Giters

mozilla / mig

Distributed & real time digital forensics at the speed of the cloud

Home Page:http://mig.mozilla.org/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

windows 10 agent fails to daemonize

opened this issue · comments

commented

Everything works great running in foreground (-d) but when trying to run as service/daemon

Compiled using:

make CC=x86_64-w64-mingw32-gcc CGO_ENABLED=1 mig-agent BUILDENV=prod OS=windows ARCH=amd64 AGTCONF=conf/test.com-agents-conf.go

From Windows Services (services.msc):

Windows could not start MIG Agent service on Local Computer
Error: 5 Access is Denied

From Command Line (as administrator):

2017/03/02 06:07:44 - - - [info] Failed to stop service mig-agent: 'The specified service does not exist as an installed service.'
2017/03/02 06:07:44 - - - [info] Failed to remove service mig-agent: 'service mig-agent is not installed'
2017/03/02 06:07:44 - - - [info] Installed mig-agent service
2017/03/02 06:07:44 - - - [debug] leaving serviceDeploy()
2017/03/02 06:07:44 - - - [debug] leaving daemonize()
2017/03/02 06:07:44 - - - [debug] leaving initAgent()
2017/03/02 06:07:44 - - - [error] Init failed: 'initAgent() -> daemonize() -> serviceDeploy() -> Access is denied.'
2017/03/02 06:07:44 - - - [info] Sleep 60s and retry
Is there a trick for getting this to work

From Command Line in Foreground:

C:\Program Files (x86)\mig>mig-agent-17.03.02.0.exe -d
[warn] Could not load a local conf from "/etc/mig/mig-agent.cfg", err: configLoad() -> open /etc/mig/mig-agent.cfg: The system cannot find the path specified.
[info] Using builtin conf.
2017/03/02 06:11:16 - - - [debug] leaving initChannels()
2017/03/02 06:11:16 - - - [debug] Logging routine initialized.
2017/03/02 06:11:16 - - - [debug] leaving findHostname()
2017/03/02 06:11:16 - - - [debug] leaving findOSInfo()
2017/03/02 06:11:16 - - - [debug] Found local address fe80::98ec:1789:14e6:863/64
2017/03/02 06:11:16 - - - [debug] Found local address 10.0.2.15/24
2017/03/02 06:11:16 - - - [debug] Found local address 2001:0:d59:2ec8:809:26b9:39cc:17c8/64
2017/03/02 06:11:16 - - - [debug] Found local address fe80::809:26b9:39cc:17c8/64
2017/03/02 06:11:16 - - - [debug] Found local address fe80::5efe:a00:20f/128
2017/03/02 06:11:16 - - - [debug] leaving initAgentID()
2017/03/02 06:11:16 - - - [debug] Trying proxy from environment otherwise direct connection for public IP retrieval
2017/03/02 06:11:16 - - - [debug] Found public ip 10.15.0.1
2017/03/02 06:11:17 - - - [debug] AWS metadata service not found, skipping fetch
2017/03/02 06:11:17 - - - [debug] Loading permission named 'default'
2017/03/02 06:11:17 - - - [debug] Loading permission named 'agentdestroy'
2017/03/02 06:11:17 - - - [debug] leaving initACL()
2017/03/02 06:11:17 - - - [debug] Trying proxies from environment for relay connection
2017/03/02 06:11:17 - - - [debug] AMQP: host=mig.Test.com, port=5671, vhost=mig
2017/03/02 06:11:17 - - - [debug] leaving initMQ()
2017/03/02 06:11:17 - - - [info] Failed to connect to relay using HTTP_PROXY: 'initMQ() -> Failed to find a suitable proxy in environment'
2017/03/02 06:11:17 - - - [debug] Trying direct relay connection
2017/03/02 06:11:17 - - - [debug] AMQP: host=mig.Test.com, port=5671, vhost=mig
2017/03/02 06:11:17 - - - [debug] Loading AMQPS TLS parameters
2017/03/02 06:11:17 - - - [debug] Establishing connection to relay
2017/03/02 06:11:18 - - - [debug] leaving initMQ()
2017/03/02 06:11:18 - - - [debug] leaving initAgent()
2017/03/02 06:11:18 - - - [info] periodic environment refresh is disabled
2017/03/02 06:11:18 - - - [debug] initializing any persistent modules
2017/03/02 06:11:18 - - - [info] Mozilla InvestiGator version 17.03.02.0: started agent DESKTOP-UJJQJF1.WORKGROUP
2017/03/02 06:11:18 - - - [debug] heartbeat "{"name":"DESKTOP-UJJQJF1.WORKGROUP","queueloc":"windows.ym5eiw5142j5k296gmc9x9ssv0cynizc1pnawnajb15tc9m8jd329moqhku81nupffkwhpyegkest4wvycm6z1gk2zxlix6ur4","mode":"daemon","version":"17.03.02.0","pid":4588,"starttime":"2017-03-02T06:11:18.1469671-05:00","destructiontime":"0001-01-01T00:00:00Z","heartbeatts":"2017-03-02T06:11:18.1469671-05:00","refreshts":"2017-03-02T06:11:17.7407728-05:00","environment":{"init":"windows","ident":"Microsoft Windows 10 Pro

commented

@shanerman yeah this is a known issue we are looking at right now. See #319 and #107 for a few details, but the short of it is we use a go package for service management (like configuring the agent to run as a service on a given platform). This package we use was a fork from a while ago, which has a few issues with Win 10. A new version of it is being brought into the code base for the Windows agent which has been tested to fix this, but has not been merged into master yet.

commented

@ameihm0912 ok great, appreciate the explanation and all the work you're doing! I'll keep an eye out for the fix.