diff --git a/providers/windows/process_windows.go b/providers/windows/process_windows.go index d987d158..062fa836 100644 --- a/providers/windows/process_windows.go +++ b/providers/windows/process_windows.go @@ -28,8 +28,9 @@ import ( "github.com/pkg/errors" syswin "golang.org/x/sys/windows" - "github.com/elastic/go-sysinfo/types" windows "github.com/elastic/go-windows" + + "github.com/elastic/go-sysinfo/types" ) var ( @@ -244,30 +245,34 @@ func (p *process) Info() (types.ProcessInfo, error) { func (p *process) User() (types.UserInfo, error) { handle, err := p.open() if err != nil { - return types.UserInfo{}, err + return types.UserInfo{}, errors.Wrap(err, "OpenProcess failed") } defer syscall.CloseHandle(handle) var accessToken syswin.Token - syswin.OpenProcessToken(syswin.Handle(handle), syscall.TOKEN_QUERY, &accessToken) + err = syswin.OpenProcessToken(syswin.Handle(handle), syscall.TOKEN_QUERY, &accessToken) + if err != nil { + return types.UserInfo{}, errors.Wrap(err, "OpenProcessToken failed") + } defer accessToken.Close() + tokenUser, err := accessToken.GetTokenUser() if err != nil { - return types.UserInfo{}, errors.Wrapf(err, "GetTokenUser failed for PID %v", p.pid) + return types.UserInfo{}, errors.Wrap(err, "GetTokenUser failed") } sid, err := tokenUser.User.Sid.String() if err != nil { - return types.UserInfo{}, errors.Wrapf(err, "failed to look up user SID for PID %v", p.pid) + return types.UserInfo{}, errors.Wrap(err, "failed to look up user SID") } tokenGroup, err := accessToken.GetTokenPrimaryGroup() if err != nil { - return types.UserInfo{}, errors.Wrapf(err, "GetTokenPrimaryGroup failed for PID %v", p.pid) + return types.UserInfo{}, errors.Wrap(err, "GetTokenPrimaryGroup failed") } gsid, err := tokenGroup.PrimaryGroup.String() if err != nil { - return types.UserInfo{}, errors.Wrapf(err, "failed to look up primary group SID for PID %v", p.pid) + return types.UserInfo{}, errors.Wrap(err, "failed to look up primary group SID") } return types.UserInfo{ diff --git a/types/process.go b/types/process.go index 3b06c1df..343f93f8 100644 --- a/types/process.go +++ b/types/process.go @@ -41,7 +41,8 @@ type ProcessInfo struct { type UserInfo struct { // Uid is the user ID. // On Linux and Darwin (macOS) this is the real user ID. - // On Windows, this is a security identifier (SID). + // On Windows, this is the security identifier (SID) of the + // user account of the process access token. Uid string `json:"uid"` // On Linux and Darwin (macOS) this is the effective user ID. @@ -54,7 +55,8 @@ type UserInfo struct { // Gid is the primary group ID. // On Linux and Darwin (macOS) this is the real group ID. - // On Windows, this is a security identifier (SID). + // On Windows, this is the security identifier (SID) of the + // primary group of the process access token. Gid string `json:"gid"` // On Linux and Darwin (macOS) this is the effective group ID.