From 4580aaeafac2cc0ce582cf0f4bcf843429eff397 Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Thu, 14 May 2020 13:30:01 +0200 Subject: [PATCH] Windows agent wizard: apply permissions recursively refs #7998 --- agent/windows-setup-agent/SetupWizard.cs | 25 ++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/agent/windows-setup-agent/SetupWizard.cs b/agent/windows-setup-agent/SetupWizard.cs index 0421960b9..842b69ba9 100644 --- a/agent/windows-setup-agent/SetupWizard.cs +++ b/agent/windows-setup-agent/SetupWizard.cs @@ -242,8 +242,8 @@ namespace Icinga FileSystemRights.Modify, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); try { - AddAccessRuleToDir(rule, Program.Icinga2InstallDir); - AddAccessRuleToDir(rule, Program.Icinga2DataDir); + AddAccessRuleToFSTree(rule, Program.Icinga2InstallDir); + AddAccessRuleToFSTree(rule, Program.Icinga2DataDir); } catch (System.Security.Principal.IdentityNotMappedException) { ShowErrorText("Could not set ACLs for user \"" + serviceUser + "\". Identitiy is not mapped.\n"); return; @@ -283,6 +283,14 @@ namespace Icinga FinishConfigure(); } + private void AddAccessRuleToFile(FileSystemAccessRule rule, string file) + { + FileInfo fi = new FileInfo(file); + FileSecurity fs = fi.GetAccessControl(); + fs.AddAccessRule(rule); + fi.SetAccessControl(fs); + } + private void AddAccessRuleToDir(FileSystemAccessRule rule, string dir) { DirectoryInfo di = new DirectoryInfo(dir); @@ -291,6 +299,19 @@ namespace Icinga di.SetAccessControl(ds); } + private void AddAccessRuleToFSTree(FileSystemAccessRule rule, string root) + { + AddAccessRuleToDir(rule, root); + + foreach (string path in Directory.EnumerateDirectories(root, "*", SearchOption.AllDirectories)) { + AddAccessRuleToDir(rule, path); + } + + foreach (string path in Directory.EnumerateFiles(root, "*", SearchOption.AllDirectories)) { + AddAccessRuleToFile(rule, path); + } + } + private void FinishConfigure() { if (InvokeRequired) {