Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

- WINSETUP: Change the custom action descriptions for those custom 

actions that deal with user rights and privileges and user
        accounts.
    - WINSETUP: Add some basic benchmarking code for user rights and
        privileges

    win_build/installerv2/redist/Windows/src/boinccas/
        CACreateBOINCAccounts.cpp
        CACreateBOINCGroups.cpp
        CAGrantBOINCAdminsRights.cpp
        CAGrantBOINCMasterRights.cpp
        CAGrantBOINCProjectRights.cpp
        CAGrantBOINCProjectsRights.cpp
        CAGrantBOINCUsersRights.cpp
        CAMigrateBOINCData.cpp

svn path=/trunk/boinc/; revision=15546
This commit is contained in:
Rom Walton 2008-07-03 18:37:20 +00:00
parent 9299d34c20
commit 288c0df997
9 changed files with 146 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
checkin_notes
View File

@ -5425,3 +5425,20 @@ David 2 July 2008
sched/
server_types.C
Rom 3 July 2008
- WINSETUP: Change the custom action descriptions for those custom
actions that deal with user rights and privileges and user
accounts.
- WINSETUP: Add some basic benchmarking code for user rights and
privileges
win_build/installerv2/redist/Windows/src/boinccas/
CACreateBOINCAccounts.cpp
CACreateBOINCGroups.cpp
CAGrantBOINCAdminsRights.cpp
CAGrantBOINCMasterRights.cpp
CAGrantBOINCProjectRights.cpp
CAGrantBOINCProjectsRights.cpp
CAGrantBOINCUsersRights.cpp
CAMigrateBOINCData.cpp

2
win_build/installerv2/redist/Windows/src/boinccas/CACreateBOINCAccounts.cpp
View File

@ -26,7 +26,7 @@
#define CUSTOMACTION_NAME _T("CACreateBOINCAccounts")
#define CUSTOMACTION_PROGRESSTITLE _T("Create user accounts used by BOINC for secure sandboxes")
#define CUSTOMACTION_PROGRESSTITLE _T("Validating user accounts used by BOINC for secure sandboxes")
/////////////////////////////////////////////////////////////////////

2
win_build/installerv2/redist/Windows/src/boinccas/CACreateBOINCGroups.cpp
View File

@ -25,7 +25,7 @@
#define CUSTOMACTION_NAME _T("CACreateBOINCGroups")
#define CUSTOMACTION_PROGRESSTITLE _T("Create user groups used by BOINC for secure sandboxes")
#define CUSTOMACTION_PROGRESSTITLE _T("Validating user groups used by BOINC for secure sandboxes")
/////////////////////////////////////////////////////////////////////

135
win_build/installerv2/redist/Windows/src/boinccas/CAGrantBOINCAdminsRights.cpp
View File

