Well you could redirect stdin and send it a "y" followed by a return, but I hate this idea,
simply because you need a user to interpret the real question.
Much better is do it using the V2 System.Security.AccessControl namespace.
Following is how you could proceed.....
using System.Security.AccessControl;
...
string authority = "nt authority";
string account= "network service";
string path = @"c:\program files\...............";
string identity = String.Format(@"{0}\{1}",
authority , account);
DirectoryInfo di = new DirectoryInfo(path);
DirectorySecurity ds = di.GetAccessControl(AccessControlSections.All);
FileSystemAccessRule fsaRule =
new FileSystemAccessRule(identity , FileSystemRights.Write,
AccessControlType.Allow);
ds.AddAccessRule(fsaRule);
di.SetAccessControl(ds);
...
Willy.
Hi,
I had tried out the second suggestion that you have made. It didn't
work out for me.The stack trace is:
Service cannot be started.
System.Security.AccessControl.PrivilegeNotHeldException: The process
does not possess the 'SeSecurityPrivilege' privilege which is required
for this operation.
at System.Security.AccessControl.Win32.GetSecurityInfo(ResourceType
resourceType, String name, SafeHandle handle, AccessControlSections
accessControlSections, RawSecurityDescriptor& resultSd)
at
System.Security.AccessControl.NativeObjectSecurity.CreateInternal(ResourceType
resourceType, Boolean isContainer, String name, SafeHandle handle,
AccessControlSections includeSections, Boolean createByName,
ExceptionFromErrorCode exceptionFromErrorCode, Object exceptionContext)
at System.Security.AccessControl.FileSystemSecurity..ctor(Boolean
isContainer, String name, AccessControlSections includeSections,
Boolean isDirectory)
at System.Security.AccessControl.DirectorySecurity..ctor(String
name, AccessControlSections includeSections)
at System.IO.DirectoryInfo.GetAccessControl(AccessControlSections
includeSections)
For the first suggestion that you have given, I had redirected the
standard input and passed a "y", but the service never entered
"running" state. It is always in StartPending state.
Also the eventlog entries are not being written properly(only the first
one is written)
Process myProcess = new Process();
string accountName = "\"nt authority\\network service\":F";
string argument = '"' +
Directory.GetParent(Assembly.GetExecutingAssembly().Location).FullName
+ '"' + @"/E" + @" /G " + accountName;
myProcess.StartInfo.FileName = "cacls";
myProcess.StartInfo.Arguments = argument;
EventLog.WriteEntry(sSource, argument);
myProcess.StartInfo.UseShellExecute = false;
myProcess.StartInfo.RedirectStandardOutput = true;
myProcess.StartInfo.RedirectStandardInput = true;
myProcess.StartInfo.RedirectStandardError = true;
myProcess.StartInfo.CreateNoWindow = true;
myProcess.Start();
EventLog.WriteEntry(sSource,
myProcess.StandardOutput.ReadToEnd());
myProcess.StandardInput.WriteLine("y");
EventLog.WriteEntry(sSource,
myProcess.StandardOutput.ReadToEnd());
EventLog.WriteEntry(sSource,
myProcess.StandardError.ReadToEnd());
myProcess.WaitForExit();
EventLog.WriteEntry(sSource,"Changed the Access Control
list");
service never seemed to have started successfully.
Thanks for all the help and valuable insights you have given me.