为什么为我的服务创建的文件设置了只读属性（有时）？ [英] Why is the read-only attribute set (sometimes) for files created by my service?

问题描述

注意：这是对该问题的完整重写。我以前将一些ACL问题与我正在寻找的问题混为一谈，这可能就是为什么没有答案的原因。

NOTE: This is a complete re-write of this question. I'd previously conflated some ACL issues with the problem I'm hunting, which is probably why there were no answers.

我有一个使用标准open的Windows服务/ close / write例程以写入日志文件（它从管道读取内容并将其填充到日志中）。每天的午夜都会打开一个新的日志文件。该系统是Windows XP Embedded。

I have a windows service that uses the standard open/close/write routines to write a log file (it reads stuff from a pipe and stuffs it into the log). A new log file is opened each day at midnight. The system is Windows XP Embedded.

该服务作为本地系统服务运行（用户为NULL的CreateService）。

The service runs as the Local System service (CreateService with NULL for the user).

服务最初启动时，它会创建一个日志文件，并毫无问题地对其进行写入。此时，一切正常，您可以毫无问题地重新启动服务（或计算机）。

When the service initially starts up, it creates a log file and writes to it with no problems. At this point everything is OK, and you can restart the service (or the computer) with no issues.

但是，该服务会在午夜（当日期更改时）创建一个新的日志文件并对其进行写入。有趣的是，这个新的日志文件设置了只读标志。这是一个问题，因为如果服务（或计算机）重新启动，则该服务将无法再打开文件以进行写入。

However, at midnight (when the day changes), the service creates a new log file and writes to it. The funny thing is, this new log file has the 'read only' flag set. That's a problem because if the service (or the computer) restarts, the service can no longer open the file for writing.

以下是来自系统的相关问题信息已经发生过：

Here's the relevant information from the system with the problem having already happened:

 Directory of C:\bbbaudit

09/16/2009  12:00 AM    <DIR>          .
09/16/2009  12:00 AM    <DIR>          ..
09/16/2009  12:00 AM               437 AU090915.ADX
09/16/2009  12:00 AM                62 AU090916.ADX

attrib c:\bbbaudit\*
A          C:\bbbaudit\AU090915.ADX <-- old log file (before midnight)
A    R     C:\bbbaudit\AU090916.ADX <-- new log file (after midnight)

cacls output:
C:\ BUILTIN\Administrators:(OI)(CI)F 
    NT AUTHORITY\SYSTEM:(OI)(CI)F 
    CREATOR OWNER:(OI)(CI)(IO)F 
    BUILTIN\Users:(OI)(CI)R 
    BUILTIN\Users:(CI)(special access:)
                      FILE_APPEND_DATA

    BUILTIN\Users:(CI)(IO)(special access:)
                          FILE_WRITE_DATA

    Everyone:R 

C:\bbbaudit BUILTIN\Administrators:(OI)(CI)F 
            NT AUTHORITY\SYSTEM:(OI)(CI)F 
            CFN3\Administrator:F 
            CREATOR OWNER:(OI)(CI)(IO)F 

这是我使用的代码打开/创建日志文件：

Here's the code I use to open/create the log files:

static int open_or_create_file(char *fname, bool &alreadyExists)
{
  int fdes;

  // try to create new file, fail if it already exists
  alreadyExists = false;
  fdes = open(fname, O_WRONLY | O_APPEND | O_CREAT | O_EXCL);
  if (fdes < 0)
  {
    // try to open existing, don't create new file
    alreadyExists = true;
    fdes = open(fname, O_WRONLY | O_APPEND);
  }

  return fdes;
}

我在弄清楚文件如何获得读取内容方面确实遇到了麻烦-仅在其上标记。任何可以给我提示或指导的人，我将非常感谢。

I'm having real trouble figuring out how the file is getting that read-only flag on it. Anyone who can give me a clue or a direction, I'd greatly appreciate it.

编译器是VC 6（是的，我知道，它已经过时了，不好笑。直到您意识到我们刚刚从XPE升级到XPE NT 3.51）。

Compiler is VC 6 (Yea, I know, it's so far out of date it isn't funny. Until you realize that we're just now upgraded to XPE from NT 3.51).

推荐答案

open（）的Microsoft实现具有可选的第三个参数 pmode，第二个参数必须存在参数 oflag包括O_CREAT标志。 pmode参数指定文件权限设置，这些设置是在首次关闭新文件时设置的。通常，您将传递S_IREAD | S_IWRITE用于pmode，导致生成普通的读/写文件。

The Microsoft implementation of open() has an optional third argument 'pmode', which is required to be present when the second argument 'oflag' includes the O_CREAT flag. The pmode argument specifies the file permission settings, which are set when the new file is closed for the first time. Typically you would pass S_IREAD | S_IWRITE for pmode, resulting in an ordinary read/write file.

在您的情况下，您已指定O_CREAT但省略了第三个参数，因此open（）使用发生的任何值在堆栈的第三个参数位置。 S_IWRITE的值为0x0080，因此，如果第三个参数位置中的值碰巧清除了第7位，则将生成一个只读文件。仅在某些时间获得只读文件这一事实与将堆栈垃圾作为第三个参数传递相符。

In your case you have specified O_CREAT but omitted the third argument, so open() has used whatever value happened to be on the stack at the third argument position. The value of S_IWRITE is 0x0080, so if the value in the third argument position happened to have bit 7 clear, it would result in a read-only file. The fact that you got a read-only file only some of the time, is consistent with stack junk being passed as the third argument.

下面是Visual的链接有关open（）的Studio 2010文档。自VC 6起，函数行为的这一方面没有改变。

Below is the link for the Visual Studio 2010 documentation for open(). This aspect of the function's behaviour has not changed since VC 6.

http://msdn.microsoft.com/zh-cn/library/z0kc8e3z.aspx

这篇关于为什么为我的服务创建的文件设置了只读属性（有时）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！