[installer] Auto-start PowerToys as logged-in user from installer run… (#27793)

* [installer] Auto-start PowerToys as logged-in user from installer running as SYSTEM * spellcheck * Address feedback * spellcheck
2025-12-15 11:17:53 +01:00 · 2023-08-04 09:59:33 +02:00
parent d4213c3e30
commit adbc273bcf
5 changed files with 176 additions and 189 deletions
--- a/installer/PowerToysSetup/Product.wxs
+++ b/installer/PowerToysSetup/Product.wxs
@@ -133,6 +133,7 @@
    <InstallExecuteSequence>
      <Custom Action="DetectPrevInstallPath" After="AppSearch" />
      <Custom Action="SetRegisterPowerToysSchTaskParam" Before="RegisterPowerToysSchTask" />
+      <Custom Action="SetLaunchPowerToysParam" Before="LaunchPowerToys" />
      <Custom Action="SetApplyModulesRegistryChangeSetsParam" Before="ApplyModulesRegistryChangeSets" />
      <Custom Action="SetUnApplyModulesRegistryChangeSetsParam" Before="UnApplyModulesRegistryChangeSets" />
      <Custom Action="RegisterPowerToysSchTask" After="InstallFiles">
@@ -171,17 +172,22 @@
      </Custom>-->
      <Custom Action="TerminateProcesses" Before="InstallValidate" />

-      <Custom Action="LaunchPowerToys" After="InstallFinalize">NOT Installed</Custom>
+      <Custom Action="LaunchPowerToys" Before="InstallFinalize">NOT Installed</Custom>

    </InstallExecuteSequence>

+    <CustomAction Id="SetLaunchPowerToysParam"
+                    Property="LaunchPowerToys"
+                    Value="[INSTALLFOLDER]" />
+
    <CustomAction
      Id="LaunchPowerToys"
-      Execute="immediate"
+      Return="ignore"
      Impersonate="yes"
-      Return="asyncNoWait"
-      FileKey="PowerToys.exe"
-      ExeCommand="--dont-elevate" />
+      Execute="deferred"
+      BinaryKey="PTCustomActions"
+      DllEntry="LaunchPowerToysCA"
+      />

    <CustomAction
      Id="TerminateProcesses"
--- a/installer/PowerToysSetupCustomActions/CustomAction.cpp
+++ b/installer/PowerToysSetupCustomActions/CustomAction.cpp
@@ -2,7 +2,6 @@
 #include "resource.h"
 #include "RcResource.h"
 #include <ProjectTelemetry.h>
-
 #include <spdlog/sinks/base_sink.h>

 #include "../../src/common/logger/logger.h"
@@ -16,6 +15,11 @@
 #include <winrt/Windows.Foundation.h>
 #include <winrt/Windows.Management.Deployment.h>

+#include <wtsapi32.h>
+#include <processthreadsapi.h>
+#include <UserEnv.h>
+#include <winnt.h>
+
 using namespace std;

