[izpack-user] Permission issues on Windows7 with the ProgramData directory
1,772 views
Skip to first unread message
Vincent Massol
Jun 6, 2012, 12:09:38 PM6/6/12
to us...@izpack.codehaus.org
Hi guys,
Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
So far so good…
However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions…
If the user explicitly starts the app as Administrator it works fine of course but that's too complex to explain to my users.
Any idea of what I could do to make the install and execution work seamlessly?
I see 2 solutions:
* Don't execute the installer with admin privileges. However I think I need this to create the shortcuts and to install in the registry
* Execute my app with Admin privileges. However I don't see how I could force this in the shortcut spec for windows defined at http://izpack.org/documentation/desktop-shortcuts.html
For reference here's my install.xml file:
https://gist.github.com/2882961
Thanks a lot for any help on this
-Vincent
---------------------------------------------------------------------
To unsubscribe from this list, please visit:
http://xircles.codehaus.org/manage_email
Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
So far so good…
However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions…
If the user explicitly starts the app as Administrator it works fine of course but that's too complex to explain to my users.
Any idea of what I could do to make the install and execution work seamlessly?
I see 2 solutions:
* Don't execute the installer with admin privileges. However I think I need this to create the shortcuts and to install in the registry
* Execute my app with Admin privileges. However I don't see how I could force this in the shortcut spec for windows defined at http://izpack.org/documentation/desktop-shortcuts.html
For reference here's my install.xml file:
https://gist.github.com/2882961
Thanks a lot for any help on this
-Vincent
---------------------------------------------------------------------
To unsubscribe from this list, please visit:
http://xircles.codehaus.org/manage_email
Torsten Stolpmann
Jun 6, 2012, 3:28:57 PM6/6/12
to us...@izpack.codehaus.org
Hi Vincent,
what we have done here is to leave out the run-priviledged tag, pack the
installer into an executable using launch4j and finally name the
executable xxx-Setup.exe.
This way Windows will ask for the elevation in any case (due to the file
name).
Hope this helps,
Torsten
On 06.06.2012 18:09, Vincent Massol wrote:
> Hi guys,
>
> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>
> So far so good�
what we have done here is to leave out the run-priviledged tag, pack the
installer into an executable using launch4j and finally name the
executable xxx-Setup.exe.
This way Windows will ask for the elevation in any case (due to the file
name).
Hope this helps,
Torsten
On 06.06.2012 18:09, Vincent Massol wrote:
> Hi guys,
>
> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>
>
> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>
> Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions�
> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>
Tim Anderson
Jun 6, 2012, 5:33:01 PM6/6/12
to us...@izpack.codehaus.org
This came up not long ago:
http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
There's no support to specify that the target of a shortcut should be
run as administrator.
As a workaround, you could wrap your app in an exe using launch4j; this
will allow you to specify a manifest instructing windows to run the app
as administrator.
Take a look at
http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
which describes how this is done.
-Tim
On 7/06/2012 2:09 AM, Vincent Massol wrote:
> Hi guys,
>
> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>
> So far so good�
http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
There's no support to specify that the target of a shortcut should be
run as administrator.
As a workaround, you could wrap your app in an exe using launch4j; this
will allow you to specify a manifest instructing windows to run the app
as administrator.
Take a look at
http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
which describes how this is done.
-Tim
On 7/06/2012 2:09 AM, Vincent Massol wrote:
> Hi guys,
>
> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>
>
> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>
> Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions�
> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>
Julien Ponge
Jun 7, 2012, 4:22:11 AM6/7/12
to us...@izpack.codehaus.org
Not an easy case ;-)
You may also look at elevate.js, the script we use to elevate
permissions on Windows.
https://github.com/jponge/izpack/blob/master/izpack-util/src/main/resources/com/izforge/izpack/util/windows/elevate.js
Depending which way you go, you may take advantage of it to launch a
script with admin permissions, even if you don't launch IzPack with
elevated permissions.
- Julien
On Wed, Jun 6, 2012 at 11:33 PM, Tim Anderson <t...@netspace.net.au> wrote:
> This came up not long ago:
> http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>
> There's no support to specify that the target of a shortcut should be run as
> administrator.
> As a workaround, you could wrap your app in an exe using launch4j; this will
> allow you to specify a manifest instructing windows to run the app as
> administrator.
