在System身份运行的.NET程序中以指定的用户身份启动可交互式进程
今天在技术群里,石头哥向大家提了个问题:"如何在一个以System身份运行的.NET程序(Windows Services)中,以其它活动的用户身份启动可交互式进程(桌面应用程序、控制台程序、等带有UI和交互式体验的程序)"?
我以前有过类似的需求,是在GitLab流水线中运行带有UI的自动化测试程序。
其中流水线是GitLab Runner执行的,而GitLab Runner则被注册为Windows服务,以System身份启动的。
然后我在流水线里,巴拉巴拉写了一大串PowerShell脚本代码,通过调用任务计划程序实现了这个需求。
但我没试过在C#里实现这个功能。
对此,我很感兴趣,于是着手研究,最终捣鼓出来了。
二话不多说,上代码:
using System;
using System.ComponentModel;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Runtime.Versioning;
namespace AllenCai.Windows
{
/// <summary>
/// 进程工具类
/// </summary>
[SupportedOSPlatform("windows")]
public static class ProcessUtils
{
/// <summary>
/// 在当前活动的用户会话中启动进程
/// </summary>
/// <param name="fileName">程序名称或程序路径</param>
/// <param name="commandLine">命令行参数</param>
/// <param name="workDir">工作目录</param>
/// <param name="noWindow">是否无窗口</param>
/// <param name="minimize">是否最小化</param>
/// <returns></returns>
/// <exception cref="ArgumentNullException"></exception>
/// <exception cref="ApplicationException"></exception>
/// <exception cref="Win32Exception"></exception>
public static int StartProcessAsActiveUser(string fileName, string commandLine = null, string workDir = null, bool noWindow = false, bool minimize = false)
{
if (string.IsNullOrWhiteSpace(fileName)) throw new ArgumentNullException(nameof(fileName));
// 获取当前活动的控制台会话ID和安全的用户访问令牌
IntPtr userToken = GetSessionUserToken();
if (userToken == IntPtr.Zero)
throw new ApplicationException("Failed to get user token for the active session.");
IntPtr duplicateToken = IntPtr.Zero;
IntPtr environmentBlock = IntPtr.Zero;
try
{
String file = fileName;
bool shell = string.IsNullOrEmpty(workDir) && (!fileName.Contains('/') && !fileName.Contains('\\'));
if (shell)
{
if (string.IsNullOrWhiteSpace(workDir)) workDir = Environment.CurrentDirectory;
}
else
{
if (!Path.IsPathRooted(fileName))
{
file = !string.IsNullOrEmpty(workDir) ? Path.Combine(workDir, fileName).GetFullPath() : fileName.GetFullPath();
}
if (string.IsNullOrWhiteSpace(workDir)) workDir = Path.GetDirectoryName(file);
}
if (string.IsNullOrWhiteSpace(commandLine)) commandLine = "";
// 复制令牌
SecurityAttributes sa = new SecurityAttributes();
sa.Length = Marshal.SizeOf(sa);
if (!DuplicateTokenEx(userToken, MAXIMUM_ALLOWED, ref sa, SecurityImpersonationLevel.SecurityIdentification, TokenType.TokenPrimary, out duplicateToken))
throw new ApplicationException("Could not duplicate token.");
// 创建环境块(检索该用户的环境变量)
if (!CreateEnvironmentBlock(out environmentBlock, duplicateToken, false))
throw new ApplicationException("Could not create environment block.");
// 启动信息
ProcessStartInfo psi = new ProcessStartInfo
{
UseShellExecute = shell,
FileName = $"{file} {commandLine}", //解决带参数的进程起不来或者起来的进程没有参数的问题
Arguments = commandLine,
WorkingDirectory = workDir,
RedirectStandardError = false,
RedirectStandardOutput = false,
RedirectStandardInput = false,
CreateNoWindow = noWindow,
WindowStyle = minimize ? ProcessWindowStyle.Minimized : ProcessWindowStyle.Normal
};
// 在指定的用户会话中创建进程
SecurityAttributes saProcessAttributes = new SecurityAttributes();
SecurityAttributes saThreadAttributes = new SecurityAttributes();
CreateProcessFlags createProcessFlags = (noWindow ? CreateProcessFlags.CREATE_NO_WINDOW : CreateProcessFlags.CREATE_NEW_CONSOLE) | CreateProcessFlags.CREATE_UNICODE_ENVIRONMENT;
