[PATCH setup 0/2] Simplify setting group ownership of installed files

[PATCH setup 0/2] Simplify setting group ownership of installed files

[Jon Turney]

Jon Turney (2):
  Drop group change while running postinstall scripts
  Defer setting group until after All Users/Just For Me is chosen

 main.cc        |  2 +-
 postinstall.cc | 13 -------------
 root.cc        |  5 +++++
 win32.cc       | 13 ++-----------
 win32.h        |  2 +-
 5 files changed, 9 insertions(+), 26 deletions(-)

-- 
2.36.1

[PATCH setup 1/2] Drop group change while running postinstall scripts

[Jon Turney]

Drop group change while running postinstall scripts.  This was only for
the benefit of mkgroup/mkpasswd being run by the postinstall script,
which we don't do any more.
---
 postinstall.cc | 13 -------------
 win32.cc       |  6 +-----
 2 files changed, 1 insertion(+), 18 deletions(-)

diff --git a/postinstall.cc b/postinstall.cc
index e990f52..32bc401 100644
--- a/postinstall.cc
+++ b/postinstall.cc
@@ -249,11 +249,6 @@ do_postinstall_reflector (void *p)
     // Tell the postinstall results page the results string
     PostInstallResults.SetResultsString(s);
 
-    /* Revert primary group to admins group.  This allows to create all the
-       state files written by setup as admin group owned. */
-    if (root_scope == IDC_ROOT_SYSTEM)
-      nt_sec.setAdminGroup ();
-
     // Tell the progress page that we're done running scripts
     Progress.PostMessageNow (WM_APP_POSTINSTALL_THREAD_COMPLETE, 0,
                           s.empty() ? IDD_DESKTOP : IDD_POSTINSTALL);
@@ -268,14 +263,6 @@ static HANDLE context[2];
 void
 do_postinstall (HINSTANCE h, HWND owner)
 {
-  /* Switch back to original primary group.  Otherwise we end up with a
-     broken passwd entry for the current user.
-     FIXME: Unfortunately this has the unfortunate side-effect that *all*
-     files created via postinstall are group owned by the original primary
-     group of the user.  Find a way to avoid this at one point. */
-  if (root_scope == IDC_ROOT_SYSTEM)
-    nt_sec.resetPrimaryGroup ();
-
   context[0] = h;
   context[1] = owner;
 
diff --git a/win32.cc b/win32.cc
index 55072a9..62ae4eb 100644
--- a/win32.cc
+++ b/win32.cc
@@ -350,11 +350,7 @@ NTSecurity::setDefaultSecurity (bool isAdmin)
       NoteFailedAPI ("SetTokenInformation(owner)");
       return;
     }
-  /* Get original primary group.  The token's primary group will be reset
-     to the original group right before we call the postinstall scripts.
-     This is necessary, otherwise, if the installing user is a domain user,
-     the group information created by the postinstall calls to `mkpasswd -c,
-     mkgroup -c' will be plain wrong. */
+  /* Get original primary group */
   if (!GetTokenInformation (token.theHANDLE (), TokenPrimaryGroup,
 			    &primaryGroupSID, sizeof primaryGroupSID, &size))
     {
-- 
2.36.1

[PATCH setup 2/2] Defer setting group until after All Users/Just For Me is chosen

[Jon Turney]

---
 main.cc  | 2 +-
 root.cc  | 5 +++++
 win32.cc | 7 +------
 win32.h  | 2 +-
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/main.cc b/main.cc
index 3a8c5ea..1cc8a0c 100644
--- a/main.cc
+++ b/main.cc
@@ -359,7 +359,7 @@ WinMain (HINSTANCE h,
       }
 
     /* Set default DACL and Group. */
-    nt_sec.setDefaultSecurity ((root_scope == IDC_ROOT_SYSTEM));
+    nt_sec.setDefaultSecurity ();
 
     /*
        If --symlink-type option isn't given, look for winsymlinks in CYGWIN
diff --git a/root.cc b/root.cc
index 1723a53..9f072d7 100644
--- a/root.cc
+++ b/root.cc
@@ -297,6 +297,11 @@ RootPage::OnNext ()
   Log (LOG_PLAIN) << "root: " << get_root_dir ()
     << (root_scope == IDC_ROOT_USER ? " user" : " system") << endLog;
 