>
> Take a look at
> http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
> which describes how this is done.
>
> -Tim
>
>
> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>>
>> Hi guys,
>>
>> Since I'm installing on Windows7 I am separating what I'm installing in 2
>> parts: the binaries in Program Files and the data files that should be
>> written to in ProgramData.
>>
>> So far so good…
You may also look at elevate.js, the script we use to elevate
permissions on Windows.
https://github.com/jponge/izpack/blob/master/izpack-util/src/main/resources/com/izforge/izpack/util/windows/elevate.js
Depending which way you go, you may take advantage of it to launch a
script with admin permissions, even if you don't launch IzPack with
elevated permissions.
- Julien
On Wed, Jun 6, 2012 at 11:33 PM, Tim Anderson <t...@netspace.net.au> wrote:
> This came up not long ago:
> http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>
> There's no support to specify that the target of a shortcut should be run as
> administrator.
> As a workaround, you could wrap your app in an exe using launch4j; this will
> allow you to specify a manifest instructing windows to run the app as
> administrator.
>
> Take a look at
> http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
> which describes how this is done.
>
> -Tim
>
>
> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>>
>> Hi guys,
>>
>> Since I'm installing on Windows7 I am separating what I'm installing in 2
>> parts: the binaries in Program Files and the data files that should be
>> written to in ProgramData.
>>
>>
>> However the issue I'm facing is that the ipack-generated installer I have
>> runs with Admin privileges (<run-privileged
>> condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus
>> creates my directory in ProgramData with Administrator as the creator of it.
>>
>> Then when I start my application using the shortcut generated by my izpack
>> install it cannot write to my ProgramData dir since it doesn't have the
>> permissions…
>> However the issue I'm facing is that the ipack-generated installer I have
>> runs with Admin privileges (<run-privileged
>> condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus
>> creates my directory in ProgramData with Administrator as the creator of it.
>>
>> Then when I start my application using the shortcut generated by my izpack
>> install it cannot write to my ProgramData dir since it doesn't have the
Vincent Massol
Jun 7, 2012, 4:34:13 AM6/7/12
to us...@izpack.codehaus.org
Hi Torsten,
On Jun 6, 2012, at 9:28 PM, Torsten Stolpmann wrote:
> Hi Vincent,
>
> what we have done here is to leave out the run-priviledged tag, pack the installer into an executable using launch4j and finally name the executable xxx-Setup.exe.
>
> This way Windows will ask for the elevation in any case (due to the file name).
Thanks for your reply!
I'm actually using launch4j already and I have already tried this but it doesn't work for me.
Even if I remove the"run-privileged" from my install.xml the generated exe I get from launch4j has the little shield icon which means that when the installer is executed it will have the elevation and thus the directory I create in %PROGRAMDATA% belongs to Administrator and not to the user executing the installer.
Thus when the user executes the shortcut to start the app, the app cannot write in the %PROGRAMDATA% dir created by the administrator.
I'm curious to know you solved this. I also wonder why I get the shield, maybe launch4j automatically elevate privileges… FTR here's my launch4j script:
<launch4jConfig>
<headerType>gui</headerType>
<jar>${project.build.directory}/dependency/xwiki-enterprise-installer-generic-standard.jar</jar>
<outfile>${project.build.directory}/${pom.artifactId}-${pom.version}.exe</outfile>
<errTitle>XWiki Windows Installer</errTitle>
<customProcName>true</customProcName>
<icon>${project.build.directory}/classes/xe.ico</icon>
<jre>
<minVersion>1.5.0</minVersion>
</jre>
</launch4jConfig>
Thanks
-Vincent
> Hope this helps,
>
> Torsten
>
> On 06.06.2012 18:09, Vincent Massol wrote:
>> Hi guys,
>>
>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>
>> So far so good…
On Jun 6, 2012, at 9:28 PM, Torsten Stolpmann wrote:
> Hi Vincent,
>
> what we have done here is to leave out the run-priviledged tag, pack the installer into an executable using launch4j and finally name the executable xxx-Setup.exe.
>
> This way Windows will ask for the elevation in any case (due to the file name).
I'm actually using launch4j already and I have already tried this but it doesn't work for me.
Even if I remove the"run-privileged" from my install.xml the generated exe I get from launch4j has the little shield icon which means that when the installer is executed it will have the elevation and thus the directory I create in %PROGRAMDATA% belongs to Administrator and not to the user executing the installer.
