Message boards : Questions and problems : [error] Process creation failed: A required privilege is not held by the client. (0x522)
Message board moderation
Author | Message |
---|---|
Send message Joined: 11 Nov 08 Posts: 3 |
11/11/2008 8:42:48 AM|climateprediction.net|[error] Process creation failed: A required privilege is not held by the client. (0x522) I resolved this error a couple weeks back by complete removal and reinstall of BOINC. Today, on my work computer the IT org sent a security update down the wire and now the error has returned. Would a BOINC developer PLEASE list what rights the boinc_master and/or boinc_project must have. I would prefer to tweak the security settings and not remove/reinstall BOINC because I think this will be a re-occuring failure for me. |
Send message Joined: 11 Nov 08 Posts: 3 |
Ok, as it turns out I captured all the local security settings just after the BOINC install. I compared those to the current settings: Compare: (<)C:\20081029-local_security_settings.txt (2179 bytes) with: (>)C:\20081111-local_security_settings.txt (2089 bytes) 5,8c5,8 < Adjust memory quotas for a process boinc_admins,boinc_users,Administrators < Allow logon through Terminal Services Administrators,Remote Desktop Users < Back up files and directories Everyone,Administrators,Backup Operators < Bypass traverse checking Everyone,boinc_admins,boinc_users,boinc_projects --- > Adjust memory quotas for a process Administrators > Allow logon through Terminal Services Administrators,Remote Desktop Users > Back up files and directories Everyone,Administrators,Backup Operators > Bypass traverse checking Everyone 14c14 < Debug programs boinc_admins,boinc_users,Administrators --- > Debug programs Administrators Seems that my local IT group does not allow modifications to these specific security settings. What are the ramifications if I add the boinc accounts to the administrators group? |
Send message Joined: 2 Sep 05 Posts: 103 |
What are the ramifications if I add the boinc accounts to the administrators group? The groups affected by those changes are boinc_users and boinc_admins. The first one can be ignored unless you've added users to it. The second one contains the boinc_master user, which is the account boinc.exe runs under. If you add that to the administrators group it's mainly a question of whether you're willing to trust the BOINC core client with the administrator privileges which aren't normally granted to the boinc_admins group (projects will still run at a reduced privilege level). A successful logon (local or remote) using the boinc_master account is extremely unlikely as its password is randomly generated on installation and isn't stored as plain text anywhere. "The ultimate test of a moral society is the kind of world that it leaves to its children." - Dietrich Bonhoeffer |
Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License,
Version 1.2 or any later version published by the Free Software Foundation.