Merge branch 'stable'

* stable: (version) 0.9.10 (GH-398) Default install permissions enhancements (doc) update CHANGELOG/nuspec (GH-732) reduce default webrequest timeout to 30s (maint) fix environmentvariable (GH-802) PowerShell Host - Exit codes should return (GH-398) Allow append for users on logs directory (GH-794) Warn when non-admin in default install (GH-793) Failing to update config - log to debug (GH-796) Relax upgrade log package separation (GH-801) Fix - bad nuspec from choco new (legal) add logo use policy (GH-795) Adjust message for missing licensed code
chocolatey · Jun 17, 2016 · 5f4039f · 5f4039f
2 parents 3ed5af1 + bd6b120
commit 5f4039f
Show file tree

Hide file tree

Showing 17 changed files with 145 additions and 58 deletions.
diff --git a/.uppercut b/.uppercut
@@ -19,7 +19,7 @@
   <property name="version.minor" value="9" overwrite="false" />
   <property name="version.patch" value="10" overwrite="false" />
   <property name="version.fix" value="0" overwrite="false" />
-  <property name="version.nuget.prerelease" value="rc1" overwrite="false" />
+  <property name="version.nuget.prerelease" value="" overwrite="false" />
   <property name="version.use.build_date" value="false" overwrite="false" />
   <property name="assembly.description" value="${project.name} is a product of ${company.name} - All Rights Reserved." overwrite="false" />
   <property name="assembly.copyright" value="Copyright © 2011 - Present, ${company.name} - All Rights Reserved." overwrite="false" />

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -41,8 +41,7 @@ If you were using any of the functions in a non-recommended way or not compliant
 
  * [Security] Explicit permissions - remove inheritance/lock down to admins - see [#398](https://github.com/chocolatey/choco/issues/398)
 
-This further restricts the default installation location by removing all permissions and inheritance of permissions, explicitly giving Administrator/LocalSystem to Full access, and Users are granted Read and Execute.
-In prior installations, we ensured Modify access to the installing user, but that has been removed for security reasons. Should you need the previous behavior, set `$env:ChocolateyInstallAllowCurrentUser="true"`.
+This further restricts the default installation location by removing all permissions and inheritance of permissions, explicitly giving Administrator/LocalSystem to Full access, and Users are granted Read and Execute. In prior installations, we ensured Modify access to the installing user, but that has been removed for security reasons. Should you need the previous behavior, set `$env:ChocolateyInstallAllowCurrentUser="true"`.
 
 ### KNOWN ISSUES
 
@@ -130,7 +129,9 @@ In prior installations, we ensured Modify access to the installing user, but tha
  * Fix - Logging of upgrade messages - placement of some messages is incorrect - see [#557](https://github.com/chocolatey/choco/issues/557)
  * Fix - Get-WebFile fails with - The term '//continue' is not recognized as the name of a cmdlet - see [#789](https://github.com/chocolatey/choco/issues/789)
  * Fix - Unable to read registry snapshot file - see [#487](https://github.com/chocolatey/choco/issues/487)
- * Fix - Uninstall template fails when encountering "bad" registry keys - see [#739](https://github.com/chocolatey/choco/issues/739)
+ * Fix - Pro/Business - Licensed version has an incorrect dependency on PowerShell assemblies and will only load v3 and above - see [#799](https://github.com/chocolatey/choco/issues/799)
+ * Fix - Exit codes in package scripts should work - see [#802](https://github.com/chocolatey/choco/issues/802)
+ * Fix - Running choco new creates a bad nuspec - see [#801](https://github.com/chocolatey/choco/issues/801)
 
