTED enumeration value, which has been added in Winsvc.h (as of Windows 8.1).

https://docs.microsoft.com/en-us/windows/win32/services/protecting-anti-malware-services-#starting-the-service-as-protected
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
Atlassian logo

Gheorghe Popescu (JIRA)

unread,
Jan 28, 2020, 8:40:04 AM1/28/20
to puppe...@googlegroups.com
Gheorghe Popescu updated an issue
Change By: Gheorghe Popescu
Acceptance Criteria: Puppet can be registered to the ELAM driver can be started as protected service.

Mihai Buzgau (JIRA)

unread,
Jan 28, 2020, 11:15:06 AM1/28/20
to puppe...@googlegroups.com
Mihai Buzgau updated an issue
Change By: Mihai Buzgau
Sprint: PR - Triage

Bogdan Irimie (Jira)

unread,
Nov 5, 2020, 3:51:05 AM11/5/20
to puppe...@googlegroups.com
Bogdan Irimie updated an issue
Change By: Bogdan Irimie
Sprint:
This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)
Atlassian logo

Bogdan Irimie (Jira)

unread,
Nov 5, 2020, 3:52:05 AM11/5/20
to puppe...@googlegroups.com
Bogdan Irimie updated an issue
Change By: Bogdan Irimie
Sprint: ready for triage
Reply all
Reply to author
Forward
0 new messages