-
-
Notifications
You must be signed in to change notification settings - Fork 307
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
win: nsis installer changed SID of grass82.py #2605
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is a small change that seems fine to me. But I have not tested and I do not think this is covered by CI. So is should be tested on the build server.
But it should be fairly easy to change (back) if needed... We should wait for one successfull installer build and test before backporting though...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it seems ok, as @ninsbl suggested wait for the next build for merging PR
@@ -758,8 +758,8 @@ Section "GRASS" SecGRASS | |||
Push 'config_projshare = "$INSTDIR\share\proj"' ; string to replace whole line with | |||
Call ReplaceLineStr | |||
|
|||
;replace BU with numeric group name for local users | |||
AccessControl::SetOnFile "$INSTDIR\etc\grass@GRASS_VERSION_MAJOR@@GRASS_VERSION_MINOR@.py" "(S-1-5-32-545)" "GenericRead + GenericExecute" | |||
;replace BU with numeric group name for local users. Users S-1-5-32-545 does not work for Windows Enterprise. Try Authenticated Users S-1-5-11 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"Any user who accesses the system through a sign-in process has the Authenticated Users identity. This identity allows access to shared resources within the domain, such as files in a shared folder that should be accessible to all the workers in the organization. Membership is controlled by the operating system."
Attribute | Value |
---|---|
Well-known SID/RID | S-1-5-11 |
Object class | Foreign Security Principal |
The Authenticated Users group includes all users whose identities were authenticated when they logged on. This includes local user accounts as well as all domain user accounts from trusted domains.
The Guest account may not work with S-1-5-11 . Though this should not be a big issue.
to sum up, this PR looks good.
is this PR against main? if yes, I'll approve the PR.
In theory, this should fix 2603. On Windows 10 Professional , the permissions are correct. Will need to test on Windows 10 Enterprise