From bdad9ac1d3adf3ba1a8b6f7ce9d59e55ee26bae2 Mon Sep 17 00:00:00 2001 From: Zach Wasserman Date: Wed, 21 Sep 2022 11:39:26 -0700 Subject: [PATCH] Use Group SID on fleetctl on Windows (#7854) This is intended to allow packages to be built on localizations other than English. See #5065. Co-authored-by: Lucas Rodriguez --- changes/5065-fleetctl-package-language | 1 + orbit/pkg/packaging/windows.go | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 changes/5065-fleetctl-package-language diff --git a/changes/5065-fleetctl-package-language b/changes/5065-fleetctl-package-language new file mode 100644 index 0000000000..2fcc0897ec --- /dev/null +++ b/changes/5065-fleetctl-package-language @@ -0,0 +1 @@ +* Fix an error generating Windows packages with `fleetctl package` on non-English localizations of Windows. diff --git a/orbit/pkg/packaging/windows.go b/orbit/pkg/packaging/windows.go index 4225a38cbf..5e7217c750 100644 --- a/orbit/pkg/packaging/windows.go +++ b/orbit/pkg/packaging/windows.go @@ -92,9 +92,13 @@ func BuildMSI(opt Options) (string, error) { } if runtime.GOOS == "windows" { - // Explicitly grant read access, otherwise within the Docker container there are permissions - // errors. - out, err := exec.Command("icacls", tmpDir, "/grant", "everyone:R", "/t").CombinedOutput() + // Explicitly grant read access, otherwise within the Docker + // container there are permissions errors. + // "S-1-1-0" is the SID for the World/Everyone group + // (a group that includes all users). + out, err := exec.Command( + "icacls", tmpDir, "/grant", "*S-1-1-0:R", "/t", + ).CombinedOutput() if err != nil { fmt.Println(string(out)) return "", fmt.Errorf("icacls: %w", err)