Thus when the user executes the shortcut to start the app, the app cannot write in the %PROGRAMDATA% dir created by the administrator.
I'm curious to know you solved this. I also wonder why I get the shield, maybe launch4j automatically elevate privileges… FTR here's my launch4j script:
<launch4jConfig>
<headerType>gui</headerType>
<jar>${project.build.directory}/dependency/xwiki-enterprise-installer-generic-standard.jar</jar>
<outfile>${project.build.directory}/${pom.artifactId}-${pom.version}.exe</outfile>
<errTitle>XWiki Windows Installer</errTitle>
<customProcName>true</customProcName>
<icon>${project.build.directory}/classes/xe.ico</icon>
<jre>
<minVersion>1.5.0</minVersion>
</jre>
</launch4jConfig>
Thanks
-Vincent
> Hope this helps,
>
> Torsten
>
> On 06.06.2012 18:09, Vincent Massol wrote:
>> Hi guys,
>>
>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>
>>
>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>
>> Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions…
>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>
Vincent Massol
Jun 7, 2012, 4:40:22 AM6/7/12
to us...@izpack.codehaus.org
Hi Tim,
On Jun 6, 2012, at 11:33 PM, Tim Anderson wrote:
> This came up not long ago: http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>
> There's no support to specify that the target of a shortcut should be run as administrator.
> As a workaround, you could wrap your app in an exe using launch4j; this will allow you to specify a manifest instructing windows to run the app as administrator.
>
> Take a look at http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
> which describes how this is done.
This is cool. However for some unknown reason to me I already get permission elevation by launch4j even though I don't have a manifest (see my reply to Torsten).
Now I don't think this strategy will solve my problem since the elevation will happen anyway and the created dir in %PROGRAMDATA% will belong to Administrator which means the app will not be able to write to it (unless the users modifies the shortcut to run it as admin - which is probably not recommended anyway).
Thanks
-Vincent
> -Tim
>
> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>> Hi guys,
>>
>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>
>> So far so good…
On Jun 6, 2012, at 11:33 PM, Tim Anderson wrote:
> This came up not long ago: http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>
> There's no support to specify that the target of a shortcut should be run as administrator.
> As a workaround, you could wrap your app in an exe using launch4j; this will allow you to specify a manifest instructing windows to run the app as administrator.
>
> Take a look at http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
> which describes how this is done.
Now I don't think this strategy will solve my problem since the elevation will happen anyway and the created dir in %PROGRAMDATA% will belong to Administrator which means the app will not be able to write to it (unless the users modifies the shortcut to run it as admin - which is probably not recommended anyway).
Thanks
-Vincent
> -Tim
>
> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>> Hi guys,
>>
>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>
>>
>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>
>> Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions…
>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>
Tim Anderson
Jun 7, 2012, 5:04:18 AM6/7/12
to us...@izpack.codehaus.org
Just to recap to make sure I understand the prolem:
* Your installer creates the dir in %PROGRAMDATA% belonging to
Administrator.
* Your app is launched via a shortcut
* Your app can't write to the directory as its not launched as Administrator
My suggestion was to wrap the app as a .exe using launch4j. This way
you can configure it to run with elevated permissions.
These elevated permissions should enable the app to write to the dir in
%PROGRAMDATA%.
Is this not the case?
-Tim
On 7/06/2012 6:40 PM, Vincent Massol wrote:
> Hi Tim,
>
> On Jun 6, 2012, at 11:33 PM, Tim Anderson wrote:
>
>> This came up not long ago: http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>>
>> There's no support to specify that the target of a shortcut should be run as administrator.
>> As a workaround, you could wrap your app in an exe using launch4j; this will allow you to specify a manifest instructing windows to run the app as administrator.
>>
>> Take a look at http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
>> which describes how this is done.
> This is cool. However for some unknown reason to me I already get permission elevation by launch4j even though I don't have a manifest (see my reply to Torsten).
>
> Now I don't think this strategy will solve my problem since the elevation will happen anyway and the created dir in %PROGRAMDATA% will belong to Administrator which means the app will not be able to write to it (unless the users modifies the shortcut to run it as admin - which is probably not recommended anyway).
