windows 你如何在 NSIS 中设置目录权限?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/116876/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do you set directory permissions in NSIS?
提问by Jay R.
I'm trying to build a Windows installer using Nullsoft Install System that requires installation by an Administrator. The installer makes a "logs" directory. Since regular users can run this application, that directory needs to be writable by regular users. How do I specify that all users should have permission to have write access to that directory in the NSIS script language?
我正在尝试使用需要管理员安装的 Nullsoft 安装系统来构建 Windows 安装程序。安装程序创建一个“日志”目录。由于普通用户可以运行此应用程序,因此该目录需要可由普通用户写入。我如何指定所有用户都应该拥有使用 NSIS 脚本语言对该目录进行写访问的权限?
I admit that this sounds a like a sort of bad idea, but the application is just an internal app used by only a few people on a private network. I just need the log files saved so that I can see why the app is broken if something bad happens. The users can't be made administrator.
我承认这听起来有点像坏主意,但该应用程序只是一个内部应用程序,只有少数人在专用网络上使用。我只需要保存日志文件,这样我就可以看到如果发生不好的事情,应用程序为什么会损坏。用户不能成为管理员。
采纳答案by Jay R.
Use the AccessControlplugin and then add this to the script, where the "logs" directory is in the install directory.
使用AccessControl插件,然后将其添加到脚本中,其中“logs”目录位于安装目录中。
AccessControl::GrantOnFile "$INSTDIR\logs" "(BU)" "FullAccess"
That gives full access to the folder for all users.
这为所有用户提供了对该文件夹的完全访问权限。
回答by user474708
AccessControl::GrantOnFile "<folder>" "(BU)" "FullAccess"didn't work for me on a Windows Server 2008 machine. Instead I had to use this one:
AccessControl::GrantOnFile "<folder>" "(BU)" "FullAccess"在 Windows Server 2008 机器上对我不起作用。相反,我不得不使用这个:
AccessControl::GrantOnFile "<folder>" "(S-1-5-32-545)" "FullAccess"
AccessControl::GrantOnFile "<folder>" "(S-1-5-32-545)" "FullAccess"
S-1-5-32-545 is equivalent to "Users" according to Microsoft Support: Well-known security identifiers in Windows operating systems.
根据Microsoft 支持:Windows 操作系统中的众所周知的安全标识符,S-1-5-32-545 相当于“用户” 。
回答by Sam Hasler
Instead of changing the permissions on directories under Program Files, why not put the logs in a location that is writeable by all users.
与其更改 Program Files 下目录的权限,不如将日志放在所有用户都可以写入的位置。
See the 4.9.7.7 SetShellVarContext section in your NSIS documentation. You can use it with $APPDATA to get the application data folder that is writeable for all users.
请参阅 NSIS 文档中的 4.9.7.7 SetShellVarContext 部分。您可以将它与 $APPDATA 一起使用来获取对所有用户都可写的应用程序数据文件夹。
回答by Mirhahil
It's an old issue now but as suggested by S?ren APPDATA directory is a nice way to do what you want, the thing is : Don't take user's personnal APPDATA but the "All Users" APPDATA dir! This way anyone will be able to access the log file ;-)
现在这是一个老问题,但正如 S?ren APPDATA 目录所建议的那样,这是一个很好的方式来做你想做的事,事情是:不要拿用户的个人 APPDATA 而是“所有用户”APPDATA 目录!这样任何人都可以访问日志文件;-)
Also, I read somewhere that using (BU) on the GrantOnFile is not working well with some systems (Win 7 x64 if I remember well), maybe you should use the SID "(S-1-5-32-545)" instead (it's the All Users' SID, this value is a constant on each Windows OS)
另外,我在某处读到在 GrantOnFile 上使用 (BU) 在某些系统上不能正常工作(如果我没记错的话,Win 7 x64),也许您应该使用 SID“(S-1-5-32-545)”代替(它是所有用户的 SID,这个值在每个 Windows 操作系统上都是一个常数)
回答by JesperE
Why not create a log-directory in the user's %APPDATA% directory? Do you really need to put all the logs in the install directory? Why?
为什么不在用户的 %APPDATA% 目录中创建一个日志目录?你真的需要把所有的日志都放在安装目录中吗?为什么?
