- From: Daniel DeLeo <
>
- To:
- Subject: [chef] Re: Chef-client as unprivileged Windows user
- Date: Thu, 10 Oct 2013 07:29:59 -0700
On Thursday, October 10, 2013 at 1:16 AM, Daniel Oliver wrote:
Hi list,
Iâm sorry if this question has been asked before, but I canât find in my archives. I am testing our migration from Chef 10 to 11, and things have been ok the server and system side. Unfortunately, Iâve hit a road-block when it comes to unprivileged Windows users.
Running chef as an unprivileged user on windows is known to have a lot of problems. Is it an absolute requirement to run as an unprivileged user?
We use Chef to perform various configuration tasks in each of our user profiles, such as dropping per-user configuration files into the correct location at login and periodically thereafter using a scheduled task. Unfortunately, I have been unable to make Chef 11.6 deploy even the simplest template to a userâs profile; I just keep file security permission errors. I have tried varying absolute/relative paths, Windows/Unix style directories and combinations of Windows/Unix permission options, all with no success.
I do see a 0-byte file appear, for which the current user is the owner having full control, and I am able to change permissions using Explorer.
Iâve looked through mv_windows.rb, and I understand why the permissions handling has been implemented as it has realise that this may well introduce some scenarios I need to work around. However, what I donât understand is why it isnât working in this situation? My user is able to manipulate the file permissions in Explorer with no privilege escalation, and the location I am trying to write to is not subject to redirection by the Virtual Store. Chef is also creating a 0-byte file with the current user as the owner and explicit full control.
If anyone can shed some light on this problem, I would really appreciate your input.
What's the exact error?
Archive powered by MHonArc 2.6.16.