Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Wix: Set permission of a folder within the installfolder using permissionEx

I'm creating an installer for an ASP.NET MVC web app using Wix, and I need to set a write permissions for the IIS_WPG on a particular folder in the site. I found an example (I think, still haven't got it working) of how to do this with cacls.exe:

<CustomAction Id="PermissionAppData" Directory="TARGETDIR" 
  ExeCommand="&quot;[SystemFolder]cacls.exe&quot; 
  &quot;[INSTALLDIR]\Content\uploads&quot; 
  /T /E /G IIS_WPG:M" Return="check" />

However, I've heard that PermissionEx is better as it modifies ACLs instead of overwriting, (although the /E modifier here claims to do the same?) so I'd prefer to use that if possible. The only examples I can find for PermissionEx set permissions on the install dir and all subfolders - I don't want to do that.

How do I use PermissionEx to modify the permissions on a single folder within my install folder?

UPDATE

Ok, here's what I've got so far - based on Yan's answer below and a bunch of other examples online

My folder structure....

<Fragment>
    <!-- Will default to C:\ if that is the main disk-->
    <Property Id="ROOTDRIVE"><![CDATA[C:\]]></Property>
    <Directory Id="TARGETDIR" Name="SourceDir">
        <!-- Will reference to C:\inetpub-->
        <Directory Id="INETPUB" Name="Inetpub">
            <!-- Will reference to c:\Inetpub\wwwroot-->
            <Directory Id="WWWROOT" Name="wwwroot">
                <!-- Will reference to c:\Inetpub\wwwroot\Demowebsite-->
                <Directory Id="INSTALLFOLDER" Name="DemoWebsite">
                    <Directory Id="CONTENT" Name="Content">         
                        <Directory Id="UPLOAD" Name="upload">
                        </Directory>         
                    </Directory>                                     
                </Directory>
            </Directory>
        </Directory>
    </Directory>
</Fragment>

Yan's suggestion

<Fragment>
    <DirectoryRef Id="UPLOAD">
      <Component Id="SetFolderPermissions" Guid="*">
        <CreateFolder>
           <util:PermissionEx GenericRead="yes" GenericExecute="yes" User="[SC_IUSR_USERNAME]" Domain="[SC_IUSR_DOMAIN]"/>
     <util:PermissionEx GenericRead="yes" GenericExecute="yes" GenericWrite="yes" Delete="yes" User="[SC_ASPNET_USERNAME]" Domain="[SC_ASPNET_DOMAIN]"/>
  </CreateFolder>
      </Component>
    </DirectoryRef>
</Fragment> 

This seems to do nothing. Permissions are not set for the IIS_IUSRS account. I've also tried this solution from trycatchfail

<Product>
    <!-- rest of product code removed for brevity -->
    <Property Id="WEBUSER" Value="Byah" />
    <Property Id="WEBDOMAIN" Value="Byah" />

    <CustomAction Id="SetWebuserIIS7" Return="check" Property="WEBUSER" Value="IIS_IUSRS" />
    <CustomAction Id="SetWebuserIIS6" Return="check" Property="WEBUSER" Value="IUSR_[ComputerName]" />
    <CustomAction Id="SetDomainIIS7" Return="check" Property="WEBDOMAIN" Value="" />
    <CustomAction Id="SetDomainIIS6" Return="check" Property="WEBDOMAIN" Value="[ComputerName]" />
</Product>

<Fragment>
  <DirectoryRef Id="UPLOAD">
  <Component Id="SetFolderPermissions" Guid="*">
    <CreateFolder>
      <util:PermissionEx User="NetworkService" GenericAll="yes" />
      <util:PermissionEx User="Administrators" GenericAll="yes" />
      <util:PermissionEx User="Users" GenericRead="yes" GenericExecute="yes"  />
      <util:PermissionEx User="[WEBUSER]" Domain="[WEBDOMAIN]"  GenericAll="yes" />
    </CreateFolder>
  </Component>
</DirectoryRef>
</Fragment> 
like image 648
roryok Avatar asked Mar 17 '23 14:03

roryok


1 Answers

Here is a plain sample:

<DirectoryRef Id="WebsiteFolder">
   <Component DiskId="1" Id="DummyComponentForPermissionsWebsite" Guid="{GUID-GOES-HERE}">
      <CreateFolder>
         <util:PermissionEx GenericRead="yes" GenericExecute="yes" User="[SC_IUSR_USERNAME]" Domain="[SC_IUSR_DOMAIN]"/>
         <util:PermissionEx GenericRead="yes" GenericExecute="yes" GenericWrite="yes" Delete="yes" User="[SC_ASPNET_USERNAME]" Domain="[SC_ASPNET_DOMAIN]"/>
      </CreateFolder>
   </Component>
</DirectoryRef>

And here's a quick explanation:

  • The sample above assumes there a <Directory> with Id="WebsiteFolder" defined somewhere
  • The <CreateFolder> element is required because there's no other elements in this component. You can easily add <util:PermissionEx> elements to other components, which contain files, registry values, etc.
  • The component above must be a part of a feature, of course
  • The root WiX element must have xmlns:util="http://schemas.microsoft.com/wix/UtilExtension" namespace referenced
  • You must reference WixUtilExtension during compilation
like image 50
Yan Sklyarenko Avatar answered Apr 26 '23 00:04

Yan Sklyarenko