Version 1 (modified by 18 years ago) (diff) | ,
---|
Client Setup Logic for 6.0 Clients
Starting with the 6.0 client release the service-mode install type will be the only supported install type. We expect to receive the following benefits:
- Simplified installation experience.
- Increased security.
- Increased stability for project applications.
- Graphics available for all users, instead of just the first user to login.
NOTE: Windows9x will continue to be treated as a single-user install.
High level MSI overview:
GUI BEGIN Welcome Screen License Agreement Configuration Screen (BOINC Screensaver, Launch BOINC Manager at Logon, Advanced Button) IF AdvancedButtonClicked Advanced Configuration Screen (Change Install Directory, Change Data Directory, Select which components to install) END IF Confirmation Screen GUI END EXEC BEGIN ... ... MSI: Copies extracted MSI to storage location ... MSI: Search for existing BOINC installation ... MSI: Validates installaton package ... CAValidateSetupType CAValidateServiceAccount CAShutdownBOINC CAShutdownBOINCManager CAShutdownBOINCManager95 CAShutdownBOINCScreensaver ... ... MSI: Remove older version if it exists ... CACleanupOldBinaries CAMigratex86x64 CAMigrateCPDNBBC CACreateBOINCAccounts (New in Version 6.0) CACreateBOINCGroups (New in Version 6.0) CAMigrateBOINCData (New in Version 6.0) ... ... MSI: Begin installation process ... MSI: Copy Files to installation directory ... MSI: Set Permissions installation directory ... MSI: Register Service ... MSI: Copy screensaver to screensaver installation directory ... MSI: Register Screensaver ... CACreateBOINCManagerLaunchScript ... ... MSI: Start Services ... MSI: Register User ... MSI: Register Product ... MSI: Cleanup temporary files ... EXEC END
User Accounts
Two user accounts will be created, one to execute boinc.exe, and one that boinc.exe can use to launch science applications.
NOTE: Including the computer name avoids name collisions when BOINC is installed on domain controllers.
Users:
boinc_<ComputerName> boinc_project_<ComputerName>
Both boinc_<ComputerName>
and boinc_project_<ComputerName>
should be setup so that their passwords never expire.
A file should be dropped in the BOINC data directory called client_init.xml which contains the username and base64 encoded password for boinc_project_<ComputerName>
. The first time the client starts up after install it should read the file and store an encrypted form of the data in the state file using CryptProtectData/CryptUnprotectData. After reading in the client_init.xml file it should be deleted.
Groups:
boinc_administrators boinc_project
Each group will contain the following members:
boinc_administrators | Administrator <Installing User> boinc_<ComputerName>
|
boinc_project | boinc_project_<ComputerName>
|
Guests | boinc_project_<ComputerName>
|
Data Directory
All data, configuration files, and logs will be moved to the following default location:
Vista: C:\Users\All Users\BOINC 2000/XP: C:\Documents and Settings\All Users\Application Data\BOINC
Under BOINC there will be a 'projects' and 'slots' directory.
Directories will have the following permissions:
BOINC | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Deny All) |
BOINC\projects | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Modify, Read & Execute, List Folder Contents, Read, Write) |
BOINC\slots | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Modify, Read & Execute, List Folder Contents, Read, Write) |
Notes: What to do if an organization has disabled the 'Bypass Traverse Checking' user right for Everyone? See http://support.microsoft.com/kb/823659 for more details.
Executables Directory
Same location as the previous releases.
C:\Program Files\BOINC
Directory will have the following permissions:
BOINC | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Deny All) |
Additional Notes
Each time an installation occurs, both of the account passwords should be reset and a new randomly generated password should be used.