 ### IMPROVEMENTS
 
@@ -186,6 +187,9 @@ In prior installations, we ensured Modify access to the installing user, but tha
  * Web functions - Check for local file and return early - see [#781](https://github.com/chocolatey/choco/issues/781)
  * Refresh environment variables after each install - see [#439](https://github.com/chocolatey/choco/issues/439)
  * Capture Arguments for a Package during Install/Upgrade - see [#358](https://github.com/chocolatey/choco/issues/358)
+ * If config update fails, log to debug instead of warn - see [#793](https://github.com/chocolatey/choco/issues/793)
+ * Remove extra empty lines when doing choco upgrade all - see [#796](https://github.com/chocolatey/choco/issues/796)
+ * Mention required permissions if user has no access - see [#794](https://github.com/chocolatey/choco/issues/794)
  * Pro/Business - Also check for license in User Profile location - see [#606](https://github.com/chocolatey/choco/issues/606)
  * Pro/Business - Set download cache information if available - see [#562](https://github.com/chocolatey/choco/issues/562)
  * Pro/Business - Allow commands to be added - see [#583](https://github.com/chocolatey/choco/issues/583)
@@ -195,6 +199,7 @@ In prior installations, we ensured Modify access to the installing user, but tha
  * Pro/Business - add ignore invalid switches/parameters - see [#586](https://github.com/chocolatey/choco/issues/586)
  * Pro/Business - Don't prompt to upload file for virus scanning if it is too large - see [#695](https://github.com/chocolatey/choco/issues/695)
  * Pro/Business - add 'support' command - see [#745](https://github.com/chocolatey/choco/issues/745)
+ * Pro/Business - Adjust environment settings warning to suggest upgrade - see [#795](https://github.com/chocolatey/choco/issues/795)
  * API - Add the ability to retrieve package count for a Source - see [#431](https://github.com/chocolatey/choco/issues/431)
  * API - Chocolatey Lib still marks vital package information as internal - see [#433](https://github.com/chocolatey/choco/issues/433)
  * API - Add paging to list command - see [#427](https://github.com/chocolatey/choco/issues/427)

diff --git a/docs/logo/LogoUsePolicy.md b/docs/logo/LogoUsePolicy.md
@@ -0,0 +1,15 @@
+The Apache 2.0 license does not apply for the logos/marks.
+
+Chocolatey open source code falls under the Apache 2.0 license, which permits third parties to copy and redistribute the underlying software under the terms of the license. However, the Apache 2.0 license does not provide any license or right to use any of the Chocolatey marks, including logos. You may redistribute the applicable Chocolatey open source software under the terms of the Apache 2.0 license, but you may not use the Chocolatey marks in doing so without express written permission from RealDimensions Software, LLC.
+
+You must obtain written permission from RealDimensions Software, LLC, to use the Chocolatey marks for any use, including but not limited to; (i) merchandising purposes (e.g. T-shirts, mugs); (ii) on or in relation to a software product that includes or is built on top of any Chocolatey product, including Chocolatey's open source projects; or (iii) in an attention-getting or branding manner. Without the express prior written consent of RealDimensions Software, LLC, no Chocolatey Marks may be used in a manner that implies an affiliation with, approval by, endorsement of or sponsorship by RealDimensions Software, LLC.
+
+### General Use
+
+You may use Chocolatey marks/logos, without a license, provided such use complies with the following requirements: (i) the Chocolatey mark is used only to refer to the Chocolatey project, framework, and/or technology; (ii) the Chocolatey mark is not used as part of your product, brand, domain, URL, or service name; (iii) the Chocolatey mark appears less prominent than your company or product name; (iv) the reference to Chocolatey does not create a sense of endorsement, sponsorship, or ownership by Chocolatey and/or RealDimensions Software, LLC; and/or (v) your use of the Chocolatey mark is necessary to fully describe your services or products and is limited to as much of the Chocolatey Mark as is necessary for such identification ("Nominative Use"). NO OTHER USE OF THE CHOCOLATEY MARK IS PERMITTED WITHOUT A WRITTEN LICENSE AGREEMENT.
+
+### Plain Speak
+
+**NOTE**: This section ("Plain Speak") in no way changes what is written in the rest of this document. This only attempts to provide some clarity. If there is a conflict with another section, the other section applies.
+
+Without an express written agreement, you cannot use the Chocolatey logos as part of your brand/product.
diff --git a/nuget/chocolatey/chocolatey.nuspec b/nuget/chocolatey/chocolatey.nuspec
@@ -96,8 +96,7 @@ If you were using any of the functions in a non-recommended way or not compliant
 
  * [Security] Explicit permissions - remove inheritance/lock down to admins - see [#398](https://github.com/chocolatey/choco/issues/398)
 
-This further restricts the default installation location by removing all permissions and inheritance of permissions, explicitly giving Administrator/LocalSystem to Full access, and Users are granted Read and Execute.
-In prior installations, we ensured Modify access to the installing user, but that has been removed for security reasons. Should you need the previous behavior, set `$env:ChocolateyInstallAllowCurrentUser="true"`.
+This further restricts the default installation location by removing all permissions and inheritance of permissions, explicitly giving Administrator/LocalSystem to Full access, and Users are granted Read and Execute. In prior installations, we ensured Modify access to the installing user, but that has been removed for security reasons. Should you need the previous behavior, set `$env:ChocolateyInstallAllowCurrentUser="true"`.
 
