Not sure if the attached patch is acceptable in Staging, but at least it let`s Spotify (and some other installers i guess) proceed by setting appropriate environment variable. See patch. This is workaround for bug https://bugs.winehq.org/show_bug.cgi?id=40613
I am not too happy about this solution. Setting an environment variable will affect all child processes that are implicitly spawned when starting wine, even the services and fake kernel drivers that should have admin rights. Your patch also only changes a small detail of the token information, while all the rights, groups etc. still signal admin rights.
I think a better solution would be to implement CreateProcessWithTokenW, which basically just means we need to extend create_process_impl to also pass a token to the wineserver. Afterwards we can implement something like runas.exe, which uses CreateRestrictedToken to drop the administrator rights. A user could than start an application using wine runas.exe /trustlevel:... installer.exe with the desired rights.
I will try to take a look at it till the next release.
I already thougt that it was too hacky; if you could take a look at a proper solution that`d be cool. I`ll be patient ;)
I submitted an alternative patch: https://dev.wine-staging.com/patches/166/
You should be able to run the spotify installer using wine runas /trustlevel:0x20000 SpotifySetup.exe with these patches applied. For backwards compatibility reasons with older applications, we still assign a full admin token by default.
This patch should no longer be required with the full UAC implementation by Michael Müller. Please let me know if it fixes the issue with Spotify (when starting with runas, as explained above) or if there are any remaining problems.
Hi Sebastian, I filed my experiences with the patch here: https://bugs.winehq.org/show_bug.cgi?id=40613