Geek Answers Handbook

How to run the application without promotion?

I want to call an update to check for updates (do not perform the update, but check if there are any). I would like to do this in the background and quietly. If there is an update, I would ask the user to get additional permissions and run the update program. The check includes reading the file in the application directory and comparing the version found in it with the one on the website.

How can I run it without promotion for verification? QProcess::start() fails because it needs a higher resolution, and ShellExecute only works if I add the verb "runas" for the same reason (which I only need if I really had written in this directory, that is, I want to update). I suppose I need to add some kind of manifest, but I don't know its contents.

+7
source share
3 answers

So, it turns out that I had one more error, because of which, in all cases, an unraised working branch was executed. The model described in the article works. To eliminate the need to define elevated Windows permissions, you must add a manifest resource. (for example, if your exe application name contains the word "updater", it will start)

The contents of the manifest are as follows:

 <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false" /> </requestedPrivileges> </security> </trustInfo> </assembly>

Compiling it to your .exe depends on your compiler and environment, so I just show: Qt Creator and mingw-gcc:

Create an rc file for resources with the following contents:

 1 24 DISCARDABLE manifest.xml

Add this rc file to your .pro as follows:

 win32:RC_FILE = resources.rc

After that, ShellExecute without the verb paramter will be executed without raising, and using runas will start it with a height mark.

+10
source

A message appears when your application requests it for some reason. You can manage it using the application manifest. For more information on how to add a manifest, see Create and insert an application manifest file (UAC) .

I suggest you the following:

  • Separate your Updater and Update Checker so that they are in different .EXE files.
  • UpdateChecker.exe does not require administrator rights, therefore the requestedExecutionLevel element of the manifest has the level of asInvoker .
  • Updater.exe requires administrator rights because it writes the updated application file to Program Files. Therefore, the requestedExecutionLevel element of its manifest has a requireAdministrator level.

In your program, you can run UpdateChecker.exe as you like. To run Updater.exe, you will need to use ShellExecute ; if the application has a manifest (and I highly recommend a manifest attachment), it will show a UAC prompt for promotion if the application wants to get administrator privileges. There is no need to use the verb runas .

Alternatively, you can check if an update is available or not from the main application. And run Updater.exe only if there is a new version on the server.

Another option would be to make Updater.exe check for updates and apply it, if any, as it is now. In this case, Updater.exe should have asInvoker level in its manifest. When it starts without parameters, it checks for a new version on the server. If it finds a newer version, it starts again with administrator privileges and passes a command-line option, such as /doUpdate , which indicates that it is performing the actual update.

In order to restart itself, it must use the ShellExecute and runas verb functions, because ShellExecute will not be able to automatically detect your Updater.exe now requires administrative privileges.

Keep in mind that the meaning of the runas verb is different from Windows XP and Windows Vista / 7, so you must deal with this situation if you want to support previous versions of Windows. The first approach I described will work in Windows XP without additional processing.

+4
source

I suggest using one of these scenarios:

  • put this file in the user profile instead of the application path
  • copy the contents of this file to the user profile if it is in read-only mode, then run QProcess::start()
  • include this file in the .qrc file, and then extract it into the user profile in case of refusal to read or run QProcess::start()
0
source

More articles:


All Articles