+  if (root_scope == IDC_ROOT_SYSTEM)
+    nt_sec.setAdminGroup ();
+  else
+    nt_sec.resetPrimaryGroup ();
+
   return 0;
 }
 
diff --git a/win32.cc b/win32.cc
index 62ae4eb..ea3d53a 100644
--- a/win32.cc
+++ b/win32.cc
@@ -308,7 +308,7 @@ NTSecurity::setAdminGroup ()
 }
 
 void
-NTSecurity::setDefaultSecurity (bool isAdmin)
+NTSecurity::setDefaultSecurity ()
 {
   /* Get the processes access token. */
   if (!OpenProcessToken (GetCurrentProcess (),
@@ -358,11 +358,6 @@ NTSecurity::setDefaultSecurity (bool isAdmin)
       primaryGroupSID.pgrp.PrimaryGroup = (PSID) NULL;
     }
   groupSID = primaryGroupSID.pgrp.PrimaryGroup;
-  /* Try to set the primary group to the Administrators group, but only if
-     "Install for all users" has been chosen.  If it doesn't work, we're
-     no admin and that's all there's to say about it. */
-  if (isAdmin)
-    setAdminGroup ();
 }
 
 bool
diff --git a/win32.h b/win32.h
index 02c1d06..bf3ff10 100644
--- a/win32.h
+++ b/win32.h
@@ -130,7 +130,7 @@ public:
   void resetPrimaryGroup();
   void setAdminGroup ();
   void initialiseWellKnownSIDs ();
-  void setDefaultSecurity(bool isAdmin);
+  void setDefaultSecurity ();
   bool isRunAsAdmin ();
   bool hasSymlinkCreationRights ();
 private:
-- 
2.36.1

Re: [PATCH setup 0/2] Simplify setting group ownership of installed files

[Christian Franke]

[-- Attachment #1: Type: text/plain, Size: 792 bytes --]

Jon Turney wrote:
> Jon Turney (2):
>    Drop group change while running postinstall scripts
>    Defer setting group until after All Users/Just For Me is chosen
>
>   main.cc        |  2 +-
>   postinstall.cc | 13 -------------
>   root.cc        |  5 +++++
>   win32.cc       | 13 ++-----------
>   win32.h        |  2 +-
>   5 files changed, 9 insertions(+), 26 deletions(-)
>

Works for me as expected. Primary group of dirs/files of "All Users" 
installed files are now local administrator (like before Feb 2012), 
including those generated by postinstall scripts (new behavior).

As already mentioned in the '--no-write-registry' thread, "Just me" 
installs only work with non-elevated user and '-B' option. Attached is a 
temporary patch I used to log changes of root_scope variable.


[-- Attachment #2: log-root_scope-changes.patch --]
[-- Type: text/plain, Size: 962 bytes --]

diff --git a/state.cc b/state.cc
index 111b890..b4e3410 100644
--- a/state.cc
+++ b/state.cc
@@ -24,7 +24,7 @@ int source;
 
 std::string local_dir;
 
-int root_scope;
+root_scope_holder root_scope;
 int root_menu;
 int root_desktop;
 
diff --git a/state.h b/state.h
index b211de3..c561ea5 100644
--- a/state.h
+++ b/state.h
@@ -32,6 +32,7 @@
  */
 
 #include <string>
+#include "LogSingleton.h"
 
 enum attend_mode { attended = 0, unattended, chooseronly };
 extern enum attend_mode unattended_mode;
@@ -42,7 +43,22 @@ extern int source;
 extern std::string local_dir;
 
 extern int root_text;
-extern int root_scope;
+
+class root_scope_holder
+{
+public:
+  void operator=(int v) {
+    int old = val;
+    val = v;
+    Log(LOG_TIMESTAMP) << "root_scope: " << old << " -> " << v << endLog;
+  }
+  operator int() const { return val; }
+private:
+  int val = 0;
+};
+
+extern root_scope_holder root_scope;
+
 extern int root_menu;
 extern int root_desktop;