This repository has been archived by the owner on Jul 28, 2023. It is now read-only.
Issue: Appsody on Windows: required permissions on ~/AppData #122
Comments
|
The first part of this was fixed with appsody issue... The power shell suggestions can be handled via a new feature request |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Appsody Stack Validate is failing
Setup:
-Appsody installation folder: c:\cda\cp4app\Appsody which was added to the User profile path
Besides permissions needed for folders specified in the appsody installation guidance (https://appsody.dev/docs/docker-windows-aad/):
I found that appsody stack validation process creates (run) want's to use also the folder: %USERPROFILE%.AppData\Local\Temp
I tried to set the user and system temp and tmp variable to something like c:\temp but selection of the Temp folder seems not related to the temp or tmp variable.
Digging deeper I figured out that the DockerHost account need full permission at the %USERPROFILE%.AppData\Local\Temp. Moreover, assignment of full permissions to this Temp folder is not enough. Based on many tries i figured it out that the %USERPROFILE%.AppData*Local* folder should have minimum "Traverse folder /execute file" and "List folder /read data" for that folder only (not files and subfolders). More interestingly is such permissions were not enough for %USERPROFILE%*.AppData* folder which actually needed Full permissions for the DockerHost account.
While playing around with permissions on AppData is not very smart and I would say also net really recommended could you review and see if this location could be avoid and used some more appropriate temporary location.
###########################
In addition, all the commands provided (or appsody-setup.bat file in within the appsody installation packate) are for windows cmd command prompt, while I thing PowerShell command prompt suppose to be more native to Docker Desktop. Hence, the commands more friendly to PowerShell where variable form like %VARIABLE% are not supported.
for creating variables instead of
set VARIABLE=somethingperhaps[System.Environment]::SetEnvironmentVariable('VARIABLE', 'something' , 'User')for User or[System.Environment]::SetEnvironmentVariable('VARIABLE', 'something' , 'Machine')for System variable could be usedand
[System.Environment]::SetEnvironmentVariable('Path',$([System.Environment]::GetEnvironmentVariable('Path','User')+ $pwd +'\;'), 'User')for appending current folder to the User environment path variable.for creating folder in the user profile, instead of:
mkdir "%USERPROFILE%\.appsody\repository"themkdir "$Env:USERPROFILE/.appsody/repository"could be consideredor for assigning for assigning permissions Instead of:
icacls "%USERPROFILE%\.appsody" /grant %DOCKER_SHARED_DRIVE_USER%:(OI)(CI)Fperhapsicacls "$Env:USERPROFILE/.appsody" /grant "DockerHost:(OI)(CI)F"would make sense in the PowerShell command prompt.The text was updated successfully, but these errors were encountered: