On 28/08/2022 18:33, Christian Franke wrote:
As the 'root_scope' issues are now fixed, here a reworked and enhanced
(checkbox, setup.rc entry) version of the original patch from this thread.
With the new setting enabled, setup behaves like other install tools
when run elevated: The installation is then also protected against
accidental modifications by the current user.
owner:group assignments of newly installed dirs/files:
adm:adm -- "All Users", "[X] Change owner of newly installed files to
local Administrator"
usr:adm -- "All Users"
usr:def -- "Just Me"
(usr = user running setup, adm = S-1-5-32-544, def = S-1-5-21-*-513)
Thanks. When writing the change summary for the last RC, I wondered
what the file owner should be.
I guess my question is, if adm:adm ownership is correct, and expected
for consistency with other Windows installers, why not make that the
default? and then do we really need to provide the current behaviour as
an option, if it's "wrong".
An alternative for the UI would be a 3rd radio button ("All Users -
change owner of newly installed files to local Administrator"), but the
checkbox makes this addition IMO more obvious.
The new setup.rc setting 'root-scope' is only used to read the
chown_admin setting but this could be enhanced, e.g. warn user if
root_scope selection differs from previous setup run.
The drawback that files generated by postinstall scripts are still owned
by current user could be fixed with a perpetual postinstall script. I
could provide one for base-files package if desired.
Doesn't this mean that we are using the wrong user-context to run those
scripts?