@@ -21,6 +21,7 @@ import (
2121 "fmt"
2222 "io"
2323 "os"
24+ "os/exec"
2425 "path/filepath"
2526 "time"
2627
@@ -50,6 +51,7 @@ func installCmdImpl(cmd *cobra.Command, args []string) {
5051 DisplayName : constants .DisplayName ,
5152 Description : constants .Description ,
5253 StartType : mgr .StartAutomatic ,
54+ ServiceStartName : constants .ServiceStartName ,
5355 DelayedAutoStart : true ,
5456 }
5557 recoveryActions = []mgr.RecoveryAction {
@@ -125,12 +127,41 @@ func installService(name string, config mgr.Config, recoveryActions []mgr.Recove
125127
126128 if err := createService (wsm , name , exe , config , recoveryActions , args ... ); err != nil {
127129 return err
130+ } else if err := setACLs (); err != nil {
131+ return err
128132 } else {
129133 return nil
130134 }
131135 }
132136}
133137
138+ func setACLs () error {
139+ var (
140+ dataDir = config .SystemConfigDirs ()[0 ]
141+ )
142+
143+ if err := runICACLS ([]string {dataDir , "/grant" , "NT Authority\\ SYSTEM:(OI)(CI)F" , "/q" }); err != nil {
144+ return err
145+ } else if err := runICACLS ([]string {dataDir , "/grant" , "Builtin\\ Administrators:(OI)(CI)F" , "/q" }); err != nil {
146+ return err
147+ } else if err := runICACLS ([]string {dataDir , "/grant" , "NT Service\\ " + constants .DisplayName + ":(OI)(CI)RX" , "/q" }); err != nil {
148+ return err
149+ } else if err := runICACLS ([]string {dataDir , "/inheritance:r" }); err != nil {
150+ return err
151+ } else {
152+ return nil
153+ }
154+ }
155+
156+ func runICACLS (args []string ) error {
157+ cmd := exec .Command ("icacls.exe" , args ... )
158+ err := cmd .Run ()
159+ if err != nil {
160+ return err
161+ }
162+ return nil
163+ }
164+
134165func createService (wsm * mgr.Mgr , name string , exe string , config mgr.Config , recoveryActions []mgr.RecoveryAction , args ... string ) error {
135166 if service , err := wsm .OpenService (name ); err == nil {
136167 service .Close ()
0 commit comments