 ### KNOWN ISSUES
 
@@ -185,7 +184,9 @@ In prior installations, we ensured Modify access to the installing user, but tha
  * Fix - Logging of upgrade messages - placement of some messages is incorrect - see [#557](https://github.com/chocolatey/choco/issues/557)
  * Fix - Get-WebFile fails with - The term '//continue' is not recognized as the name of a cmdlet - see [#789](https://github.com/chocolatey/choco/issues/789)
  * Fix - Unable to read registry snapshot file - see [#487](https://github.com/chocolatey/choco/issues/487)
- * Fix - Uninstall template fails when encountering "bad" registry keys - see [#739](https://github.com/chocolatey/choco/issues/739)
+ * Fix - Pro/Business - Licensed version has an incorrect dependency on PowerShell assemblies and will only load v3 and above - see [#799](https://github.com/chocolatey/choco/issues/799)
+ * Fix - Exit codes in package scripts should work - see [#802](https://github.com/chocolatey/choco/issues/802)
+ * Fix - Running choco new creates a bad nuspec - see [#801](https://github.com/chocolatey/choco/issues/801)
 
 ### IMPROVEMENTS
 
@@ -241,6 +242,9 @@ In prior installations, we ensured Modify access to the installing user, but tha
  * Web functions - Check for local file and return early - see [#781](https://github.com/chocolatey/choco/issues/781)
  * Refresh environment variables after each install - see [#439](https://github.com/chocolatey/choco/issues/439)
  * Capture Arguments for a Package during Install/Upgrade - see [#358](https://github.com/chocolatey/choco/issues/358)
+ * If config update fails, log to debug instead of warn - see [#793](https://github.com/chocolatey/choco/issues/793)
+ * Remove extra empty lines when doing choco upgrade all - see [#796](https://github.com/chocolatey/choco/issues/796)
+ * Mention required permissions if user has no access - see [#794](https://github.com/chocolatey/choco/issues/794)
  * Pro/Business - Also check for license in User Profile location - see [#606](https://github.com/chocolatey/choco/issues/606)
  * Pro/Business - Set download cache information if available - see [#562](https://github.com/chocolatey/choco/issues/562)
  * Pro/Business - Allow commands to be added - see [#583](https://github.com/chocolatey/choco/issues/583)
@@ -250,6 +254,7 @@ In prior installations, we ensured Modify access to the installing user, but tha
  * Pro/Business - add ignore invalid switches/parameters - see [#586](https://github.com/chocolatey/choco/issues/586)
  * Pro/Business - Don't prompt to upload file for virus scanning if it is too large - see [#695](https://github.com/chocolatey/choco/issues/695)
  * Pro/Business - add 'support' command - see [#745](https://github.com/chocolatey/choco/issues/745)
+ * Pro/Business - Adjust environment settings warning to suggest upgrade - see [#795](https://github.com/chocolatey/choco/issues/795)
  * API - Add the ability to retrieve package count for a Source - see [#431](https://github.com/chocolatey/choco/issues/431)
  * API - Chocolatey Lib still marks vital package information as internal - see [#433](https://github.com/chocolatey/choco/issues/433)
  * API - Add paging to list command - see [#427](https://github.com/chocolatey/choco/issues/427)

diff --git a/nuget/chocolatey/tools/chocolateysetup.psm1 b/nuget/chocolatey/tools/chocolateysetup.psm1
@@ -78,8 +78,7 @@ param(
     Set-ChocolateyInstallFolder $chocolateyPath
   }
   Create-DirectoryIfNotExists $chocolateyPath
-
-  Ensure-UserPermissions $chocolateyPath
+  Ensure-Permissions $chocolateyPath
 
   #set up variables to add
   $chocolateyExePath = Join-Path $chocolateyPath 'bin'
@@ -185,30 +184,46 @@ param (
   return $account.Value
 }
 
-
-function Ensure-UserPermissions {
+function Ensure-Permissions {
 param(
   [string]$folder
 )
-  Write-Debug "Ensure-UserPermissions"
+  Write-Debug "Ensure-Permissions"
 
