Comments (11)
Thank you for the feedback - this one is a bit challenging, even if keeping aside the headaches of Windows services in general.
Px can only run once you are logged in since it authenticates as the logged in user. If you want it to run as a service (which typically start before login), it means you need to setup the service with the user's credentials and that's a manual process. And it defeats the purpose of Px which is to not require any credential setup (and maintenance), unlike cNTLM and the like.
What we could build is a simple installer that creates a Px shortcut into the Windows Startup folder and also collect and setup px.ini during install instead of requiring manual copying and editing.
I'm curious what your thoughts are on such an installer and whether it will meet the needs of most users of Px.
from px.
Hey, thanks for your answer.
I'm not really a windows pro, but I had in mind that there was some options to start a service as a specific user.
Indeed I would not use it if it requires to specify credentials.
A simple installer with an option to add a shortcut in the windows startup folder would be something I use as it makes setuping new machines easier.
Not sure if it worth the trouble of making an installer... I know nothing about it.
from px.
Px can now add/remove an entry into the Windows registry to start on install. Please see if it meets your needs.
px --install
px --uninstall
You will need to have all settings specified in px.ini in order for this to work since no command line flags are saved in the registry. I'm currently working on the ability to --save all settings on the command line so you can create a px.ini with all custom settings without having to manually edit the file. E.g.
px --proxy=proxyserver:80 --port=3129 --noproxy=10...* --save
px --install
from px.
Just posted v0.3.0 so marking this as closed.
from px.
What about installing with nssm? Will that work?
I ask, because I am setting up px on a server where there's no login. A service account authenticated with AD will be used for "logon as" so I wonder if that will work?
from px.
I think this should be possible but I didn't go that far considering Px uses the credentials of the logged in user to authenticate with the proxy server. The fact that the user has already provided his login/pass to the OS on logging in, they don't need to type it in again for Px. This means if their password changes, Px does not care since the user would have to login with the new password.
To run Px as a service, you have to store the service account password in Windows services and it's still hard coded and if the password changes, you need to change it there. I was thinking you might as well use cNTLM but then just realized that it requires it's own copy of the login/pass in its ini file to work.
It appears there might be value in enabling Px to run pre-login. You would just update the service account password in Windows services and not have to update another copy of the password.
I think this could be handled with just documentation but having a --install-service
which abstracts everything would be nice.
from px.
Agreeed- if we can encapsulate it into --install-service
it would be pretty neat.
I have tried running px as a windows service via nssm; it just crashes at present:
px: Unexpected status SERVICE_STOPPED in response to START control.
from px.
I just tried via nssm and it worked nicely. Here's the steps I used:-
- Download and save
nssm
to a good directory - Download and setup Px per usual
- Start an admin console and run the following
nssm install Px c:\path\to\px.exe
nssm set Px ObjectName domain\username password
nssm start Px
Note I set this up and tested Px from the same system so I was logged in already. Let me know what you find.
Given installing a service requires admin access and the actual user/pass, I'd rather document this in the README than to add it as a command.
from px.
So I deleted the first nssm services and reinstalled it; now I can see the service starting but I have the following in debug-MainProcess.log:
Traceback (most recent call last):
File "px.py", line 1036, in <module>
File "px.py", line 784, in parsecli
File "px.py", line 996, in attachConsole
File "site-packages\psutil\__init__.py", line 721, in cmdline
File "site-packages\psutil\_pswindows.py", line 639, in wrapper
psutil.AccessDenied: psutil.AccessDenied (pid=636)
Any connections are refused with:
fatal: unable to access 'https://github.com/praeclarum/FuGetGallery.git/': Failed to connect to 127.
0.0.1 port 3128: Connection refused
from px.
It appears you are running px.py rather than the binary and an older version since line 996 is no longer related to attachConsole()
. Can you update to the latest? There were some fixes related to psutil.AccessDenied
.
from px.
Okay i'll give that a go, and will open new issue if I see any; thanks!
from px.
Related Issues (20)
- using domain names in the allow list HOT 1
- libcrypto-1_1.dll version 1.1.1q with vulnerabilites HOT 4
- px 0.8.4: PAC configuration seems to cause unstable behaviour HOT 4
- HTTP POST and PUT not working since data rewind is not supported HOT 1
- Unclear listen setting HOT 8
- px 0.9.0 - Windows: does not start as a background service anymore (openes a required console window) HOT 3
- px 0.9.0 - Windows: logging configuration inside px.ini file is ignored and no logging is produced HOT 3
- Thread safety of quickjs HOT 4
- px 0.9.0 responds with "URL malformed" on macOS HOT 6
- Version 0.9.0 with Linux doesn't Authenticate using Kerberos HOT 9
- proxy.pac: isInNet() & isResolvable() not working properly HOT 8
- How to download latest release via script HOT 2
- Embedded libcurl library does not support SPPI/SPNEGO/KERBEROS on v0.9.1 HOT 2
- Version 0.9.2 does not find px.ini in script folder HOT 5
- composer patches provoke error in mcurl.py: curl.xheaders is None but no check before loop
- v0.9.2 - px --install to launch px in background HOT 2
- v0.9.2 - px.ini created in the directory of process caller and not in the one of px.exe HOT 2
- sCHANNEL Native SSL for Px-Windows
- Step "Install tools" missing in build.sh in mode build (-b)
- NTLM proxy authentication failing
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from px.