Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-10967

Puppet always prints errors in debug when trying to resolve account to SID

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: PUP 7.5.0
    • Fix Version/s: PUP 6.24.0, PUP 7.9.0
    • Component/s: None
    • Labels:
    • Template:
      PUP Bug Template
    • Team:
      Night's Watch
    • Story Points:
      1
    • Sprint:
      NW - 2021-06-30
    • Method Found:
      Needs Assessment
    • Release Notes:
      Bug Fix
    • Release Notes Summary:
      Puppet no longer prints an unnecessary error message when resolving account names to SIDs on Windows
    • QA Risk Assessment:
      Needs Assessment

      Description

      Puppet on Windows shows the following errors when running with debugging:

      C:\> puppet agent -t --debug
      ...
      Debug: Processing report from xxx with processor Puppet::Reports::Store
      Debug: Could not retrieve raw SID bytes from 'Administrator': Failed to convert string SID: Administrator:  The security ID structure is invalid.
      Debug: Could not retrieve raw SID bytes from 'Administrator': Failed to convert string SID: Administrator:  The security ID structure is invalid.
      

      This debugging was added in https://github.com/puppetlabs/puppet/commit/bea9ff75d5946dbb92c90ef068cf6c2d4cb0db85. However, the name_to_principal method is sometimes called with valid account names like Administrator, so the call to string_to_sid_ptr fails with (ERROR_INVALID_SID 0x539 and the debug message is printed.

      I think it'd be better to check if name starts with something like S-\d+-\d+ or only log the error if e.code != 0x539. For example, if the SID string refers to an account that doesn't exist, you'll get 0x534 ERROR_NONE_MAPPED.

        Attachments

          Activity

            People

            Assignee:
            luchian.nemes Luchian Nemes
            Reporter:
            josh Josh Cooper
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support