bool success = CreateProcessAsUser(duplicateToken, null, $"{file} {commandLine}", ref saProcessAttributes, ref saThreadAttributes, false, createProcessFlags, environmentBlock, null, ref psi, out ProcessInformation pi);
if (!success)
{
throw new Win32Exception(Marshal.GetLastWin32Error());
//throw new ApplicationException("Could not create process as user.");
}
return pi.dwProcessId;
}
finally
{
// 清理资源
if (userToken != IntPtr.Zero) CloseHandle(userToken);
if (duplicateToken != IntPtr.Zero) CloseHandle(duplicateToken);
if (environmentBlock != IntPtr.Zero) DestroyEnvironmentBlock(environmentBlock);
}
}
/// <summary>
/// 获取活动会话的用户访问令牌
/// </summary>
/// <exception cref="Win32Exception"></exception>
private static IntPtr GetSessionUserToken()
{
// 获取当前活动的控制台会话ID
uint sessionId = WTSGetActiveConsoleSessionId();
// 获取活动会话的用户访问令牌
bool success = WTSQueryUserToken(sessionId, out IntPtr hToken);
// 如果失败,则从会话列表中获取第一个活动的会话ID,并再次尝试获取用户访问令牌
if (!success)
{
sessionId = GetFirstActiveSessionOfEnumerateSessions();
success = WTSQueryUserToken(sessionId, out hToken);
if (!success)
throw new Win32Exception(Marshal.GetLastWin32Error());
}
return hToken;
}
/// <summary>
/// 枚举所有用户会话,获取第一个活动的会话ID
/// </summary>
private static uint GetFirstActiveSessionOfEnumerateSessions()
{
IntPtr pSessionInfo = IntPtr.Zero;
try
{
Int32 sessionCount = 0;
// 枚举所有用户会话
if (WTSEnumerateSessions(IntPtr.Zero, 0, 1, ref pSessionInfo, ref sessionCount) != 0)
{
Int32 arrayElementSize = Marshal.SizeOf(typeof(WtsSessionInfo));
IntPtr current = pSessionInfo;
for (Int32 i = 0; i < sessionCount; i++)
{
WtsSessionInfo si = (WtsSessionInfo)Marshal.PtrToStructure(current, typeof(WtsSessionInfo));
current += arrayElementSize;
if (si.State == WtsConnectStateClass.WTSActive)
{
return si.SessionID;
}
}
}
return uint.MaxValue;
}
finally
{
WTSFreeMemory(pSessionInfo);
CloseHandle(pSessionInfo);
}
}
/// <summary>
/// 以指定用户的身份启动进程
/// </summary>
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateProcessAsUser(
IntPtr hToken,
string lpApplicationName,
string lpCommandLine,
ref SecurityAttributes lpProcessAttributes,
ref SecurityAttributes lpThreadAttributes,
bool bInheritHandles,
CreateProcessFlags dwCreationFlags,
IntPtr lpEnvironment,
string lpCurrentDirectory,
ref ProcessStartInfo lpStartupInfo,
out ProcessInformation lpProcessInformation
);
/// <summary>
/// 获取当前活动的控制台会话ID
/// </summary>
[DllImport("kernel32.dll", SetLastError = true)]
private static extern uint WTSGetActiveConsoleSessionId();
/// <summary>
/// 枚举所有用户会话
/// </summary>
[DllImport("wtsapi32.dll", SetLastError = true)]
private static extern int WTSEnumerateSessions(IntPtr hServer, int reserved, int version, ref IntPtr ppSessionInfo, ref int pCount);
/// <summary>
/// 获取活动会话的用户访问令牌
/// </summary>
[DllImport("wtsapi32.dll", SetLastError = true)]
private static extern bool WTSQueryUserToken(uint sessionId, out IntPtr phToken);
/// <summary>
/// 复制访问令牌
/// </summary>
[DllImport("advapi32.dll", SetLastError = true)]
private static extern bool DuplicateTokenEx(IntPtr hExistingToken, uint dwDesiredAccess, ref SecurityAttributes lpTokenAttributes, SecurityImpersonationLevel impersonationLevel, TokenType tokenType, out IntPtr phNewToken);
