Closed kevloral closed 3 months ago
I dug into it a little bit and it is not that the installation fails when the destination is not the default one, but when the OS is not in English.
Given that the error message in the log file is quite useless (Property,Name Line 176, Column 9), perhaps because there is a problem in the way the SetACL function tries to return an error message, I fired up a process monitor to find out the exact icacls parameters the installer was trying to use. In my case, this is the full command:
"C:\Windows\System32\icacls.exe" "H:\Aplicaciones\OpenVPN" /inheritance:r /grant "Administrators:(OI)(CI)F" /grant "System:(OI)(CI)F" /grant "Users:(OI)(CI)RX"
Therefore, I tried to execute it by hand and got this error message:
Administrators: No se efectuó ninguna asignación entre los nombres de cuenta y los identificadores de seguridad. Se procesaron correctamente 0 archivos; error al procesar 1 archivos
The message, in Spanish, is complaining because there is no Administrators users group in my computer (as my OS is in Spanish). Once I changed that group name to "Administradores" (and "Users" to "Usuarios"), the command executed successfully.
All in all, the problem lies in the fact that the names of both user groups are hardwired in the SetACL function: https://github.com/OpenVPN/openvpn-build/blob/OpenVPN-2.6.11-I001/windows-msi/script/ACL.js
Thank you for the such a detailed bug report. We’ll address this issue in coming days.
@kevloral Do you mind to test this installer, which is 2.6.11 with the ACL script fix?
I just did and now the installation completes successfully. Also, the permissions of the installation folder are set as expected:
It seems using SIDs instead of names did the trick. Thanks a lot!
Beginning in 2.6.9, when you try to update OpenVPN on Windows and a non standard installation folder has been used, the process always fails with this message:
I assume the problem lies in the new script that was introduced in that version intended to reset the permissions of the installation folder (I guess it may not support using non standard destinations).
If the installer is executed with the /L option, you get this in the resulting log file:
The problem also affects versions 2.6.10 and 2.6.11