@ -25,7 +25,7 @@
#define CUSTOMACTION_NAME _T("CAGrantBOINCAdminsRights")
#define CUSTOMACTION_PROGRESSTITLE _T("Granting the BOINC Administrators required privileges")
#define CUSTOMACTION_PROGRESSTITLE _T("Validating the BOINC Administrators group privilege levels")
/////////////////////////////////////////////////////////////////////
@ -88,21 +88,56 @@ UINT CAGrantBOINCAdminsRights::OnExecution()
// most cases.
// User Rights
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeNetworkLogonRight' right."));
GrantUserRight(pSid, L"SeNetworkLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeRemoteInteractiveLogonRight' right."));
GrantUserRight(pSid, L"SeRemoteInteractiveLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeBatchLogonRight' right."));
GrantUserRight(pSid, L"SeBatchLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeInteractiveLogonRight' right."));
GrantUserRight(pSid, L"SeInteractiveLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeServiceLogonRight' right."));
GrantUserRight(pSid, L"SeServiceLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeDenyNetworkLogonRight' right."));
GrantUserRight(pSid, L"SeDenyNetworkLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeDenyInteractiveLogonRight' right."));
GrantUserRight(pSid, L"SeDenyInteractiveLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeDenyBatchLogonRight' right."));
GrantUserRight(pSid, L"SeDenyBatchLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeDenyServiceLogonRight' right."));
GrantUserRight(pSid, L"SeDenyServiceLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeDenyRemoteInteractiveLogonRight' right."));
GrantUserRight(pSid, L"SeDenyRemoteInteractiveLogonRight", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
// Privileges
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeTcbPrivilege' right."));
GrantUserRight(pSid, L"SeTcbPrivilege", FALSE);
GrantUserRight(pSid, L"SeMachineAccountPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeMachineAccountPrivilege' right."));
GrantUserRight(pSid, L"SeMachineAccountPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeIncreaseQuotaPrivilege' right."));
if (!GrantUserRight(pSid, L"SeIncreaseQuotaPrivilege", TRUE))
{
LogMessage(
@ -114,9 +149,13 @@ UINT CAGrantBOINCAdminsRights::OnExecution()
_T("Failed call to GrantUserRight - SeIncreaseQuotaPrivilege")
);
}
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeBackupPrivilege' right."));
GrantUserRight(pSid, L"SeBackupPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeChangeNotifyPrivilege' right."));
if (!GrantUserRight(pSid, L"SeChangeNotifyPrivilege", TRUE))
{
LogMessage(
@ -128,11 +167,21 @@ UINT CAGrantBOINCAdminsRights::OnExecution()
_T("Failed call to GrantUserRight - SeChangeNotifyPrivilege")
);
}
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeSystemTimePrivilege' right."));
GrantUserRight(pSid, L"SeSystemTimePrivilege", FALSE);
GrantUserRight(pSid, L"SeCreateTokenPrivilege", FALSE);
GrantUserRight(pSid, L"SeCreatePagefilePrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeCreateTokenPrivilege' right."));
GrantUserRight(pSid, L"SeCreateTokenPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeCreatePagefilePrivilege' right."));
GrantUserRight(pSid, L"SeCreatePagefilePrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeCreateGlobalPrivilege' right."));
if (!GrantUserRight(pSid, L"SeCreateGlobalPrivilege", TRUE))
{
LogMessage(
@ -144,7 +193,9 @@ UINT CAGrantBOINCAdminsRights::OnExecution()
_T("Failed call to GrantUserRight - SeCreateGlobalPrivilege")
);
}
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeDebugPrivilege' right."));
if (!GrantUserRight(pSid, L"SeDebugPrivilege", TRUE))
{
LogMessage(
@ -156,21 +207,61 @@ UINT CAGrantBOINCAdminsRights::OnExecution()
_T("Failed call to GrantUserRight - SeDebugPrivilege")
);
}
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeEnableDelegationPrivilege' right."));
GrantUserRight(pSid, L"SeEnableDelegationPrivilege", FALSE);
GrantUserRight(pSid, L"SeRemoteShutdownPrivilege", FALSE);
GrantUserRight(pSid, L"SeAuditPrivilege", FALSE);
GrantUserRight(pSid, L"SeImpersonatePrivilege", FALSE);
GrantUserRight(pSid, L"SeIncreaseBasePriorityPrivilege", FALSE);
GrantUserRight(pSid, L"SeLoadDriverPrivilege", FALSE);
GrantUserRight(pSid, L"SeLockMemoryPrivilege", FALSE);
GrantUserRight(pSid, L"SeSecurityPrivilege", FALSE);
GrantUserRight(pSid, L"SeSystemEnvironmentPrivilege", FALSE);
GrantUserRight(pSid, L"SeManageVolumePrivilege", FALSE);
GrantUserRight(pSid, L"SeProfileSingleProcessPrivilege", FALSE);
GrantUserRight(pSid, L"SeSystemProfilePrivilege", FALSE);
GrantUserRight(pSid, L"SeUndockPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeRemoteShutdownPrivilege' right."));
GrantUserRight(pSid, L"SeRemoteShutdownPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeAuditPrivilege' right."));
GrantUserRight(pSid, L"SeAuditPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeImpersonatePrivilege' right."));
GrantUserRight(pSid, L"SeImpersonatePrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeIncreaseBasePriorityPrivilege' right."));
GrantUserRight(pSid, L"SeIncreaseBasePriorityPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeLoadDriverPrivilege' right."));
GrantUserRight(pSid, L"SeLoadDriverPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeLockMemoryPrivilege' right."));
GrantUserRight(pSid, L"SeLockMemoryPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeSecurityPrivilege' right."));
GrantUserRight(pSid, L"SeSecurityPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeSystemEnvironmentPrivilege' right."));
GrantUserRight(pSid, L"SeSystemEnvironmentPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeManageVolumePrivilege' right."));
GrantUserRight(pSid, L"SeManageVolumePrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeProfileSingleProcessPrivilege' right."));
GrantUserRight(pSid, L"SeProfileSingleProcessPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeSystemProfilePrivilege' right."));
GrantUserRight(pSid, L"SeSystemProfilePrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeUndockPrivilege' right."));
GrantUserRight(pSid, L"SeUndockPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeAssignPrimaryTokenPrivilege' right."));
if (!GrantUserRight(pSid, L"SeAssignPrimaryTokenPrivilege", TRUE))
{
LogMessage(
@ -182,11 +273,23 @@ UINT CAGrantBOINCAdminsRights::OnExecution()
_T("Failed call to GrantUserRight - SeAssignPrimaryTokenPrivilege")
);
}
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeRestorePrivilege' right."));
GrantUserRight(pSid, L"SeRestorePrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeShutdownPrivilege' right."));
GrantUserRight(pSid, L"SeShutdownPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeSynchAgentPrivilege' right."));
GrantUserRight(pSid, L"SeSynchAgentPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Checking the 'SeTakeOwnershipPrivilege' right."));
GrantUserRight(pSid, L"SeTakeOwnershipPrivilege", FALSE);
LogMessage(INSTALLMESSAGE_INFO, NULL, NULL, NULL, NULL, _T("Check completed."));
}
else

2
win_build/installerv2/redist/Windows/src/boinccas/CAGrantBOINCMasterRights.cpp
View File

@ -25,7 +25,7 @@
#define CUSTOMACTION_NAME _T("CAGrantBOINCMasterRights")
#define CUSTOMACTION_PROGRESSTITLE _T("Granting the BOINC service user account required privileges")
#define CUSTOMACTION_PROGRESSTITLE _T("Validating BOINC Master's privileges")
/////////////////////////////////////////////////////////////////////

2
win_build/installerv2/redist/Windows/src/boinccas/CAGrantBOINCProjectRights.cpp
View File

@ -25,7 +25,7 @@
#define CUSTOMACTION_NAME _T("CAGrantBOINCProjectRights")
#define CUSTOMACTION_PROGRESSTITLE _T("Granting the BOINC Project user account required privileges")
#define CUSTOMACTION_PROGRESSTITLE _T("Validating BOINC Project's privileges")
/////////////////////////////////////////////////////////////////////

2
win_build/installerv2/redist/Windows/src/boinccas/CAGrantBOINCProjectsRights.cpp
View File

@ -25,7 +25,7 @@
#define CUSTOMACTION_NAME _T("CAGrantBOINCProjectsRights")
#define CUSTOMACTION_PROGRESSTITLE _T("Granting the BOINC Projects required privileges")
#define CUSTOMACTION_PROGRESSTITLE _T("Validating the BOINC Projects group privilege levels")
/////////////////////////////////////////////////////////////////////

2
win_build/installerv2/redist/Windows/src/boinccas/CAGrantBOINCUsersRights.cpp
View File

@ -25,7 +25,7 @@
#define CUSTOMACTION_NAME _T("CAGrantBOINCUsersRights")
#define CUSTOMACTION_PROGRESSTITLE _T("Granting the BOINC Users required privileges")
#define CUSTOMACTION_PROGRESSTITLE _T("Validating the BOINC Users group privilege levels")
/////////////////////////////////////////////////////////////////////

4
win_build/installerv2/redist/Windows/src/boinccas/CAMigrateBOINCData.cpp
View File

@ -332,10 +332,13 @@ UINT CAMigrateBOINCData::OnExecution()
tstring strDestinationClientStateFile;
tstring strRemove;
tstring strProductVersion;
tstring strWindowsDirectory;
tstring strWindowsSystemDirectory;
struct _stat buf;
ULONGLONG ullFileSize = 0;
ULONGLONG ullDirectorySize = 0;
ULONGLONG ullFreeDiskSpace = 0;
TCHAR szBuffer[2048];
UINT uiReturnValue = -1;
LogMessage(
@ -401,6 +404,7 @@ UINT CAMigrateBOINCData::OnExecution()
BOOL bDataDirExistsWithinInstallDir =
(BOOL)(tstring::npos != strFutureDataDirectory.find(strFutureInstallDirectory));
if ( bClientStateExists )
{
// If migration was done with a previous 6.x client then we don't need