Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes#17 - Update win_audit_rule.ps1 #308

Merged
merged 2 commits into from
Oct 11, 2021
Merged

Fixes#17 - Update win_audit_rule.ps1 #308

merged 2 commits into from
Oct 11, 2021

Conversation

Devsica
Copy link
Contributor

@Devsica Devsica commented Oct 8, 2021
edited by jborean93
Loading

SUMMARY

Fixes: #17
win_audit_rule reports unhandled exception when changing audit rule on a protected OS file.

Added "Force" parameter to permit access at hidden items, like protected OS file.

Microsoft documentation:
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-item?view=powershell-5.1
Indicates that this cmdlet gets items that can't otherwise be accessed, such as hidden items. Implementation varies from provider to provider. For more information, see about_Providers. Even using the Force parameter, the cmdlet can't override security restrictions.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

module win_audit_rule

ADDITIONAL INFORMATION
PS C:\Windows\System32> $path = "C:\bootmgr"
PS C:\Windows\System32> $ItemType = (Get-Item $path).GetType()
Get-Item : Could not find item C:\bootmgr.
At line:1 char:14
+ $ItemType = (Get-Item $path).GetType()
+              ~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\bootmgr:String) [Get-Item], IOException
    + FullyQualifiedErrorId : ItemNotFound,Microsoft.PowerShell.Commands.GetItemCommand

You cannot call a method on a null-valued expression.
At line:1 char:1
+ $ItemType = (Get-Item $path).GetType()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

PS C:\Windows\System32> $ItemType = (Get-Item $path -Force).GetType()
PS C:\Windows\System32> $ItemType

IsPublic IsSerial Name                                     BaseType
-------- -------- ----                                     --------
True     True     FileInfo                                 System.IO.FileSystemInfo

@jborean93
Copy link
Collaborator

Thanks for the fix, I've pushed a commit that adds a changelog fragment but the change looks fine to me.

@jborean93 jborean93 merged commit 48dfbf5 into ansible-collections:main Oct 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

win_audit_rule reports unhandled exception when changing audit rule on a protected OS file
2 participants
@Devsica @jborean93