/// <summary>
/// 创建环境块(检索指定用户的环境)
/// </summary>
[DllImport("userenv.dll", SetLastError = true)]
private static extern bool CreateEnvironmentBlock(out IntPtr lpEnvironment, IntPtr hToken, bool bInherit);
/// <summary>
/// 释放环境块
/// </summary>
[DllImport("userenv.dll", SetLastError = true)]
private static extern bool DestroyEnvironmentBlock(IntPtr lpEnvironment);
[DllImport("wtsapi32.dll", SetLastError = false)]
private static extern void WTSFreeMemory(IntPtr memory);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool CloseHandle(IntPtr hObject);
[StructLayout(LayoutKind.Sequential)]
private struct WtsSessionInfo
{
public readonly uint SessionID;
[MarshalAs(UnmanagedType.LPStr)]
public readonly string pWinStationName;
public readonly WtsConnectStateClass State;
}
[StructLayout(LayoutKind.Sequential)]
private struct SecurityAttributes
{
public int Length;
public IntPtr SecurityDescriptor;
public bool InheritHandle;
}
[StructLayout(LayoutKind.Sequential)]
private struct ProcessInformation
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
private const uint TOKEN_DUPLICATE = 0x0002;
private const uint MAXIMUM_ALLOWED = 0x2000000;
private const uint STARTF_USESHOWWINDOW = 0x00000001;
/// <summary>
/// Process Creation Flags。<br/>
/// More:https://learn.microsoft.com/en-us/windows/win32/procthread/process-creation-flags
/// </summary>
[Flags]
private enum CreateProcessFlags : uint
{
DEBUG_PROCESS = 0x00000001,
DEBUG_ONLY_THIS_PROCESS = 0x00000002,
CREATE_SUSPENDED = 0x00000004,
DETACHED_PROCESS = 0x00000008,
/// <summary>
/// The new process has a new console, instead of inheriting its parent's console (the default). For more information, see Creation of a Console. <br />
/// This flag cannot be used with <see cref="DETACHED_PROCESS"/>.
/// </summary>
CREATE_NEW_CONSOLE = 0x00000010,
NORMAL_PRIORITY_CLASS = 0x00000020,
IDLE_PRIORITY_CLASS = 0x00000040,
HIGH_PRIORITY_CLASS = 0x00000080,
REALTIME_PRIORITY_CLASS = 0x00000100,
CREATE_NEW_PROCESS_GROUP = 0x00000200,
/// <summary>
/// If this flag is set, the environment block pointed to by lpEnvironment uses Unicode characters. Otherwise, the environment block uses ANSI characters.
/// </summary>
CREATE_UNICODE_ENVIRONMENT = 0x00000400,
CREATE_SEPARATE_WOW_VDM = 0x00000800,
CREATE_SHARED_WOW_VDM = 0x00001000,
CREATE_FORCEDOS = 0x00002000,
BELOW_NORMAL_PRIORITY_CLASS = 0x00004000,
ABOVE_NORMAL_PRIORITY_CLASS = 0x00008000,
INHERIT_PARENT_AFFINITY = 0x00010000,
INHERIT_CALLER_PRIORITY = 0x00020000,
CREATE_PROTECTED_PROCESS = 0x00040000,
EXTENDED_STARTUPINFO_PRESENT = 0x00080000,
PROCESS_MODE_BACKGROUND_BEGIN = 0x00100000,
PROCESS_MODE_BACKGROUND_END = 0x00200000,
CREATE_BREAKAWAY_FROM_JOB = 0x01000000,
CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 0x02000000,
CREATE_DEFAULT_ERROR_MODE = 0x04000000,
/// <summary>
/// The process is a console application that is being run without a console window. Therefore, the console handle for the application is not set. <br />
/// This flag is ignored if the application is not a console application, or if it is used with either <see cref="CREATE_NEW_CONSOLE"/> or <see cref="DETACHED_PROCESS"/>.
