使用JNA在ProgramData子文件夹上设置写许可权
[英]Set write permissions on ProgramData subfolder using JNA
问题描述
I have a program, written in Java, which originally used its directory in Program Files to write files accessible to all users of this program. 
我有一个用Java编写的程序,该程序最初使用程序文件中的目录编写该程序的所有用户均可访问的文件。 This required our users to run as administrator all the time. 这要求我们的用户始终以管理员身份运行。 In an effort to alleviate that, we decided to move files which needed to be written during regular usage to the ProgramData folder using the %ALLUSERSPROFILE% environment variable. 为了缓解这种情况,我们决定使用%ALLUSERSPROFILE%环境变量将在常规使用期间需要写入的文件移动到ProgramData文件夹中。 Using a subfolder in this directory for our application works great if it is designated as writable during the installation process, which works fine using NSIS. 如果在安装过程中将其指定为可写的,则在此目录中为我们的应用程序使用子文件夹非常有用,使用NSIS可以正常工作。
The problem comes with upgrading existing users. 问题在于升级现有用户。 The Java File API provides setWritable but this does not appear to work after testing on development machines. Java File API提供了setWritable但在开发机器上进行测试后似乎无法正常工作。 It looks as though the new file API with Java 7 would solve this problem, but with no release date on the horizon I would rather not wait. 看起来带有Java 7的新文件API可以解决此问题,但是由于没有发布日期,我宁愿不等待。
It seems the simplest solution would be to use JNA to call the appropriate Windows API call to set this directory writable. 似乎最简单的解决方案是使用JNA调用适当的Windows API调用以将该目录设置为可写。 Since upgrading the software necessitates admin rights, similar to installing, it should let this change go through fine. 由于升级软件需要与安装类似的管理员权限,因此应让此更改顺利进行。 However, I'm unsure where to start, having never used JNA before or the Windows API. 但是,我不确定从哪里开始,以前从未使用过JNA或Windows API。 Suggestions as to which Windows library to load and what functions to call would be appreciated, especially if someone has encountered a similar problem before. 关于加载哪个Windows库以及调用哪些函数的建议将不胜感激,特别是如果以前有人遇到过类似的问题。
2 个解决方案
解决方案1
0 2016-01-26 08:00:21
I use the follow line: 我使用以下代码:
Runtime.getRuntime().exec( "C:\\Windows\\System32\\icacls.exe \"%ProgramData%\my application" /grant *S-1-5-32-545:(OI)(CI)(W,M)" );
S-1-5-32-545 is the SID for BUILTIN\\Users because the name work only on English systems. S-1-5-32-545是BUILTIN \\ Users的SID,因为该名称仅在英语系统上有效。 https://support.microsoft.com/de-de/kb/163846 https://support.microsoft.com/de-de/kb/163846
This give the BUILTIN\\Users write access to all files in the given directory independent which user has create it. 这使BUILTIN \\ Users可以对给定目录中的所有文件进行写访问,而与创建它的用户无关。
解决方案2
0 已采纳 2011-03-28 20:29:15
Well, I'm glad you gave some background...You could use JNA, but the easier way would be to execute a call to the command-line utility cacls. 好吧,很高兴为您提供一些背景知识...您可以使用JNA,但更简单的方法是执行对命令行实用程序cacls的调用。 It's included by default in Windows XP installations, I believe, so it should do the trick for you. 我相信Windows XP安装中默认包含该工具,因此它可以为您解决问题。 Try Runtime.getRuntime().exec("C:\\\\Windows\\\\System32\\\\cacls.exe"+options) 尝试运行Runtime.getRuntime().exec("C:\\\\Windows\\\\System32\\\\cacls.exe"+options)
Check out the documentation here -> http://technet.microsoft.com/en-us/library/bb490872.aspx 在此处查看文档-> http://technet.microsoft.com/zh-cn/library/bb490872.aspx
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.