-  if (!(Test-ProcessAdminRights)) {
-    Write-ChocolateyWarning "User is not running elevated, cannot set permissions."
+  $defaultInstallPath = "$env:SystemDrive\ProgramData\chocolatey"
+  try {
+    $defaultInstallPath = Join-Path [Environment]::GetFolderPath("CommonApplicationData") 'chocolatey'
+  } catch {
+      # keep first setting
+  }
+
+  if ($folder.ToLower() -ne $defaultInstallPath.ToLower()) {
+    Write-ChocolateyWarning "Installation folder is not the default. Not changing permissions. Please ensure your installation is secure."
     return
   }
 
+  # Everything from here on out applies to the default installation folder
+
+  if (!(Test-ProcessAdminRights)) {
+    throw "Installation of Chocolatey to default folder requires Administrative permissions. Please run from elevated prompt. Please see https://chocolatey.org/install for details and alternatives if needing to install as a non-administrator."
+  }
+
   $currentEA = $ErrorActionPreference
   $ErrorActionPreference = 'Stop'
   try {
     # get current acl
-    $acl = (Get-Item $folder).GetAccessControl('Access')
+    $acl = (Get-Item $folder).GetAccessControl('Access,Owner')
+
+    Write-Debug "Removing existing permissions."
+    $acl.Access | % { $acl.RemoveAccessRuleAll($_) }
 
     $inheritanceFlags = ([Security.AccessControl.InheritanceFlags]::ContainerInherit -bor [Security.AccessControl.InheritanceFlags]::ObjectInherit)
     $propagationFlags = [Security.AccessControl.PropagationFlags]::None
 
     $rightsFullControl = [Security.AccessControl.FileSystemRights]::FullControl
     $rightsModify = [Security.AccessControl.FileSystemRights]::Modify
     $rightsReadExecute = [Security.AccessControl.FileSystemRights]::ReadAndExecute
+    $rightsWrite = [Security.AccessControl.FileSystemRights]::Write
 
     Write-Output "Restricting write permissions to Administrators"
     $builtinAdmins = Get-LocalizedWellKnownPrincipalName -WellKnownSidType ([Security.Principal.WellKnownSidType]::BuiltinAdministratorsSid)
@@ -228,30 +243,32 @@ param(
 
       if ($currentUser.Name -ne $localSystem) {
         $userAccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($currentUser.Name, $rightsModify, $inheritanceFlags, $propagationFlags, "Allow")
-        Write-ChocolateyWarning 'Adding Modify permission for current user due to $env:ChocolateyInstallAllowCurrentUser'
+        Write-ChocolateyWarning 'Adding Modify permission for current user due to $env:ChocolateyInstallAllowCurrentUser. This could lead to escalation of privilege attacks. Consider not allowing this.'
         $acl.SetAccessRule($userAccessRule)
       }
     } else {
       Write-Debug 'Current user no longer set due to possible escalation of privileges - set $env:ChocolateyInstallAllowCurrentUser="true" if you require this.'
     }
 
-    $defaultInstallPath = "$env:SystemDrive\ProgramData\chocolatey"
-    try {
-      $defaultInstallPath = Join-Path [Environment]::GetFolderPath("CommonApplicationData") 'chocolatey'
-    } catch {
-      # keep first setting
-    }
+    Write-Debug "Set Owner to Administrators"
+    $builtinAdminsSid = New-Object System.Security.Principal.SecurityIdentifier([Security.Principal.WellKnownSidType]::BuiltinAdministratorsSid, $null)
+    $acl.SetOwner($builtinAdminsSid)
 
-    if ($folder.ToLower() -eq $defaultInstallPath.ToLower()) {
-      Write-Debug "Default Installation folder - removing inheritance with no copy"
-      $acl.SetAccessRuleProtection($true, $false)
-    } else {
-      Write-Debug "Non-standard install location - leaving inheritance on"
-      $acl.SetAccessRuleProtection($false, $true)
-    }
+    Write-Debug "Default Installation folder - removing inheritance with no copy"
+    $acl.SetAccessRuleProtection($true, $false)
 
