Version 7 (modified by 17 years ago) (diff) | ,
---|
Client Setup Logic for 6.0 Clients
Major differences from version 5 are:
- Implements account-based sandboxing by creating unprivileged accounts for BOINC.
- It moves the BOINC data directory if needed, and BOINC executables are in a separate directory.
- User no longer selects install type.
This document describes the various changes to the installer including:
- User Accounts and Groups
- Data Directory
- Executables Directory
- User Interface Changes
- Custom Action Changes
User Accounts
Two user accounts will be created, one to execute boinc.exe, and one that boinc.exe can use to launch science applications.
NOTE: Including the computer name avoids name collisions when BOINC is installed on domain controllers.
Users:
boinc_<ComputerName> boinc_project_<ComputerName>
Both boinc_<ComputerName>
and boinc_project_<ComputerName>
will be setup so that their passwords never expire.
A file will be created by the installer in the BOINC data directory called client_init.xml which contains the username and base64 encoded password for boinc_project_<ComputerName>
. The first time the client starts up after install it will read the file and store an encrypted form of the data in a new file using CryptProtectData/CryptUnprotectData. After reading in the client_init.xml file it will be deleted.
Each time an installation occurs, both of the account passwords will be reset and a new randomly generated password will be used.
Groups:
boinc_administrators boinc_project
Each group will contain the following members:
boinc_administrators | Administrator <Installing User> boinc_<ComputerName>
|
boinc_project | boinc_project_<ComputerName>
|
Data Directory
All data, configuration files, and logs will be moved to the following default location:
Vista: C:\Users\All Users\BOINC 2000/XP: C:\Documents and Settings\All Users\Application Data\BOINC
Under BOINC there will be a 'projects' and 'slots' directory.
Directories will have the following permissions:
BOINC | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Deny All) |
BOINC\projects | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Modify, Read & Execute, List Folder Contents, Read, Write) |
BOINC\slots | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Modify, Read & Execute, List Folder Contents, Read, Write) |
Notes: What to do if an organization has disabled the 'Bypass Traverse Checking' user right for Everyone? See http://support.microsoft.com/kb/823659 for more details.
Executables Directory
Same location as the previous releases.
C:\Program Files\BOINC
Directory will have the following permissions:
BOINC | SYSTEM (Full Control) Administrators (Full Control) boinc_administrators (Modify, Read & Execute, List Folder Contents, Read, Write) boinc_projects (Deny All) |
User Interface
Welcome Screen
Same as before.
License Screen
Same as before.
Configuration Screen
Setup Type Button Group
Two radio buttons, graphics compatible installation and secure installation, will be displayed with the secure installation being the default.
The advanced configuration button will be disabled if the graphics compatible installation is selected.
Options
A checkbox will be displayed, Launch BOINC Manager at startup, which will be checked by default.
A checkbox will be displayed, Configure BOINC as my screensaver, which will be checked by default.
A button will be displayed, Advanced Configuration, which when pressed will save the current configuration options, and switch to the advanced configuration screen.
Advanced Configuration
This configuration page will allow the user to change the default data directory, the default executable directory, as well as which user accounts and passwords the installer will use to setup BOINC.
Confirmation Screen
Same as before.
Custom Actions
MSI Overview
High level MSI overview:
GUI BEGIN Welcome Screen License Agreement Configuration Screen (BOINC Screensaver, Launch BOINC Manager at Logon, Advanced Button) IF AdvancedButtonClicked Advanced Configuration Screen (Change Install Directory, Change Data Directory, Select which components to install) END IF Confirmation Screen GUI END EXEC BEGIN ... ... MSI: Copies extracted MSI to storage location ... MSI: Search for existing BOINC installation ... MSI: Validates installaton package ... CAValidateSetup CAShutdownBOINC CAShutdownBOINCManager CAShutdownBOINCManager95 CAShutdownBOINCScreensaver ... ... MSI: Remove older version if it exists ... CACleanupOldBinaries CAMigratex86x64 CAMigrateCPDNBBC CACreateBOINCAccounts (New in Version 6.0) CACreateBOINCGroups (New in Version 6.0) CAMigrateBOINCData (New in Version 6.0) ... ... MSI: Begin installation process ... MSI: Copy Files to installation directory ... MSI: Set Permissions installation directory ... MSI: Register Service ... MSI: Copy screensaver to screensaver installation directory ... MSI: Register Screensaver ... MSI: Start Services ... MSI: Register User ... MSI: Register Product ... MSI: Cleanup temporary files ... EXEC END