Enable Windows services to run as a different user (CHEF-4921). This adds :run_as_user andcdoherty-enhance-win-service

:run_as_password attributes to the windows_service resource. If a logon user is specified,
the resource will (on every run) grant the logon-as-service privilege to that user, using
secedit.exe.

1 files changed, 8 insertions, 2 deletions

diff --git a/lib/chef/application/windows_service_manager.rb b/lib/chef/application/windows_service_manager.rb
index 30810c51f2..de8ed657c2 100644
--- a/lib/chef/application/windows_service_manager.rb
+++ b/lib/chef/application/windows_service_manager.rb
@@ -16,7 +16,9 @@
 # limitations under the License.
 #
 
-require 'win32/service'
+if RUBY_PLATFORM =~ /mswin|mingw32|windows/
+  require 'win32/service'
+end
 require 'chef/config'
 require 'mixlib/cli'
 
@@ -88,6 +90,8 @@ class Chef
         @service_display_name = service_options[:service_display_name]
         @service_description = service_options[:service_description]
         @service_file_path = service_options[:service_file_path]
+        @service_start_name = service_options[:run_as_user]
+        @password = service_options[:run_as_password]
       end
 
       def run(params = ARGV)
@@ -116,7 +120,9 @@ class Chef
                                  # and we don't want that, so we need to override the service type.
                                  :service_type     => ::Win32::Service::SERVICE_WIN32_OWN_PROCESS,
                                  :start_type       => ::Win32::Service::SERVICE_AUTO_START,
-                                 :binary_path_name => cmd
+                                 :binary_path_name => cmd,
+                                 :service_start_name => @service_start_name,
+                                 :password => @password,
                                  )
             puts "Service '#{@service_name}' has successfully been installed."
           end