-    # this is idempotent
+    # enact the changes against the actual
     (Get-Item $folder).SetAccessControl($acl)
+
+    # set an explicit append permission on the logs folder
+    Write-Debug "Allow users to append to log files."
+    $logsFolder = "$folder\logs"
+    Create-DirectoryIfNotExists $logsFolder
+    $logsAcl = (Get-Item $logsFolder).GetAccessControl('Access')
+    $usersAppendAccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($builtinUsers, $rightsWrite, [Security.AccessControl.InheritanceFlags]::ObjectInherit, [Security.AccessControl.PropagationFlags]::InheritOnly, "Allow")
+    $logsAcl.SetAccessRule($usersAppendAccessRule)
+    $logsAcl.SetAccessRuleProtection($false, $true)
+    (Get-Item $logsFolder).SetAccessControl($logsAcl)
   } catch {
     Write-ChocolateyWarning "Not able to set permissions for $folder."
   }

diff --git a/src/chocolatey.resources/helpers/chocolateyScriptRunner.ps1 b/src/chocolatey.resources/helpers/chocolateyScriptRunner.ps1
@@ -58,4 +58,8 @@ if ($env:ChocolateyExitCode -ne $null -and $env:ChocolateyExitCode -ne '') {
  $exitCode = $env:ChocolateyExitCode
 }
 
+if ($exitCode -ne 0) {
+  Set-PowerShellExitCode $exitCode
+}
+
 Exit $exitCode
diff --git a/src/chocolatey.resources/helpers/functions/Get-WebFile.ps1 b/src/chocolatey.resources/helpers/functions/Get-WebFile.ps1
@@ -150,11 +150,13 @@ param(
   $req.AllowAutoRedirect = $true
   $req.MaximumAutomaticRedirections = 20
   #$req.KeepAlive = $true
-  # use the default request timeout of 100000
+  $req.Timeout = 30000
   if ($env:chocolateyRequestTimeout -ne $null -and $env:chocolateyRequestTimeout -ne '') {
+    Write-Debug "Setting request timeout to  $env:chocolateyRequestTimeout"
     $req.Timeout =  $env:chocolateyRequestTimeout
   }
   if ($env:chocolateyResponseTimeout -ne $null -and $env:chocolateyResponseTimeout -ne '') {
+    Write-Debug "Setting read/write timeout to  $env:chocolateyResponseTimeout"
     $req.ReadWriteTimeout =  $env:chocolateyResponseTimeout
   }
 
@@ -181,7 +183,7 @@ param(
   }
 
   try {
-   [System.Net.HttpWebResponse]$res = $req.GetResponse();
+   $res = $req.GetResponse();
 
    try {
       $headers = @{}
@@ -309,7 +311,7 @@ param(
     }
 
     Set-PowerShellExitCode 404
-    if (env:DownloadCacheAvailable -eq 'true') {
+    if ($env:DownloadCacheAvailable -eq 'true') {
        throw "The remote file either doesn't exist, is unauthorized, or is forbidden for url '$url'. $($_.Exception.Message) `nThis package is likely not broken for licensed users - see https://chocolatey.org/docs/features-private-cdn."
     } else {
        throw "The remote file either doesn't exist, is unauthorized, or is forbidden for url '$url'. $($_.Exception.Message)"

diff --git a/src/chocolatey.resources/helpers/functions/Set-PowerShellExitCode.ps1 b/src/chocolatey.resources/helpers/functions/Set-PowerShellExitCode.ps1
@@ -45,6 +45,11 @@ param (
   [parameter(ValueFromRemainingArguments = $true)][Object[]] $ignoredArguments
 )
 
-  $host.SetShouldExit($exitCode);
+  try {
+    $host.SetShouldExit($exitCode);  
+  } catch {
+    Write-Warning "Unable to set host exit code"
+  }
+
   $env:ChocolateyExitCode = $exitCode;
 }
diff --git a/src/chocolatey/infrastructure.app/ApplicationParameters.cs b/src/chocolatey/infrastructure.app/ApplicationParameters.cs
@@ -85,7 +85,7 @@ public static class Environment
         ///   Default is 45 minutes
         /// </summary>
         public static int DefaultWaitForExitInSeconds = 2700;
-        public static int DefaultWebRequestTimeoutInSeconds = 45;
+        public static int DefaultWebRequestTimeoutInSeconds = 30;
 
         public static readonly string[] ConfigFileExtensions = new string[] {".autoconf",".config",".conf",".cfg",".jsc",".json",".jsonp",".ini",".xml",".yaml"};
         public static readonly string ConfigFileTransformExtension = ".install.xdt";