wiki:ClientSetupLogicWinSix

Version 1 (modified by romw, 18 years ago) (diff)

--

Client Setup Logic for 6.0 Clients

Starting with the 6.0 client release the service-mode install type will be the only supported install type. We expect to receive the following benefits:

  • Simplified installation experience.
  • Increased security.
  • Increased stability for project applications.
  • Graphics available for all users, instead of just the first user to login.

NOTE: Windows9x will continue to be treated as a single-user install.

High level MSI overview:

GUI BEGIN
    Welcome Screen
    License Agreement
    Configuration Screen (BOINC Screensaver, Launch BOINC Manager at Logon, Advanced Button)
    IF AdvancedButtonClicked
        Advanced Configuration Screen (Change Install Directory, Change Data Directory, Select which components to install)
    END IF
    Confirmation Screen
GUI END



EXEC BEGIN
    ...
    ... MSI: Copies extracted MSI to storage location
    ... MSI: Search for existing BOINC installation
    ... MSI: Validates installaton package
    ...
    CAValidateSetupType
    CAValidateServiceAccount
    CAShutdownBOINC
    CAShutdownBOINCManager
    CAShutdownBOINCManager95
    CAShutdownBOINCScreensaver
    ...
    ... MSI: Remove older version if it exists
    ...
    CACleanupOldBinaries
    CAMigratex86x64
    CAMigrateCPDNBBC
    CACreateBOINCAccounts (New in Version 6.0)
    CACreateBOINCGroups (New in Version 6.0)
    CAMigrateBOINCData (New in Version 6.0)
    ...
    ... MSI: Begin installation process
    ... MSI: Copy Files to installation directory
    ... MSI: Set Permissions installation directory
    ... MSI: Register Service
    ... MSI: Copy screensaver to screensaver installation directory
    ... MSI: Register Screensaver
    ...
    CACreateBOINCManagerLaunchScript
    ...
    ... MSI: Start Services
    ... MSI: Register User
    ... MSI: Register Product
    ... MSI: Cleanup temporary files
    ... 
EXEC END

User Accounts

Two user accounts will be created, one to execute boinc.exe, and one that boinc.exe can use to launch science applications.

NOTE: Including the computer name avoids name collisions when BOINC is installed on domain controllers.

Users:

boinc_<ComputerName>
boinc_project_<ComputerName>

Both boinc_<ComputerName> and boinc_project_<ComputerName> should be setup so that their passwords never expire.

A file should be dropped in the BOINC data directory called client_init.xml which contains the username and base64 encoded password for boinc_project_<ComputerName>. The first time the client starts up after install it should read the file and store an encrypted form of the data in the state file using CryptProtectData/CryptUnprotectData. After reading in the client_init.xml file it should be deleted.

Groups:

boinc_administrators
boinc_project

Each group will contain the following members:

boinc_administrators Administrator
<Installing User>
boinc_<ComputerName>
boinc_project boinc_project_<ComputerName>
Guests boinc_project_<ComputerName>

Data Directory

All data, configuration files, and logs will be moved to the following default location:

Vista:
C:\Users\All Users\BOINC

2000/XP:
C:\Documents and Settings\All Users\Application Data\BOINC

Under BOINC there will be a 'projects' and 'slots' directory.

Directories will have the following permissions:

BOINC SYSTEM (Full Control)
Administrators (Full Control)
boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write)
boinc_projects (Deny All)
BOINC\projects SYSTEM (Full Control)
Administrators (Full Control)
boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write)
boinc_projects (Modify, Read & Execute, List Folder Contents, Read, Write)
BOINC\slots SYSTEM (Full Control)
Administrators (Full Control)
boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write)
boinc_projects (Modify, Read & Execute, List Folder Contents, Read, Write)

Notes: What to do if an organization has disabled the 'Bypass Traverse Checking' user right for Everyone? See http://support.microsoft.com/kb/823659 for more details.

Executables Directory

Same location as the previous releases.

C:\Program Files\BOINC

Directory will have the following permissions:

BOINC SYSTEM (Full Control)
Administrators (Full Control)
boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write)
boinc_projects (Deny All)

Additional Notes

Each time an installation occurs, both of the account passwords should be reset and a new randomly generated password should be used.