For our installer application it is not necessary to install with administration privileges. But when the user decide to install to the system program folder like C:\Program File\OurApp then the user gets a dialog that privileges are missing and another folder has to choose/create. Now the question: is it possible to grand the previliges depending on the installation location during the installation instead before starting?
Yes, the "Request privileges" action can be added to any screen. By default it's in the "Startup" node, but you can delete it there and add it to another screen. It can have a condition expression, so it's only executed when necessary. The action starts an elevated helper process that will execute elevated actions.
As of install4j 6.0.4, the installation location screen will always show an error message if the selected directory is not writable. Starting with 6.0.5, you can deselect the "Check if directory is writable" property and handle writability yourself. Also added in 6.0.5 is the helper function Util::isDirectoryWritable that helps you to check if the currently available privileges allow you to write into a directory.
Related
I wanted to create an installer which creates some files under Program Data/{myprogram}, but with access limited to the Network Service user. I can assign ownership of the directory but at the moment the directory is readable by all other users.
I've tried adding 'Add Windows file rights' actions with trustees of 'Users' and 'Authenticated Users' with no permissions set - but maybe this can only add permissions, not remove them?
Is it possible to remove these permissions? Or is this the wrong idea and I should create the directory for program data elsewhere?
I've tried adding 'Add Windows file rights' actions with trustees of 'Users' and 'Authenticated Users' with no permissions set - but maybe this can only add permissions, not remove them?
That is correct, the "Add Windows file rights" action can only add permissions. I've created an issue for adding a "Remove Windows file rights" action.
everyone, I'm using Wix to make an installer to run a service, below are my problems:
I use a custom action to call sc.exe to install and start the service, then I use custom action to call sc.exe [stop/delete] to remove the service when uninstall. This works fine except that a messagebox says
"The setup must update files or services that cannot be updated while the system is running, if you choose to continue, a reboot will be required to complete the setup"
But in fact after I click "OK", no reboot happened, and the service uninstalled successfully, how can I get rid of this message box?
Another problem is that, after click "OK" in the message box, another messagebox will pop up and tells me that "Another program has exclusive access to file [fileA], please click retry", and after I click retry, the uninstall finished successfully. [fileA] has been removed, but another file [fildB] was left behind.
but I do use a component :
<Component
<RemoveFile ..
<RemoveFile ...
</Component>
to remove these files. and I have
<Custom Action="StopService" Before="RemoveFiles">..
<Custom Action="RemoveService" After="StopService>..
In my wix .
Anyone has some suggestions?
It seems like service may not have actually shut down by the time Windows is trying to delete it or handles or process are still open to it may be for this reason its prompting for that massage box requiring a reboot to delete.
Windows can't uninstall a service if there are process/handles open to it.
In present scenerio after reboot i guess it will delete remaining files.
Try providing wait in your Custom Action for stop and remove service Provide asyncWait in return tag.
It might Solve your problem.
You are using SC.exe to control service via. custom action instead of this i recommend you to use WIX ServiceControl element.
Try to move the StopService and RemoveService custom actions before the costing standard actions, this is where Windows Installer analyzes to see what resources are in use and decides it if will prompt the user with the mentioned message box or not.
I am trying to uninstall a recently installed service, I am running this in command line:
c:\Windows\Microsoft.NET\Framework\v4.0.30319>installutil.exe /u "C:\inetpub\www
root\xxx\xxx\xxx.exe"
But I am getting this:
The uninstall has completed.
An exception occurred while uninstalling. This exception will be ignored and the
uninstall will continue. However, the application might not be fully uninstalle
d after the uninstall is complete.
And this:
Removing EventLog source xxx.
An exception occurred during the uninstallation of the System.Diagnostics.EventL
ogInstaller installer.
System.Security.SecurityException: Requested registry access is not allowed.
An exception occurred while uninstalling. This exception will be ignored and the
uninstall will continue. However, the application might not be fully uninstalle
d after the uninstall is complete.
