Working with the OneGet chocolatey provider, if I run the a command like the following...
Install-Package fooo
directly on a box the chocolatey package is cached in <%LocalAppData%>\Nuget\Cache. If I rerun the same command the package is read out of this cache.
However if I wrap up this command in a DSC resource and run it on a box I can not find where the package is cached. It is definitely cached somewhere. anyone know where? You would have thought it would be under the user that DSC was running as, although I am not sure what user it does run as and have also gone through all the user folders with no joy.
DSC does indeed run as the local system account, thanks briantist.
It is cached here: C:\Windows\system32\config\systemprofile\AppData\Local\NuGet
found with the help of the following link
https://serverfault.com/questions/9325/where-can-i-find-data-stored-by-a-windows-service-running-as-local-system-accou
Related
I just installed chocolatey through nuGet using the following steps in the admin shell: chocolatey nuget install. However, when I try to get any package, I am asked for credentials (which I assume is not meant to happen). Can anyone point out what I am doing wrong?
chocolatey
Maybe not a fix, but I found a work around. It is possible to download the *.nupkg files from https://chocolatey.org/packages and then run choco install [packageFile], which doesn't require the server to be contacted and this avoids the permission issue.
After I install a package in powershell by using
"choco install $package" where package is taken from a config file and would look like "WinRar" so I would be doing choco install WinRar, how do i get the exact path this package was just installed to?
For example when I am installing PhantomJS using this, it gets installed to C:\ProgramData\chocolatey\lib\PhantomJS\tools\phantomjs-2.1.1-windows and I as the developer know that, but since I need to add this to the env path, depending on which version the install command installs, the path will be different. I need to get the exact path so i can set the environmental variable to right place.
PhantomJS is just one example, but a lot of packages get installed into directories where their version is apart of the path and getting the path from the powershell install scripts would really be helpful.
Is there anything like this available for the package manager? I assume figuring out where the package just got installed to should be possible because I see it displayed on my terminal window, just don't know how to access it in powershell.
Thanks.
Currently there is not a way, but there is a thought to maybe provide back a list of package results with that information (along with more). That is still in a feature request so look for it to be developed in the coming months.
You could parse the Chocolatey output to determine where Chocolatey saw things get installed and we are working to make that detection even better.
We have a problem with our current installer for a browser plugin where a small percent of our users try to install it but the .msi install fails. The issue is we can't get the logs back from them as it is an anonymous download and our QA computers aren't getting this issue. We know they fail as we have log file in JS from before the download and a survey response after saying they tried to install it.
I have searched around but haven't found an answer on how to have an automatic upload of log files on failure of a windows .msi install.
The best solution I have seen is in WiX, we can create a shell script action after the install and then use PowerShell or bitsadmin to try to upload a specific log file from the commandline if we can find it in the temp directory, however this does not seem to be a clean or reliable solution.
Being able to PUT or POST it anywhere would be fine.
Any help is appreaciated.
If you set the MsiLogging property to something like "voicewarmupx", you can later use the property MsiLogFileLocation to get the log file location. This supported in Windows Installer 4.0 and higher.
If a batch file or PowerShell script isn't giving you the programmability you need, you can create a custom action that retrieves the log file and sends it to you.
PowerCLI with .NET has some dependencies on dll's that you get only when you install PowerCLI on each machine you want to run.
I have a console app with command line arguments, which when deployed using the usual method doesn't work because of the unmet dependencies...these assemblies are part of the GAC.
Clickonce deployment proved to be useless..it didnt recognize my arguments although I passed them as query params.
Finally, I installed VMware PowerCLI on this remote machine. Then ran the .exe and it worked. Is there a way to avoid installing PowerCLI and be able to include all the dependencies with my exe during deployment?
Depending on where exactly you want to deploy your console application, you may be out of luck. According to this page and the most relevant forum post I could find, the PowerCLI assemblies are not redistributable. Your best bet if you want to distribute this application outside your company is to use the Web Services SDK - a huge pain since you've already developed the app.
Assuming your application is for internal use only and you just want to deploy it on its destination server, you can do the following to reference the assemblies locally:
On the development machine, copy whichever PowerCLI .dlls you reference from the GAC (in %WINDIR%\assembly) to your solutions local directory.
Change your references in the project to point to the local versions of the .dlls.
Open the 'Properties' view for each of the references, and make sure 'Copy Local' is set to True.
Compile and deploy your console application (and it's coresident .dlls) to the target machine, it should reference them in the local directory and run without external dependencies.
Hope that helps!
You could also automate PowerCLI installation with a silent installation one-line Powershell script, if the problem is hiding the installation from the users.
Invoke-Expression ("cmd /c '$powerCLIexeFilePath'/S /VADDLOCAL=ALL /V/qn")
When you install a package from NuGet, it can run some Powershell scripts to set things up (such as exporting commands to be used in the Package Manager console).
I'm trying (and failing) to find details of what these scripts can/can't do. Specifically - should we be worried about malicious code in these? Can they read the filesystem, send web requests, etc.?
When NuGet sets up the PowerShell host, it checks to see what the current ExecutionPolicy is. If it is not Unrestricted, RemoteSigned, or Bypass, it forces the ExcecutionPolicy to RemoteSigned for the current process (devenv.exe).
PowerShell does not see the embedded scripts init.ps1, install.ps1, etc. as being downloaded from the Internet, so there is nothing preventing a malicious script from doing anything on your machine that your account has permissions to do.
At this point, all NuGet package creators are pretty much on the "honor" system. I believe Ruby Gems have a similar situtation.
NuGet does have the ability to use private package sources, so if security is critical, I suggest you download and vet all packages, and only allow installing packages from these trusted sources.
I'll defer to someone from the NuGet team, but I'm almost certain they run under the current execution policy.
Here's a clip from my own nuget console:
PM> Get-ExecutionPolicy
RemoteSigned
If I open PowerShell as an admin and change the execution policy, nuget reports the change:
PM> Get-ExecutionPolicy
Restricted
In sum, whatever execution policy you've got on your default host also applies to the nuget console.
When you download a script from the internet, unless it is installed with a setup program where you have given it escalated permissions to install, the scripts are marked as blocked. You have to authorize (unblock) them by right clicking on the scripts and choosing the button Unblock.