>
> Thanks
> -Vincent
>
>> -Tim
>>
>> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>>> Hi guys,
>>>
>>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>>
>>> So far so good�
* Your installer creates the dir in %PROGRAMDATA% belonging to
Administrator.
* Your app is launched via a shortcut
* Your app can't write to the directory as its not launched as Administrator
My suggestion was to wrap the app as a .exe using launch4j. This way
you can configure it to run with elevated permissions.
These elevated permissions should enable the app to write to the dir in
%PROGRAMDATA%.
Is this not the case?
-Tim
On 7/06/2012 6:40 PM, Vincent Massol wrote:
> Hi Tim,
>
> On Jun 6, 2012, at 11:33 PM, Tim Anderson wrote:
>
>> This came up not long ago: http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>>
>> There's no support to specify that the target of a shortcut should be run as administrator.
>> As a workaround, you could wrap your app in an exe using launch4j; this will allow you to specify a manifest instructing windows to run the app as administrator.
>>
>> Take a look at http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
>> which describes how this is done.
> This is cool. However for some unknown reason to me I already get permission elevation by launch4j even though I don't have a manifest (see my reply to Torsten).
>
> Now I don't think this strategy will solve my problem since the elevation will happen anyway and the created dir in %PROGRAMDATA% will belong to Administrator which means the app will not be able to write to it (unless the users modifies the shortcut to run it as admin - which is probably not recommended anyway).
>
> Thanks
> -Vincent
>
>> -Tim
>>
>> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>>> Hi guys,
>>>
>>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>>
>>>
>>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>>
>>> Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions�
>>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>>
Vincent Massol
Jun 7, 2012, 5:25:57 AM6/7/12
to us...@izpack.codehaus.org
Hi Tim,
On Jun 7, 2012, at 11:04 AM, Tim Anderson wrote:
> Just to recap to make sure I understand the prolem:
> * Your installer creates the dir in %PROGRAMDATA% belonging to Administrator.
correct
> * Your app is launched via a shortcut
correct (the shortcut is generated by the installer).
> * Your app can't write to the directory as its not launched as Administrator
correct
> My suggestion was to wrap the app as a .exe using launch4j. This way you can configure it to run with elevated permissions.
This is what I'm already doing.
> These elevated permissions should enable the app to write to the dir in %PROGRAMDATA%.
> Is this not the case?
Launch4j will generate an installer exe file. After it's executed you get your application installed and the shortcuts generated. When the user clicks on the shortcut he's logged with his current user and thus the app executes under his user and thus fail to write to %PROGRAMDATA%\XWiki
I'm starting to think that I should do things differently:
* Ask the user who installs XWiki (that's the app I'm creating an installer for) to be logged under the user he wishes to use to run XWiki.
* Instead of copying XWiki writable data to %PROGRAMDATA% use the %APPDATA% directory
* Use a ProcessPanel and run a script during the install to change the permission of the %APPDATA%\XWiki directory so that the current user can write to it (and not just administrator).
Is that way to go in your opinion?
Thanks
-Vincent
> -Tim
>
>
> On 7/06/2012 6:40 PM, Vincent Massol wrote:
>> Hi Tim,
>>
>> On Jun 6, 2012, at 11:33 PM, Tim Anderson wrote:
>>
>>> This came up not long ago: http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>>>
>>> There's no support to specify that the target of a shortcut should be run as administrator.
>>> As a workaround, you could wrap your app in an exe using launch4j; this will allow you to specify a manifest instructing windows to run the app as administrator.
>>>
>>> Take a look at http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
>>> which describes how this is done.
>> This is cool. However for some unknown reason to me I already get permission elevation by launch4j even though I don't have a manifest (see my reply to Torsten).
>>
>> Now I don't think this strategy will solve my problem since the elevation will happen anyway and the created dir in %PROGRAMDATA% will belong to Administrator which means the app will not be able to write to it (unless the users modifies the shortcut to run it as admin - which is probably not recommended anyway).
>>
>> Thanks
>> -Vincent
>>
>>> -Tim
>>>
>>> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>>>> Hi guys,
>>>>
>>>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>>>
>>>> So far so good…
On Jun 7, 2012, at 11:04 AM, Tim Anderson wrote:
> Just to recap to make sure I understand the prolem:
> * Your installer creates the dir in %PROGRAMDATA% belonging to Administrator.
