From ed96e88c75f235c877186e6ac7d0ff6b6c57a1c6 Mon Sep 17 00:00:00 2001 From: Erik Baranowski <39704712+erikbaranowski@users.noreply.github.com> Date: Thu, 29 Feb 2024 15:02:56 -0500 Subject: [PATCH] Set permissions on the Grafana Agent [Flow] folder... (#6540) * Set permissions on the folder when installing via the windows installer rather than relying on the parent folder permissions. Signed-off-by: erikbaranowski <39704712+erikbaranowski@users.noreply.github.com> --------- Signed-off-by: erikbaranowski <39704712+erikbaranowski@users.noreply.github.com> (cherry picked from commit 9e4d3b500932fd0992252f1a9ad52b53715ab56e) --- .drone/drone.yml | 116 +++++++++--------- CHANGELOG.md | 3 + cmd/grafana-agent-operator/Dockerfile | 2 +- cmd/grafana-agent/Dockerfile | 2 +- cmd/grafana-agent/Dockerfile.windows | 2 +- cmd/grafana-agentctl/Dockerfile | 2 +- cmd/grafana-agentctl/Dockerfile.windows | 2 +- .../windows/install_script.nsis | 15 +++ .../grafana-agent/windows/install_script.nsis | 15 +++ tools/make/build-container.mk | 2 +- tools/make/packaging.mk | 4 +- 11 files changed, 99 insertions(+), 66 deletions(-) diff --git a/.drone/drone.yml b/.drone/drone.yml index f521c097fe5f..204767a96375 100644 --- a/.drone/drone.yml +++ b/.drone/drone.yml @@ -110,7 +110,7 @@ steps: - commands: - apt-get update -y && apt-get install -y libsystemd-dev - make lint - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Lint trigger: event: @@ -128,7 +128,7 @@ steps: - ERR_MSG="Dashboard definitions are out of date. Please run 'make generate-dashboards' and commit changes!" - if [ ! -z "$(git status --porcelain)" ]; then echo $ERR_MSG >&2; exit 1; fi - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Regenerate dashboards trigger: event: @@ -146,7 +146,7 @@ steps: - ERR_MSG="Custom Resource Definitions are out of date. Please run 'make generate-crds' and commit changes!" - if [ ! -z "$(git status --porcelain)" ]; then echo $ERR_MSG >&2; exit 1; fi - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Regenerate crds trigger: event: @@ -161,7 +161,7 @@ platform: steps: - commands: - make GO_TAGS="nodocker" test - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Run Go tests trigger: event: @@ -176,7 +176,7 @@ platform: steps: - commands: - K8S_USE_DOCKER_NETWORK=1 make test - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Run Go tests volumes: - name: docker @@ -199,7 +199,7 @@ platform: steps: - commands: - go test -tags="nodocker,nonetwork" ./... - image: grafana/agent-build-image:0.31.0-windows + image: grafana/agent-build-image:0.33.0-windows name: Run Go tests trigger: ref: @@ -214,7 +214,7 @@ platform: steps: - commands: - make agent-image - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build container volumes: - name: docker @@ -239,7 +239,7 @@ platform: steps: - commands: - make agentctl-image - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build container volumes: - name: docker @@ -264,7 +264,7 @@ platform: steps: - commands: - make operator-image - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build container volumes: - name: docker @@ -290,7 +290,7 @@ platform: steps: - commands: - '& "C:/Program Files/git/bin/bash.exe" ./tools/ci/docker-containers-windows agent' - image: grafana/agent-build-image:0.31.0-windows + image: grafana/agent-build-image:0.33.0-windows name: Build container volumes: - name: docker @@ -316,7 +316,7 @@ platform: steps: - commands: - '& "C:/Program Files/git/bin/bash.exe" ./tools/ci/docker-containers-windows agentctl' - image: grafana/agent-build-image:0.31.0-windows + image: grafana/agent-build-image:0.33.0-windows name: Build container volumes: - name: docker @@ -343,7 +343,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=amd64 GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -360,7 +360,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=arm64 GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -377,7 +377,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=ppc64le GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -394,7 +394,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=s390x GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -410,7 +410,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=amd64 GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -426,7 +426,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=arm64 GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -442,7 +442,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=windows GOARCH=amd64 GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -458,7 +458,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=freebsd