I'm trying to create a user in windows which will only be able to run specific scripts ie, test.ps1, and running all other types of scripts should be blocked. If there is any way to do that.
Path of test.ps1 = C:/Program files/test.ps1
Related
I have a simple Django code which I want to keep running on a specific GCE instance. Sometimes the instance gets restarted due to some reasons, not in my control. I created a batch script which I tried to put in Startup folder in both users and common folder. It didn't work. I tried putting the script in using sysprep-specialize-script-url(using cloud storage), sysprep-specialize-script-cmd and sysprep-specialize-script-bat. It didn't work. Here's the content of the batch script -
cd C:\Users\kartik_domadiya\Desktop\happierMiscGoogleCloud
manage.py runserver 0.0.0.0:80
pause
I tried running C:\Program Files\Google\Compute Engine\metadata_scripts\run_startup_scripts.cmd manually and it worked (with any metadata key). So I can see that there's no problem with the script itself.
I even tried with putting the batch script in task scheduler which didn't work too.
So is there any way I can debug the problem and find out why isn't the batch script working? I am using Windows 2012 R2, if that matters.
PS: I know that's a development server and should not be used in production.
I moved the code to C:/code (basically out of any particular user's folder) and then provided all user its access (Right Click > Properties > Security), updated the batch file and put it into startup folder (Run > shell:startup).
It started working after that. I suppose the issue was due to access permission.
I'm trying to use bash as the shell on Windows for a GitLab CI Runner.
concurrent = 1
check_interval = 0
[[runners]]
name = "DESKTOP-RQTQ13S"
url = "https://example.org/ci"
token = "fooooooooooooooooooobaaaaaaaar"
executor = "shell"
shell = "bash"
[runners.cache]
Unfortunately I can not find an option to specify the actual shell program that the CI Runner should use. By default, it just tries to run bash which it can not find. I don't know why, because when I open up a Windows command line and enter bash it works.
Running with gitlab-ci-multi-runner 1.9.4 (8ce22bd)
Using Shell executor...
ERROR: Build failed (system failure): Failed to start process: exec: "bash": executable file not found in %PATH%
I tried adding a file bash.cmd to my user directory containing
#"C:\Program Files\Git\usr\bin\bash.exe" -l
That gives me this strange error:
Running with gitlab-ci-multi-runner 1.9.4 (8ce22bd)
Using Shell executor...
Running on DESKTOP-RQTQ13S...
/usr/bin/bash: line 43: /c/Users/niklas/C:/Users/niklas/builds/aeb38de4/0/niklas/ci-test.tmp/GIT_SSL_CAINFO: No such file or directory
ERROR: Build failed: exit status 1
Is there a way to properly configure this?
There are two issues going on here, and both can probably be solved.
gitlab-runner cannot find bash
gitlab-runner doesn't combine unix-style and Windows-style paths very well.
You have essentially succeeded in solving the first one by creating the bash.cmd file. But if you're curious about why it didn't work without it, my guess is that bash runs in your command prompt because the directory that contains it (e.g. in your case "C:\Program Files\Git\usr\bin") is included in the PATH environment variable for your user account. But perhaps you are running the gitlab-runner in the system account, which might not have the same PATH.
So the first thing to do is just check your system's PATH variable and add the bin directory if necessary (i.e. using the System applet in the Control Panel as described here or here). Just make sure you restart your machine after you make the change, because the change isn't applied until after you restart. That should make bash work, even when called from a service running in the system or admin account.
As for the strange error you got after creating bash.cmd, that was due to the second issue. Paths are often really hard to get right when combining bash and Windows. Gitlab-runner is probably trying to determine whether the build path is relative or absolute, and ends up prepending the windows path with what it thinks is the working directory ($PWD). This looks like a bug, but gitlab still has not fixed it (as of version 9.0 of the runner!!) and probably never will. Maybe they have decided it is not a bug or that it is due to bugs in underlying software or tools that they can't fix or that it would be too difficult to fix. Anyway, I've discovered a work-around. You can specify the base path for builds in the config.toml file. If you use a unix-style path, it fixes the problem.
On windows, config.toml is usually in the same folder as your gitlab-runner.exe (or gitlab-multi-runner-amd64.exe etc). Open that file in your favorite text editor. Then find the [[runners]] section and add two lines similar to the following.
builds_dir="/c/gitlab-runner/builds/"
cache_dir="/c/gitlab-runner/cache/"
The path you use should be the "bash version" of whatever directory you want gitlab-runner to use for storing builds etc. Importantly if you are using cygwin, you would use a path similar to /cygdrive/c/... instead of just /c/... (which is appropriate for msys-git or standalone MSYS2 etc).
