Unable to determine permissions for Windows Container registry edit access

  docker, event-log, serilog, windows-container

Having issues with a brownfield application (asp .netcore) migrating to a windows container running on mcr.microsoft.com/dotnet/core/aspnet:3.1 accessing the registry.

Specifically, I’ve tried to run the application and make a call and I’m getting the below:

Caught exception while emitting to sink Serilog.Core.Sinks.RestrictedSink: System.Security.SecurityException: The source was not found, but some or all event logs could not be searched.  To create the source, you need permission to read all event logs to make sure that the new source name is unique.  Inaccessible logs: Security.
   at System.Diagnostics.EventLog.FindSourceRegistration(String source, String machineName, Boolean readOnly, Boolean wantToCreate)
   at System.Diagnostics.EventLog.SourceExists(String source, String machineName, Boolean wantToCreate)
   at System.Diagnostics.EventLogInternal.VerifyAndCreateSource(String sourceName, String currentMachineName)
   at System.Diagnostics.EventLogInternal.WriteEntry(String message, EventLogEntryType type, Int32 eventID, Int16 category, Byte[] rawData)
   at System.Diagnostics.EventLog.WriteEntry(String message, EventLogEntryType type, Int32 eventID)
   at Serilog.Sinks.EventLog.EventLogSink.Emit(LogEvent logEvent)
   at Serilog.Core.Sinks.RestrictedSink.Emit(LogEvent logEvent)
   at Serilog.Core.Sinks.SafeAggregateSink.Emit(LogEvent logEvent)

Initially I thought this to be an issue with missing sources so I tried to add in some keys the existing application expects on a server through the below,

RUN cmd.exe /k REG ADD "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetserviceseventlogApplicationblahblah.Api" 

However this did not appear to resolve the issue and I’m having a hell of a time determining how to give the appropriate permissions one would expect to req. from the initial message.

I know the application is running to a point as I’ve worked through remote DB connection errors and SSL request details to get to this point.

Source: Docker Questions

LEAVE A COMMENT