GOARCH=amd64 GOARM= make agent - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -475,7 +475,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=amd64 GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -492,7 +492,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=arm64 GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -509,7 +509,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=ppc64le GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -526,7 +526,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=s390x GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -542,7 +542,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=amd64 GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -558,7 +558,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=arm64 GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -574,7 +574,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=windows GOARCH=amd64 GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -590,7 +590,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=freebsd GOARCH=amd64 GOARM= make agent-flow - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -607,7 +607,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=amd64 GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -624,7 +624,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=arm64 GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -641,7 +641,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=ppc64le GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -658,7 +658,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=s390x GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -674,7 +674,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=amd64 GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -690,7 +690,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=arm64 GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -706,7 +706,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=windows GOARCH=amd64 GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -722,7 +722,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=freebsd GOARCH=amd64 GOARM= make agentctl - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -739,7 +739,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=amd64 GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -756,7 +756,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=arm64 GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -773,7 +773,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=ppc64le GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -790,7 +790,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=s390x GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -806,7 +806,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=amd64 GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -822,7 +822,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=darwin GOARCH=arm64 GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -838,7 +838,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=windows GOARCH=amd64 GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -854,7 +854,7 @@ steps: - commands: - make generate-ui - GO_TAGS="builtinassets" GOOS=freebsd GOARCH=amd64 GOARM= make operator - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -871,7 +871,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=amd64 GOARM= GOEXPERIMENT=boringcrypto make agent-boringcrypto - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -888,7 +888,7 @@ steps: - make generate-ui - GO_TAGS="builtinassets promtail_journal_enabled" GOOS=linux GOARCH=arm64 GOARM= GOEXPERIMENT=boringcrypto make agent-boringcrypto - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Build trigger: event: @@ -904,7 +904,7 @@ steps: - commands: - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes failure: ignore - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Configure QEMU volumes: - name: docker @@ -924,7 +924,7 @@ steps: from_secret: docker_password GCR_CREDS: from_secret: gcr_admin - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Publish container volumes: - name: docker @@ -948,7 +948,7 @@ steps: - commands: - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes failure: ignore - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Configure QEMU volumes: - name: docker @@ -968,7 +968,7 @@ steps: from_secret: docker_password GCR_CREDS: from_secret: gcr_admin - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Publish container volumes: - name: docker @@ -992,7 +992,7 @@ steps: - commands: - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes failure: ignore - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Configure QEMU volumes: - name: docker @@ -1012,7 +1012,7 @@ steps: from_secret: docker_password GCR_CREDS: from_secret: gcr_admin - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Publish container volumes: - name: docker @@ -1036,7 +1036,7 @@ steps: - commands: - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes failure: ignore - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Configure QEMU volumes: - name: docker @@ -1056,7 +1056,7 @@ steps: from_secret: docker_password GCR_CREDS: from_secret: gcr_admin - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Publish container volumes: - name: docker @@ -1085,7 +1085,7 @@ steps: from_secret: docker_login DOCKER_PASSWORD: from_secret: docker_password - image: grafana/agent-build-image:0.31.0-windows + image: grafana/agent-build-image:0.33.0-windows name: Build containers volumes: - name: docker @@ -1114,7 +1114,7 @@ steps: from_secret: docker_login DOCKER_PASSWORD: from_secret: docker_password - image: grafana/agent-build-image:0.31.0-windows + image: grafana/agent-build-image:0.33.0-windows name: Build containers volumes: - name: docker @@ -1231,7 +1231,7 @@ steps: from_secret: gpg_private_key GPG_PUBLIC_KEY: from_secret: gpg_public_key - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Publish release volumes: - name: docker @@ -1256,7 +1256,7 @@ steps: - DOCKER_OPTS="" make dist/grafana-agentctl-linux-amd64 - DOCKER_OPTS="" make dist.temp/grafana-agent-flow-linux-amd64 - DOCKER_OPTS="" make test-packages - image: grafana/agent-build-image:0.31.0 + image: grafana/agent-build-image:0.33.0 name: Test Linux system packages volumes: - name: docker @@ -1352,6 +1352,6 @@ kind: secret name: updater_private_key --- kind: signature -hmac: 2e439110a89f33a78d745a71635d47f9b1a99de6028bb84c258a0be9c09840f2 +hmac: 251627e59296f743a58112edccf6a03ba1e226a57d59720e3894d2ff9c7e520d ... diff --git a/CHANGELOG.md b/CHANGELOG.md index 48f592c8165a..4740c32e13e9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,9 @@ v0.40.1 (2024-02-27) ### Bugfixes +- Set permissions on the `Grafana Agent [Flow]` folder when installing via the + windows installer rather than relying on the parent folder permissions. (@erikbaranowski) + - Fix an issues where the logging config block would trigger an error when trying to send logs to components that were not running. (@wildum) - Fix an issue where a custom component might be wired to a local declare instead of an import declare when they have the same label. (@wildum) diff --git a/cmd/grafana-agent-operator/Dockerfile b/cmd/grafana-agent-operator/Dockerfile index a86af13209bb..6090efd5681f 100644 --- a/cmd/grafana-agent-operator/Dockerfile +++ b/cmd/grafana-agent-operator/Dockerfile @@ -4,7 +4,7 @@ # default when running `docker buildx build` or when DOCKER_BUILDKIT=1 is set # in environment variables. -FROM --platform=$BUILDPLATFORM grafana/agent-build-image:0.30.4 as build +FROM --platform=$BUILDPLATFORM grafana/agent-build-image:0.33.0 as build ARG BUILDPLATFORM ARG TARGETPLATFORM ARG TARGETOS diff --git a/cmd/grafana-agent/Dockerfile b/cmd/grafana-agent/Dockerfile index f151d43fd080..f602125dfb04 100644 --- a/cmd/grafana-agent/Dockerfile +++ b/cmd/grafana-agent/Dockerfile @@ -4,7 +4,7 @@ # default when running `docker buildx build` or when DOCKER_BUILDKIT=1 is set # in environment variables. -FROM --platform=$BUILDPLATFORM grafana/agent-build-image:0.30.4 as build +FROM --platform=$BUILDPLATFORM grafana/agent-build-image:0.33.0 as build ARG BUILDPLATFORM ARG TARGETPLATFORM ARG TARGETOS diff --git a/cmd/grafana-agent/Dockerfile.windows b/cmd/grafana-agent/Dockerfile.windows index 454c93450eea..6f99a6138fdb 100644 --- a/cmd/grafana-agent/Dockerfile.windows +++ b/cmd/grafana-agent/Dockerfile.windows @@ -1,4 +1,4 @@ -FROM grafana/agent-build-image:0.30.4-windows as builder +FROM grafana/agent-build-image:0.33.0-windows as builder ARG VERSION ARG RELEASE_BUILD=1 diff --git a/cmd/grafana-agentctl/Dockerfile b/cmd/grafana-agentctl/Dockerfile index d04f1816ef99..6f601fb7eed2 100644 --- a/cmd/grafana-agentctl/Dockerfile +++ b/cmd/grafana-agentctl/Dockerfile @@ -4,7 +4,7 @@ # default when running `docker buildx build` or when DOCKER_BUILDKIT=1 is set # in environment variables. -FROM --platform=$BUILDPLATFORM grafana/agent-build-image:0.30.4 as build +FROM --platform=$BUILDPLATFORM grafana/agent-build-image:0.33.0 as build ARG BUILDPLATFORM ARG TARGETPLATFORM ARG TARGETOS diff --git a/cmd/grafana-agentctl/Dockerfile.windows b/cmd/grafana-agentctl/Dockerfile.windows index 80d32f866736..8cf3c34a0ace 100644 --- a/cmd/grafana-agentctl/Dockerfile.windows +++ b/cmd/grafana-agentctl/Dockerfile.windows @@ -1,4 +1,4 @@ -FROM grafana/agent-build-image:0.30.4-windows as builder +FROM grafana/agent-build-image:0.33.0-windows as builder ARG VERSION ARG RELEASE_BUILD=1 diff --git a/packaging/grafana-agent-flow/windows/install_script.nsis b/packaging/grafana-agent-flow/windows/install_script.nsis index 469a2cbd97b0..b987e876d417 100644 --- a/packaging/grafana-agent-flow/windows/install_script.nsis +++ b/packaging/grafana-agent-flow/windows/install_script.nsis @@ -101,6 +101,8 @@ Section "install" # Auto-restart agent on failure. Reset failure counter after 60 seconds without failure nsExec::ExecToLog `sc failure "Grafana Agent Flow" reset= 60 actions= restart/5000 reboot= "Grafana Agent Flow has failed. Restarting in 5 seconds"` Pop $0 + + Call SetFolderPermissions SectionEnd Function CreateConfig @@ -164,6 +166,19 @@ Function InitializeRegistry Return FunctionEnd +Function SetFolderPermissions + # Set permissions on the install directory + SetOutPath $INSTDIR + AccessControl::DisableFileInheritance $INSTDIR + AccessControl::SetFileOwner $INSTDIR "Administrators" + AccessControl::ClearOnFile $INSTDIR "Administrators" "FullAccess" + AccessControl::SetOnFile $INSTDIR "SYSTEM" "FullAccess" + AccessControl::GrantOnFile $INSTDIR "Everyone" "ListDirectory" + AccessControl::GrantOnFile $INSTDIR "Everyone" "GenericExecute" + AccessControl::GrantOnFile $INSTDIR "Everyone" "GenericRead" + AccessControl::GrantOnFile $INSTDIR "Everyone" "ReadAttributes" +FunctionEnd + # Automatically called when uninstalling. Function un.onInit SetShellVarContext all diff --git a/packaging/grafana-agent/windows/install_script.nsis b/packaging/grafana-agent/windows/install_script.nsis index b08a8216c691..24c771745faa 100644 --- a/packaging/grafana-agent/windows/install_script.nsis +++ b/packaging/grafana-agent/windows/install_script.nsis @@ -155,6 +155,8 @@ Function Install # Auto-restart agent on failure. Reset failure counter after 60 seconds without failure nsExec::ExecToLog `sc failure "Grafana Agent" reset= 60 actions= restart/5000 reboot= "Grafana Agent has failed. Restarting in 5 seconds"` Pop $0 + + Call SetFolderPermissions FunctionEnd Function WriteConfig @@ -189,6 +191,19 @@ Function WriteConfig Return FunctionEnd +Function SetFolderPermissions + # Set permissions on the install directory + SetOutPath $INSTDIR + AccessControl::DisableFileInheritance $INSTDIR + AccessControl::SetFileOwner $INSTDIR "Administrators" + AccessControl::ClearOnFile $INSTDIR "Administrators" "FullAccess" + AccessControl::SetOnFile $INSTDIR "SYSTEM" "FullAccess" + AccessControl::GrantOnFile $INSTDIR "Everyone" "ListDirectory" + AccessControl::GrantOnFile $INSTDIR "Everyone" "GenericExecute" + AccessControl::GrantOnFile $INSTDIR "Everyone" "GenericRead" + AccessControl::GrantOnFile $INSTDIR "Everyone" "ReadAttributes" +FunctionEnd + # Uninstaller Function un.onInit SetShellVarContext all diff --git a/tools/make/build-container.mk b/tools/make/build-container.mk index be1d4be9ca49..409d284e1f10 100644 --- a/tools/make/build-container.mk +++ b/tools/make/build-container.mk @@ -34,7 +34,7 @@ # variable names should be passed through to the container. USE_CONTAINER ?= 0 -BUILD_IMAGE_VERSION ?= 0.31.0 +BUILD_IMAGE_VERSION ?= 0.33.0 BUILD_IMAGE ?= grafana/agent-build-image:$(BUILD_IMAGE_VERSION) DOCKER_OPTS ?= -it diff --git a/tools/make/packaging.mk b/tools/make/packaging.mk index c9421433e6ae..d150926e48e4 100644 --- a/tools/make/packaging.mk +++ b/tools/make/packaging.mk @@ -388,7 +388,7 @@ ifeq ($(USE_CONTAINER),1) else cp ./dist/grafana-agent-windows-amd64.exe ./packaging/grafana-agent/windows cp LICENSE ./packaging/grafana-agent/windows - # quotes around mkdir are manadory. ref: https://github.com/grafana/agent/pull/5664#discussion_r1378796371 + # quotes around mkdir are mandatory. ref: https://github.com/grafana/agent/pull/5664#discussion_r1378796371 "mkdir" -p dist makensis -V4 -DVERSION=$(VERSION) -DOUT="../../../dist/grafana-agent-installer.exe" ./packaging/grafana-agent/windows/install_script.nsis endif @@ -398,7 +398,7 @@ dist-agent-flow-installer: dist.temp/grafana-agent-flow-windows-amd64.exe dist.t ifeq ($(USE_CONTAINER),1) $(RERUN_IN_CONTAINER) else - # quotes around mkdir are manadory. ref: https://github.com/grafana/agent/pull/5664#discussion_r1378796371 + # quotes around mkdir are mandatory. ref: https://github.com/grafana/agent/pull/5664#discussion_r1378796371 "mkdir" -p dist makensis -V4 -DVERSION=$(VERSION) -DOUT="../../../dist/grafana-agent-flow-installer.exe" ./packaging/grafana-agent-flow/windows/install_script.nsis endif