Here's an example of a config.toml file:
[[runners]]
name = "windows"
url = "https://your.server.name"
token = "YOUR_SECRET_TOKEN"
executor = "shell"
shell = "bash"
builds_dir="/c/gitlab-runner/builds/"
cache_dir="/c/gitlab-runner/cache/"
It looks like you're attempting to link gitlab-ci up with the Windows Subsystem for Linux (which can be accessed by typing bash at the Windows command prompt)? I doubt that this is supported directly by Gitlab's runner configuration.
Instead, I would suggest using Powershell with your shell executor.
Executor = 'shell'
Shell = 'powershell'
You can then drop down into Bash in the scripts you call from .gitlab-ci.yml.
Given that it's bad practice to execute more than very trivial shell scripts within the .gitlab-ci.yml itself (as opposed to calling out to an external script), you lose little by being forced to use a native Windows shell.
I am currently working on a Windows batch file that will allow me to silently install git (the executable for which will be placed in the folder that the .bat file will be running from) in a pre-specified location on the file system.
I've found this article which seems to provide some suitable advice:
https://github.com/msysgit/msysgit/wiki/Silent-or-Unattended-Installation
However, I'm not entirely sure what parameters I would need to mention in my LOADINF file. I would like to pre-define the options that the user would manually select throughout the various stages of installation, so that it can run through from start to finish without prompting anything from the user.
Can anyone help or point me to a place where I can find these parameters and their available values?
Create a file, for eg. my-config.cnf (or my-config.ini) with the following content:
[Setup]
Lang=default
Dir=C:\Program Files (x86)\Git
Group=Git
NoIcons=0
SetupType=default
...
<other options as shown in the msysgit wiki>
Now, in the batch file, when you execute the installation file (say msysgit-install.exe), use /LOADINF as follows:
msysgit-install.exe /SILENT /LOADINF="my-config.cnf"
I have a question and wondering if you guys could help.. Here are the details -
Program Flow ->
Autosys Job -> Windows .bat job on network path-> Internally calls java program along with few other components
When the .bat runs through Autosys job, it gives below warning and does partial processing and exits out without any failure
(i guess the internal code might not have good error handling..but sadly I do not have access to view/modify the same). However, when I logon to that
windows box and run the .bat file from cmd prompt, it works like a charm and throws no error.
Warning in Logs - "WARNING: Failed to load the sqljdbc_auth.dll"
Things I tried-
I tried creating a wrapper bat file in windows C drive (not the netwrok path where the actual .bat is in) and placed sqljdbc_auth.dll in that custom folder.
Job went to SU , after partial processing.
Appreciate your help.
Many Thanks,
Raj
I'd suspect there is a path error. Try echo %path% just before calling your batch, even simply run
echo %path%>alogfile
call yourbatch
and if the displayed path doesn't include a directory in which your .dll resides, add it into the path before calling yourbatch.
It may very well be that your logon includes the required directory as part of your user-defined path and the username under which the job runs does not include the directory.
Or, you could try moving the dll into somewhere like system32 which should be common to everyone.
(Windows should use the standard path-scanning algorithm to locate any required dll that isn't invoked from a full pathname)
I'm trying to use the Microsoft User State Migration tool with Powershell; the way the program "loadstate.exe" works is that it needs to be called locally so that it will load up a remotely saved state of the user's profile and then restore it to the local computer.
I am seeking to automate this with Powershell; in order to do this, I have written a script that will elevate the user to run Powershell in Executive/Administrative mode and then execute the following command, against the USMT program that is installed on all of our computers:
c:\usmt\loadstate.exe /i:$configfile $storepath
Where $configfile is the name of the configuration file and the store path is the name of where the files are stored at. This all works, except that when run from remote, it seems to try to execute it from the System context - the desktop files are instead restored with the ACL permissions of CREATOR OWNER, SYSTEM, and Administrators - rather than giving it to the actually logged on user.
So if I have it set as a logon script, and try to have it execute when the user GuineaPig logs in, it will seek to restore the files and it will actually restore it - but all desktop items will be invisible to GuineaPig because she doesn't have any rights to see them.
If I just have the script locally, say on the user's C:\ DRIVE, and then right-click and "Run as Powershell Script", it works fine.
How do I execute this remote powershell script(located on our domain controller) so that it will actually run it in the context of the local user?
Alternately, how do I just tell the Group Policy of a logon script to just run something from the user's computer? I can also just set the script to be copied to the C:\ of every local computer, I just need the logon policy to actually run it from the C:\ of every local computer as the locally logged on user.
Thanks in advance.