> * Your app is launched via a shortcut
> * Your app can't write to the directory as its not launched as Administrator
> My suggestion was to wrap the app as a .exe using launch4j. This way you can configure it to run with elevated permissions.
> These elevated permissions should enable the app to write to the dir in %PROGRAMDATA%.
> Is this not the case?
I'm starting to think that I should do things differently:
* Ask the user who installs XWiki (that's the app I'm creating an installer for) to be logged under the user he wishes to use to run XWiki.
* Instead of copying XWiki writable data to %PROGRAMDATA% use the %APPDATA% directory
* Use a ProcessPanel and run a script during the install to change the permission of the %APPDATA%\XWiki directory so that the current user can write to it (and not just administrator).
Is that way to go in your opinion?
Thanks
-Vincent
> -Tim
>
>
> On 7/06/2012 6:40 PM, Vincent Massol wrote:
>> Hi Tim,
>>
>> On Jun 6, 2012, at 11:33 PM, Tim Anderson wrote:
>>
>>> This came up not long ago: http://old.nabble.com/%22Run-as-administrator%22-shortcut-property-td33506083.html
>>>
>>> There's no support to specify that the target of a shortcut should be run as administrator.
>>> As a workaround, you could wrap your app in an exe using launch4j; this will allow you to specify a manifest instructing windows to run the app as administrator.
>>>
>>> Take a look at http://stackoverflow.com/questions/258728/request-admin-privileges-for-java-app-on-windows-vista
>>> which describes how this is done.
>> This is cool. However for some unknown reason to me I already get permission elevation by launch4j even though I don't have a manifest (see my reply to Torsten).
>>
>> Now I don't think this strategy will solve my problem since the elevation will happen anyway and the created dir in %PROGRAMDATA% will belong to Administrator which means the app will not be able to write to it (unless the users modifies the shortcut to run it as admin - which is probably not recommended anyway).
>>
>> Thanks
>> -Vincent
>>
>>> -Tim
>>>
>>> On 7/06/2012 2:09 AM, Vincent Massol wrote:
>>>> Hi guys,
>>>>
>>>> Since I'm installing on Windows7 I am separating what I'm installing in 2 parts: the binaries in Program Files and the data files that should be written to in ProgramData.
>>>>
>>>>
>>>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>>>
>>>> Then when I start my application using the shortcut generated by my izpack install it cannot write to my ProgramData dir since it doesn't have the permissions…
>>>> However the issue I'm facing is that the ipack-generated installer I have runs with Admin privileges (<run-privileged condition="izpack.windowsinstall.vista|izpack.windowsinstall.7"/>) and thus creates my directory in ProgramData with Administrator as the creator of it.
>>>>
Vincent Massol
Jun 7, 2012, 5:51:20 AM6/7/12
to us...@izpack.codehaus.org
On Jun 7, 2012, at 11:25 AM, Vincent Massol wrote:
> Hi Tim,
>
> On Jun 7, 2012, at 11:04 AM, Tim Anderson wrote:
>
>> Just to recap to make sure I understand the prolem:
>> * Your installer creates the dir in %PROGRAMDATA% belonging to Administrator.
>
> correct
>
>> * Your app is launched via a shortcut
>
> correct (the shortcut is generated by the installer).
>
>> * Your app can't write to the directory as its not launched as Administrator
>
> correct
>
>> My suggestion was to wrap the app as a .exe using launch4j. This way you can configure it to run with elevated permissions.
>
> This is what I'm already doing.
>
>> These elevated permissions should enable the app to write to the dir in %PROGRAMDATA%.
>> Is this not the case?
>
> Launch4j will generate an installer exe file. After it's executed you get your application installed and the shortcuts generated. When the user clicks on the shortcut he's logged with his current user and thus the app executes under his user and thus fail to write to %PROGRAMDATA%\XWiki
>
> I'm starting to think that I should do things differently:
>
> * Ask the user who installs XWiki (that's the app I'm creating an installer for) to be logged under the user he wishes to use to run XWiki.
> * Instead of copying XWiki writable data to %PROGRAMDATA% use the %APPDATA% directory
> * Use a ProcessPanel and run a script during the install to change the permission of the %APPDATA%\XWiki directory so that the current user can write to it (and not just administrator).
Thanks
-Vincent
Reply all
Reply to author
Forward
0 new messages