http://bugs.winehq.org/show_bug.cgi?id=28729
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW URL| |http://neosmart.net/dl.php? | |id=1 Keywords| |download Component|-unknown |wineserver CC| |focht@gmx.net Ever Confirmed|0 |1 Summary|EasyBCD: bcdedit complains |EasyBCD: bcdedit complains |about lack of privileges |about lack of privileges | |(import of registry hive | |using native API | |fails/wineserver token | |privilege check)
--- Comment #2 from Anastasius Focht focht@gmx.net 2011-10-15 14:02:57 CDT --- Hello,
BCD tool usage:
http://technet.microsoft.com/en-us/library/cc731245.aspx
You can reproduce the problem without .NET gui, just call "bcdedit" (located in app "bin" folder) directly on your saved hive.
$ wine ./bcdedit.exe /store <your_bcd_store> /enum all
The tool uses native API to load and store binary registry hives.
Now we can stop right here ... Wine doesn't support the binary hive format of Windows.
Anyway, it might be still a valid bug regarding token privileges.
Relevant trace log:
--- snip --- ... 0009:Call ntdll.NtOpenThreadToken(fffffffe,00000028,00000001,0032fc94) ret=0101c1b2 0009: open_token( handle=fffffffe, access=00000028, attributes=00000000, flags=00000003 ) 0009: open_token() = NO_TOKEN { token=0000 } 0009:Ret ntdll.NtOpenThreadToken() retval=c000007c ret=0101c1b2 0009:Call ntdll.NtOpenThreadToken(fffffffe,00000028,00000000,0032fc94) ret=0101c1c1 0009: open_token( handle=fffffffe, access=00000028, attributes=00000000, flags=00000001 ) 0009: open_token() = NO_TOKEN { token=0000 } 0009:Ret ntdll.NtOpenThreadToken() retval=c000007c ret=0101c1c1 0009:Call ntdll.NtOpenProcessToken(ffffffff,00000028,0032fc94) ret=0101c1cd 0009: open_token( handle=ffffffff, access=00000028, attributes=00000000, flags=00000000 ) 0009: open_token() = 0 { token=0034 } 0009:Ret ntdll.NtOpenProcessToken() retval=00000000 ret=0101c1cd 0009:Call ntdll.NtAdjustPrivilegesToken(00000034,00000000,0032fc84,00000010,0032fc74,0032fca8) ret=0101c214 0009: adjust_token_privileges( handle=0034, disable_all=0, get_modified_state=1, privileges={{luid=0000000000000012,attr=2}} ) 0009: adjust_token_privileges() = 0 { len=0000000c, privileges={{luid=0000000000000012,attr=2}} } 0009:Ret ntdll.NtAdjustPrivilegesToken() retval=00000000 ret=0101c214 0009:Call ntdll.NtClose(00000034) ret=0101c24e 0009: close_handle( handle=0034 ) 0009: close_handle() = 0 0009:Ret ntdll.NtClose() retval=00000000 ret=0101c24e 0009:Call ntdll.RtlInitUnicodeString(0032fc94,01023934 L"ntdll.dll") ret=0101d0d5 0009:Ret ntdll.RtlInitUnicodeString() retval=00000012 ret=0101d0d5 0009:Call ntdll.LdrGetDllHandle(00000000,00000000,0032fc94,0032fca0) ret=0101d0e7 0009:Ret ntdll.LdrGetDllHandle() retval=00000000 ret=0101d0e7 0009:Call ntdll.RtlInitAnsiString(0032fc8c,010238f6 "NtLoadKey2") ret=0101d0f8 0009:Ret ntdll.RtlInitAnsiString() retval=0000000b ret=0101d0f8 0009:Call ntdll.LdrGetProcedureAddress(7ef40000,0032fc8c,00000000,0032fc9c) ret=0101d10b 0009:Ret ntdll.LdrGetProcedureAddress() retval=c000007a ret=0101d10b 0009:Call ntdll.NtLoadKey(0032fcf0,0032fcd8) ret=0101c182 0009:trace:reg:NtLoadKey (0x32fcf0,0x32fcd8) 0009: create_file( access=80000000, attributes=00000040, sharing=00000000, create=1, options=00000000, attrs=00000080, objattr={rootdir=0000,sd={},name=L""}, filename="/home/focht/.wine/dosdevices/c:/Program Files/NeoSmart Technologies/EasyBCD/bin/bcd" ) 0009: create_file() = 0 { handle=0034 } 0009: load_registry( hkey=0030, file=0034, name=L"BCD00000000" ) 0009: load_registry() = PRIVILEGE_NOT_HELD 0009: close_handle( handle=0034 ) 0009: close_handle() = 0 0009:Ret ntdll.NtLoadKey() retval=c0000061 ret=0101c182 0009:Call ntdll.NtClose(00000030) ret=0101ca15 0009: close_handle( handle=0030 ) 0009: close_handle() = 0 0009:Ret ntdll.NtClose() retval=00000000 ret=0101ca15 ... 0009:Call KERNEL32.WideCharToMultiByte(000001b5,00000000,00119e50 L"The boot configuration data store could not be opened.\r\n",ffffffff,00000000,00000000,00000000,00000000) ret=01010ab5 ... 0009:Call KERNEL32.FormatMessageW(00001300,01000000,00000522,00000000,0032fdd8,00000000,00000000) ret=01012127 ... 0009:Call KERNEL32.WideCharToMultiByte(000001b5,00000000,00119e10 L"Privilege not held\r\n",ffffffff,00000000,00000000,00000000,00000000) ret=01010ab5 ... --- snip ---
Although the tool adds SeRestorePrivilege token (luid=0000000000000012) using NtOpenProcessToken -> NtAdjustPrivilegesToken before the registry import operation it fails.
For some reason wineserver expects _both_, SeBackupPrivilege and SeRestorePrivilege present in process token. I don't know why SeBackupPrivilege is required for importing hives.
See: http://source.winehq.org/git/wine.git/blob/c65bcce5899ba81226295303ed3df73a7...
(second parameter of token_check_privileges() -> all_required = TRUE)
$ sha1sum EasyBCD\ 2.1.exe e8f1654b913aed4af6aacf09e7a44252217a7fe5 EasyBCD 2.1.exe
$ wine --version wine-1.3.30-152-g0096373
As already said above: even if the bug is fixed regarding token privs - the BCD tool won't work with Wine by design.
Regards