workaround/hack for Spotify installer Superseded


Revision 1

user image pietjankbal1 Author
30 Jul. 17


Not sure if the attached patch is acceptable in Staging, but at least it let`s Spotify (and some other installers i guess) proceed by setting appropriate environment variable. See patch. This is workaround for bug

user image Michael Müller
01 Aug. 17

I am not too happy about this solution. Setting an environment variable will affect all child processes that are implicitly spawned when starting wine, even the services and fake kernel drivers that should have admin rights. Your patch also only changes a small detail of the token information, while all the rights, groups etc. still signal admin rights.

I think a better solution would be to implement CreateProcessWithTokenW, which basically just means we need to extend create_process_impl to also pass a token to the wineserver. Afterwards we can implement something like runas.exe, which uses CreateRestrictedToken to drop the administrator rights. A user could than start an application using wine runas.exe /trustlevel:... installer.exe with the desired rights.

I will try to take a look at it till the next release.

user image pietjankbal1 Author
01 Aug. 17

I already thougt that it was too hacky; if you could take a look at a proper solution that`d be cool. I`ll be patient ;)

user image Michael Müller
07 Aug. 17

I submitted an alternative patch:
You should be able to run the spotify installer using wine runas /trustlevel:0x20000 SpotifySetup.exe with these patches applied. For backwards compatibility reasons with older applications, we still assign a full admin token by default.

user image Sebastian Lackner
07 Aug. 17

This patch should no longer be required with the full UAC implementation by Michael Müller. Please let me know if it fixes the issue with Spotify (when starting with runas, as explained above) or if there are any remaining problems.

user image pietjankbal1 Author
09 Aug. 17

Hi Sebastian, I filed my experiences with the patch here:

Single files Merged diff Tar archive
You have unsaved changes. Press CTRL + ENTER in a text field to submit your comments.


From de18b1494af0a396ccda9b7f65bd69fad16f4cb4 Mon Sep 17 00:00:00 2001
From: Louis Lenders <>
Date: Sun, 30 Jul 2017 12:56:24 +0200
Subject: [PATCH] ntdll/nt.c: Add a workaround hack to TokenElevation to allow
some installers (like Spotify) to proceed
Signed-off-by: Louis Lenders <>
dlls/ntdll/nt.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/dlls/ntdll/nt.c b/dlls/ntdll/nt.c
index a793b57..00c8943 100644
--- a/dlls/ntdll/nt.c
+++ b/dlls/ntdll/nt.c
@@ -524,9 +524,16 @@ NTSTATUS WINAPI NtQueryInformationToken(
case TokenElevationType:
+ const char *str = getenv("STAGING_ELEVATIONTYPE");
TOKEN_ELEVATION_TYPE *elevation_type = tokeninfo;
- FIXME("QueryInformationToken( ..., TokenElevationType, ...) semi-stub\n");
- *elevation_type = TokenElevationTypeFull;
+ FIXME("QueryInformationToken( ..., TokenElevationType, ...) semi-stub. If the application complains that\n"
+ "it should be run as normal user, set the STAGING_ELEVATIONTYPE environmentvariable to Default\n");
+ if( str && !strcmp(str, "Default"))
+ *elevation_type = TokenElevationTypeDefault;
+ else
+ *elevation_type = TokenElevationTypeFull;
case TokenElevation: