win: nsis installer changed SID of grass82.py #2605
Conversation
There was a problem hiding this comment.
It is a small change that seems fine to me. But I have not tested and I do not think this is covered by CI. So is should be tested on the build server.
But it should be fairly easy to change (back) if needed... We should wait for one successfull installer build and test before backporting though...
| @@ -758,8 +758,8 @@ Section "GRASS" SecGRASS | |||
| Push 'config_projshare = "$INSTDIR\share\proj"' ; string to replace whole line with | |||
| Call ReplaceLineStr | |||
|
|
|||
| ;replace BU with numeric group name for local users | |||
| AccessControl::SetOnFile "$INSTDIR\etc\grass@GRASS_VERSION_MAJOR@@GRASS_VERSION_MINOR@.py" "(S-1-5-32-545)" "GenericRead + GenericExecute" | |||
| ;replace BU with numeric group name for local users. Users S-1-5-32-545 does not work for Windows Enterprise. Try Authenticated Users S-1-5-11 | |||
There was a problem hiding this comment.
"Any user who accesses the system through a sign-in process has the Authenticated Users identity. This identity allows access to shared resources within the domain, such as files in a shared folder that should be accessible to all the workers in the organization. Membership is controlled by the operating system."
| Attribute | Value |
|---|---|
| Well-known SID/RID | S-1-5-11 |
| Object class | Foreign Security Principal |
The Authenticated Users group includes all users whose identities were authenticated when they logged on. This includes local user accounts as well as all domain user accounts from trusted domains.
The Guest account may not work with S-1-5-11 . Though this should not be a big issue.
to sum up, this PR looks good.
is this PR against main? if yes, I'll approve the PR.
wenzeslaus
changed the title
In theory, this should fix 2603. On Windows 10 Professional , the permissions are correct. Will need to test on Windows 10 Enterprise