I have no idea where to begin and I really need to uninstall these so any help is appreciated
I was facing exact same issue.
The issue is resolved by opening the Command Prompt as Administrator.
My guess is that you are probably trying to remove a service using a user account which does not have sufficient rights. Specifically, the issue in this case is the removal of some EventLog registry keys during Uninstall.
This may also occur when you are logged in as a user with Administrator privileges yet did not run the Command Prompt in 'Administrator Mode'.
One way to fix this is to make sure that you are running the Command Prompt in Administrator mode. (Right-click > Run as Administrator)
I have also encountered some cases where this method still fails to solve the SecurityException problem due to some registry keys not having 'Full Control' permissions for Administrator accounts.
The following keys should have 'Full Control' set for Administrators in order for the service to be able to write to the EventLog:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application
This may be done by:
Invoking the Windows Registry Editor
Run [Win + R]
Type 'regedit'
OK
Navigate a path listed about
Right click on the desired path
Make sure that both Read and Full Control permission checkboxes are ticked for Administrators
Click Apply and OK
Repeat the same process for the other path
I would like to run a batch file I have that executes the following before a user logs on:
start "VLC web Interface" "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" -I http
Currently I have this in my Startup folder but I would like this batch file to be executed before a user is logged in on Windows 7. The goal is to start VideoLAN's Web Interface as a service without requiring a user to login. This way the computer can be turned on, and media can be streamed to my devices without choosing a user profile on the login screen.
To be clear, I would like this batch file to run BEFORE a user logs in, not after.
Any ideas?
The answer above would work. However, my preference of how to do it would be a little different. The effect is more or less the same, but I find it a little easier to use the Task Scheduler.
Open the Windows Task Scheduler.
Create a basic task.
Name it whatever you want, such as VLC Web Interface.
Click Next, and choose When the computer starts.
Click Next, and choose Start a program.
Click Next, and click Browse, then select your batch script.
Click Next, and click Finish.
It will now be in your Task Scheduler list of scheduled tasks. From there, you can right click on it and run it now, or end it, or whatever, and it will run every time the computer starts. Any user should be able to do this, whether on a domain or not, and even if you are using Windows Home (in which case you can't use gpedit.msc anyway).
Create a local group policy object for a startup script.
Start up scripts run pre login.
To create what you are after:
Open a run box
type in "gpedit.msc" (without the quotes)
Expand Computer Configuration
Expand Windows Settings
Select Scripts (Startup/Shutdown)
Double click Startup
Click Show Files and copy/paste your batch file in to this folder
Click the Add button on the startup properties
Click Browse and double click on your script to choose it.
"OK" out of all windows to apply the new settings.
The selected script will now run every time the PC starts.
If the PC is part of a Windows Active Directory domain these settings will be overridden with AD Group Policy, in which case the admin of the network should be doing this for you.
Edit:
It's been a few years since I wrote this, while this would work, it's probably simpler to go with Automate Everything's answer and use Task Scheduler to perform an "At Startup" action.
During uninstall progress, the installer displays below message:
"The setup must update files or services that cannot be updated while the system is running. If you choose to continue, a reboot will be required to complete the setup."
I think it's caused by the installed service is still running while uninstalling. So, I try to write a custom action to stop it. But, it seems not work.
If I set the action as Execute='deferred' Impersonate='no', it only allows me to put action between InstallInitialize and InstallFinalize, so I have to set it as "immediate".
<CustomAction BinaryKey='CustomActions' Id='StopService' DllEntry='StopService' Execute='immediate' />
<Custom Action="StopService" Before="InstallValidate">REMOVE="ALL"</Custom>
Also note that, I have to use custom action to install service manually instead of using Wix by some reasons. That's why I'm trying to remove it manually.
You cannot run an elevated custom action before InstallInitialize. If you were to install the service normally, MSI would take care of stopping the service for you and not show the in-use message.