 HINSTANCE DLL_HANDLE = nullptr;
@@ -50,6 +54,160 @@ LExit:
    return hr;
 }

+BOOL IsLocalSystem()
+{
+    HANDLE hToken;
+    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
+    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
+    ULONG cbTokenUser;
+    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
+    PSID pSystemSid;
+    BOOL bSystem;
+
+    // open process token
+    if (!OpenProcessToken(GetCurrentProcess(),
+        TOKEN_QUERY,
+        &hToken))
+        return FALSE;
+
+    // retrieve user SID
+    if (!GetTokenInformation(hToken, TokenUser, pTokenUser,
+        sizeof(bTokenUser), &cbTokenUser))
+    {
+        CloseHandle(hToken);
+        return FALSE;
+    }
+
+    CloseHandle(hToken);
+
+    // allocate LocalSystem well-known SID
+    if (!AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID,
+        0, 0, 0, 0, 0, 0, 0, &pSystemSid))
+        return FALSE;
+
+    // compare the user SID from the token with the LocalSystem SID
+    bSystem = EqualSid(pTokenUser->User.Sid, pSystemSid);
+
+    FreeSid(pSystemSid);
+
+    return bSystem;
+}
+
+UINT __stdcall LaunchPowerToysCA(MSIHANDLE hInstall)
+{
+    HRESULT hr = S_OK;
+    UINT er = ERROR_SUCCESS;
+    std::wstring installationFolder, path, args;
+    std::wstring commandLine;
+
+    hr = WcaInitialize(hInstall, "LaunchPowerToys");
+    ExitOnFailure(hr, "Failed to initialize");
+    hr = getInstallFolder(hInstall, installationFolder);
+    ExitOnFailure(hr, "Failed to get installFolder.");
+
+    path = installationFolder;
+    path += L"\\PowerToys.exe";
+
+    args = L"--dont-elevate";
+
+    commandLine = L"\"" + path + L"\" ";
+    commandLine += args;
+
+    BOOL isSystemUser = IsLocalSystem();
+
+    if (isSystemUser) {
+    
+        HANDLE hUserToken = NULL;
+        DWORD dwSessionId;
+        ProcessIdToSessionId(GetCurrentProcessId(), &dwSessionId);
+        auto rv = WTSQueryUserToken(dwSessionId, &hUserToken);
+
+        if (rv == 0)
+        {
+            ExitOnFailure(hr, "Failed to query user token");
+        }
+
+        HANDLE hUserTokenDup;
+        if (DuplicateTokenEx(hUserToken, TOKEN_ALL_ACCESS, NULL, SECURITY_IMPERSONATION_LEVEL::SecurityImpersonation, TOKEN_TYPE::TokenPrimary, &hUserTokenDup) == 0)
+        {
+            CloseHandle(hUserToken);
+            CloseHandle(hUserTokenDup);
+            ExitOnFailure(hr, "Failed to duplicate user token");
+        }
+
+        if (ImpersonateLoggedOnUser(hUserTokenDup))
+        {
+            STARTUPINFO startupInfo{ .cb = sizeof(STARTUPINFO),  .wShowWindow = SW_SHOWNORMAL };
+            PROCESS_INFORMATION processInformation;
+
+            PVOID lpEnvironment = NULL;
+            CreateEnvironmentBlock(&lpEnvironment, hUserTokenDup, FALSE);
+
+            CreateProcessAsUser(
+                hUserTokenDup,
+                NULL,
+                commandLine.data(),
+                NULL,
+                NULL,
+                FALSE,
+                CREATE_DEFAULT_ERROR_MODE | CREATE_UNICODE_ENVIRONMENT,
+                lpEnvironment,
+                NULL,
+                &startupInfo,
+                &processInformation);
+
+            if (!CloseHandle(processInformation.hProcess))
+            {
+                er = ERROR_INSTALL_FAILURE;
+            }
+            if (!CloseHandle(processInformation.hThread))
+            {
+                er = ERROR_INSTALL_FAILURE;
+            }
+
+            RevertToSelf();
+            CloseHandle(hUserToken);
+            CloseHandle(hUserTokenDup);
+        }
+        else
+        {
+            ExitOnFailure(hr, "Failed to duplicate user token");
+        }
+    }
+    else
+    {
+        STARTUPINFO startupInfo{ .cb = sizeof(STARTUPINFO),  .wShowWindow = SW_SHOWNORMAL };
+
+        PROCESS_INFORMATION processInformation;
+
+        // Start the resizer
+        CreateProcess(
+            NULL,
+            commandLine.data(),
+            NULL,
+            NULL,
+            TRUE,
+            0,
+            NULL,
+            NULL,
+            &startupInfo,
+            &processInformation);
+
+        if (!CloseHandle(processInformation.hProcess))
+        {
+            ExitOnFailure(hr, "Failed to close process handle");
+        }
+        if (!CloseHandle(processInformation.hThread))
+        {
+            ExitOnFailure(hr, "Failed to close thread handle");
+        }
+    }
+
+LExit:
+    er = SUCCEEDED(hr) ? ERROR_SUCCESS : ERROR_INSTALL_FAILURE;
+    return WcaFinalize(er);
+}
+
 UINT __stdcall CheckGPOCA(MSIHANDLE hInstall)
 {
    HRESULT hr = S_OK;
--- a/installer/PowerToysSetupCustomActions/CustomAction.def
+++ b/installer/PowerToysSetupCustomActions/CustomAction.def
@@ -1,6 +1,7 @@
 LIBRARY "PowerToysSetupCustomActions"

 EXPORTS
+	LaunchPowerToysCA
 	CheckGPOCA
 	ApplyModulesRegistryChangeSetsCA
 	CreateScheduledTaskCA
--- a/installer/PowerToysSetupCustomActions/PowerToysSetupCustomActions.vcxproj
+++ b/installer/PowerToysSetupCustomActions/PowerToysSetupCustomActions.vcxproj
@@ -88,7 +88,7 @@
      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
    </ClCompile>
    <Link>
-      <AdditionalDependencies>WindowsApp.lib;Newdev.lib;Crypt32.lib;msi.lib;wcautil.lib;Psapi.lib;Pathcch.lib;comsupp.lib;taskschd.lib;Secur32.lib;msi.lib;dutil.lib;wcautil.lib;Version.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalDependencies>Userenv.lib;Wtsapi32.lib;WindowsApp.lib;Newdev.lib;Crypt32.lib;msi.lib;wcautil.lib;Psapi.lib;Pathcch.lib;comsupp.lib;taskschd.lib;Secur32.lib;msi.lib;dutil.lib;wcautil.lib;Version.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
      <ModuleDefinitionFile>CustomAction.def</ModuleDefinitionFile>
    </Link>
  </ItemDefinitionGroup>