How to make NSIS create a file in an %APPDATA% of another user?

Question

I wrote an NSIS installer script for postgresql 9.1. The installer works properly, but after the reboot, the service is not started (right after the install, the database started properly though)

I guess this is because the postgres service user has no pgpass.conf file in its %APPDATA%. As far as I understand my install script, the pgpass.conf file is added to the %APPDATA% of the user running the installer (an administrator account in my case). This will not help.

I tried the following, to add the pgpass.conf to all users, bt I guess this adds it to a kind of wildcard, not to the %APPDATA% of each user :

SetShellVarContext "all"
SetOutPath "$APPDATA\postgresql"
File config\pgpass.conf
SetShellVarContext "current"
SetOutPath "$APPDATA\postgresql"
File config\pgpass.conf

I couldn't find the macro name for c:/Users/postgres in the documentation. This could be a way to achieve it. But with WindowsXP, 7, I wish I need a portable way to address the /Users directory.

I wish I could use something like SetShellVarContext "postgres", and then have NSIS write the pgpass.conf file in c:\Users\postgres\AppData\postgresql.

Is there a way to do this ?

Thnk you !

Answer 1

There is no documented way to get a shell folder for another user without a token handle (And to get a token handle you need the users password, or if the user is logged in you can get their token if you are running as SYSTEM)

Then we move to undocumented territory; You can try this macro or build the path yourself with GetProfilesDirectory as the root.

Answer 2

SetShellVarContext ALL will give you the %programdata% location (in Win7) this is a different location than the %appdata% location (which is also gotten from the $APPDATA in NSIS. (Sym link makes them seem like they are the same.. but they are totally different Dir's!!!)

NSIS will change context from %APPDATA% to %PROGRAMDATA% depending on the SetShellVarContext all vs current switch. But still using the $APPDATA var.

so in short I am guessing that your file is going to the wrong location. I believe you just want to install as admin, but have local user of postgres to have an additional file pgpass.conf.

Set a variable depending on if its Win7 or WinXP because the paths of where you want to write to are all different.

To test just write your file to the location you know that the postgres user is!

StrCpy $WINVER_VAR "C:\Users\postgresql\AppData\Roaming" ;;or whatever based on OS
SetOutPath "$WINVER_VAR\postgresql"

OR better yet use the

File /oname=$WINVER_VAR\postgresql\pgpass.conf pgpass.conf

To just copy from installer to the location you want, and not have an additional unused copy in the admin's dir.

Note: in XP the %APPDATA% is in Documents & Settings... I don't remember the exact path. so you will have to verify!

To add to every user on the system... Look into "Locate plugin" or get a list of ALL users on the system, and do the same.

Answer 3

SID (security identifier) ​​is a security identifier that identifies a user account, groups, Domain or computer for Windows NT. The system operates with account SIDs, and not their profile usernames. SID is assigned to each account at the time of its creation so if you were to create an account again with the same name and password, the SID will, of course be different. The re-creation of an account will result in the generation of a new SID. They are unique, if you are picking up what I am laying down..

MACRO:

;=#
;= ${GETUSERSID} $0 "Username"
;       $0          = The returning SID value
;       "Username"  = The username of the account you wish the SID
;                   If the username is an empty value, then the SID of the
;                   current user will be given to $0.
!define GETUSERSID "!insertmacro _GETUSERSID"
!macro _GETUSERSID _RESULT _USER
      System::Store S
      StrCpy $0 ${_USER}
      StrCmp $0 "" 0 +2
      ExpandEnvStrings $0 "%USERNAME%"
      System::Call "*(&t1024)i.r1"
      System::Call "advapi32::LookupAccountName(tn,tr0,ir1,*i1024,tn,*i1024,*in)i.r0"
      IntCmp $0 1 0 +2 +2
      System::Call "advapi32::ConvertSidToStringSid(ir1,*t.s)"
      IntCmp $0 1 +2 0 0
      Push error
      System::Free $1
      System::Store L
      Pop "${_RESULT}"
!macroend

${GETUSERSID} $0 "Username"
MessageBox MB_ICONINFORMATION|MB_OK "User's SID:$\r$\n$$0 is holding $0" IDOK

Now here is an example of listing all the registered user accounts on a host PC:

System::Call "netapi32::NetQueryDisplayInformation(wn,i1,i0,i-1,i${NSIS_MAX_STRLEN},*i.R0,*i.R1)i.R4"
${If} $R4 = 0
    ${For} $R4 1 $R0
        System::Call "*$R1(i.R2,i.R3,i,w,i,i)"
        IntFmt "$R2" ${STR} $R2
        IntFmt "$R3" ${STR} $R3
        ${GetUserSID} "$R2" "$R5"
        IntOp $R1 $R1 + 24
        DetailPrint "-----------------"
        DetailPrint "Name: $R2"
        DetailPrint "SID: $R5"
        DetailPrint "$R3"
    ${Next}
    System::Call "netapi32::NetApiBufferFree(iR1)"
${EndIf}

Now I am not sure if this will work or not (premissions maybe, but then there is always ACL) but here is an example (if I understand your issue correctly) of implimenting what you are asking.

${GETUSERSID} $0 "postgres"
ReadRegStr $1 HKU "$0\Volatile Environment" "APPDATA"
DetailPrint "APPDATA: $1"
AccessControl::GrantOnFile $1 "USER" "ListDirectory + GenericRead + GenericExecute" 
AccessControl::EnableFileInheritance $1
SetOutPath "$1\postgresql"
File config\pgpass.conf

This was just a quick fix ..not even sure this will work but maybe a step in the right direction for you? Hope this helps!