psutil.WindowsService.username()返回空白
[英]psutil.WindowsService.username() returns blank
问题描述
In my Win10 machine there a few services whose display name ends in "_5e11c". 
在我的Win10机器上有一些服务,其显示名称以“_5e11c”结尾。 Windows Services console says that all of them log on as Local System. Windows服务控制台表示所有这些都以本地系统身份登录。 However, for any of them psutil.WindowsService.username() gives an empty string and if I query the process with psutil.Process.username() I get the user I'm logged in as: 但是,对于其中任何一个,psutil.WindowsService.username()给出一个空字符串,如果我用psutil.Process.username()查询进程,我得到我登录的用户:
>>> import psutil
>>>
>>> s = psutil.win_service_get("OneSyncSvc_5e11c")
>>> s
<WindowsService(name='OneSyncSvc_5e11c', display_name='Sync Host_5e11c') at 2203559523440>
>>> p = psutil.Process(s.pid())
>>> p
<psutil.Process(pid=8348, name='svchost.exe') at 2203559523160>
>>> p.username()
'FOO_PC\\BAR_USER'
>>> s.username()
''
>>>
What's going on? 这是怎么回事?
1 个解决方案
解决方案1
3 已采纳 2017-10-19 02:12:29
The way psutil.WindowsService and psutil.Process work is slightly different, but one useful function they both share is as_dict() psutil.WindowsService和psutil.Process的工作方式略有不同,但它们共享的一个有用功能是as_dict()
Using this, the information I got was more verbose: 使用这个,我得到的信息更详细:
{'username': '', 'start_type': 'automatic', 'display_name': 'Sync
Host_11e740b', 'name': 'OneSyncSvc_11e740b', 'binpath': 'C:\\WINDOWS\\sy
stem32\\svchost.exe -k UnistackSvcGroup', 'pid': 6492, 'status': 'running',
'description': 'This service synchronizes mail, contacts, calendar and
various other user data. Mail and other applications dependent on
this functionality will not work properly when this service is
not running.'}
I saw that svchost had it running from the UnistackSvcGroup, so I opened task manager to find it and saw these other services listed under the same group 我看到svchost让它从UnistackSvcGroup运行,所以我打开任务管理器找到它并看到同一组下列出的其他服务
If you check the username for anything running under the UnistackSvcGroup, all of them return without a username. 如果您检查UnistackSvcGroup下运行的任何内容的用户名,则所有用户都返回时没有用户名。
Using the shared PID listed to check everything running under/attached to svchost, all services do not return a username. 使用列出的共享PID来检查在/ svchost下运行的所有内容,所有服务都不会返回用户名。 There's nothing wrong with your code. 您的代码没有任何问题。
The single process is tied to many services and is running under your account, but the services themselves are running from your system. 单个进程与许多服务绑定,并且在您的帐户下运行,但服务本身正在从您的系统运行。 That is why the services return no username while svchost, which attaches these services to your account, itself does. 这就是为什么服务没有返回用户名,而svchost将这些服务附加到您的帐户本身就是这样。
This is explained in the comments by @eryksun as well: 这在@eryksun的评论中也有解释:
""OneSyncSvc_*" is a new service type in Windows 10 -- a per-user service instance running in a shared process (ie SERVICE_USER_SERVICE | SERVICE_WIN32_SHARE_PROCESS | SERVICE_USERSERVICE_INSTANCE) as the user in the user's Session instead of running isolated in Session 0 as SYSTEM or a service account. It appears all service instances in the svchost process are suffixed with the same LUID (locally unique ID) “”OneSyncSvc_ *“是Windows 10中的一种新服务类型 - 在共享进程中运行的每用户服务实例(即SERVICE_USER_SERVICE | SERVICE_WIN32_SHARE_PROCESS | SERVICE_USERSERVICE_INSTANCE)作为用户会话中的用户而不是在会话0中作为SYSTEM运行隔离或者服务帐户。看来svchost进程中的所有服务实例都带有相同的LUID(本地唯一ID)
There's also a "OneSyncSvc" user-service template (ie SERVICE_USER_SERVICE | SERVICE_WIN32_SHARE_PROCESS) defined in "HKLM\\System\\CurrentControlSet\\Services". 在“HKLM \\ System \\ CurrentControlSet \\ Services”中定义了“OneSyncSvc”用户服务模板(即SERVICE_USER_SERVICE | SERVICE_WIN32_SHARE_PROCESS)。 You can query its config on the command line via sc qc OneSyncSvc " 您可以通过sc qc OneSyncSvc在命令行上查询其配置“
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.