/// </summary>
CREATE_NO_WINDOW = 0x08000000,
PROFILE_USER = 0x10000000,
PROFILE_KERNEL = 0x20000000,
PROFILE_SERVER = 0x40000000,
CREATE_IGNORE_SYSTEM_DEFAULT = 0x80000000,
}
private enum WtsConnectStateClass
{
WTSActive,
WTSConnected,
WTSConnectQuery,
WTSShadow,
WTSDisconnected,
WTSIdle,
WTSListen,
WTSReset,
WTSDown,
WTSInit
}
private enum SecurityImpersonationLevel
{
SecurityAnonymous,
SecurityIdentification,
SecurityImpersonation,
SecurityDelegation
}
private enum TokenType
{
TokenPrimary = 1,
TokenImpersonation
}
}
}
用法:
ProcessUtils.StartProcessAsActiveUser("ping.exe", "www.baidu.com -t");
ProcessUtils.StartProcessAsActiveUser("notepad.exe");
ProcessUtils.StartProcessAsActiveUser("C:\\Windows\\System32\\notepad.exe");
在 Windows 7~11、Windows Server 2016~2022 操作系统,测试通过。
在System身份运行的.NET程序中以指定的用户身份启动可交互式进程的更多相关文章
- 在DevExpress程序中使用SplashScreenManager控件实现启动闪屏和等待信息窗口
在我很早的WInform随笔<WinForm界面开发之"SplashScreen控件">有介绍如何使用闪屏的处理操作,不过那种是普通WInform和DevExpress ...
- 在SharePoint 2013中显示“以其他用户身份登录”
在我新建了SharePoint 2013的网站后, 发现界面与2010有一些不同,比如缺少了“以其他用户身份登录”,这给我的测试带来很大不便. 在找了一些国外网站后,终于找到了解决方法 第一步: 找到 ...
- (PHP)程序中如何判断当前用户终端是手机等移动终端
推荐: Mobile-Detect:https://github.com/serbanghita/Mobile-Detect/blob/master/Mobile_Detect.php Detect ...
- Rhino 是一个完全使用Java语言编写的开源JavaScript实现。Rhino通常用于在Java程序中,为最终用户提供脚本化能力。它被作为J2SE 6上的默认Java脚本化引擎。
https://developer.mozilla.org/zh-CN/docs/Mozilla/Projects/Rhino
- 在ASP.NET应用程序中使用身份模拟(Impersonation)
摘要 缺省情况下,ASP.NET应用程序以本机的ASPNET帐号运行,该帐号属于普通用户组,权限受到一定的限制,以保障ASP.NET应用程序运行的安全.但是有时需要某个ASP.NET应用程序或者程 ...
- C#以管理员身份运行程序
using System; using System.Collections.Generic; using System.Linq; using System.Windows.Forms; names ...
- Runas命令:能让域用户/普通User用户以管理员身份运行指定程序。
注:本文由Colin撰写,版权所有!转载请注明原文地址,谢谢合作! 在某些情况下,为了安全起见,大部分公司都会使用域控制器或只会给员工电脑user的用户权限,这样做能大大提高安全性和可控性,但由此也带 ...
- 【CITE】C#默认以管理员身份运行程序实现代码
//用于一种情况:C#软件打包后,在读写C盘文件时,会出现权限问题.使用管理员身份才可以运行 using System; using System.Collections.Generic; using ...
- SUID或SGID程序中能不能用system函数
system()函数的声明和说明如下: 注意它的描述那里,system()执行一个由command参数定义的命令,通过调用/bin/sh -c命令来实现这个功能.也就是说它的逻辑是这样的! 进程调用s ...
- C#编写以管理员身份运行的程序
using System; using System.Collections.Generic; using System.Linq; using System.Windows.Forms; names ...
随机推荐
- Effective Java 在工作中的应用总结
简介: <Effective Java>是一本经典的 Java 学习宝典,值得每位 Java 开发者阅读.笔者将书中和平日工作较密切的知识点做了部分总结. 作者 | 宜秋 来源 | 阿 ...
- dotnet 读 WPF 源代码 聊聊 DispatcherTimer 的实现
本文来告诉大家在 WPF 框架里面,是如何实现 DispatcherTimer 的功能.有小伙伴告诉我,读源代码系列的博客看不动,原因是太底层了.我尝试换一个方式切入逻辑,通过提问题和解决问题的方法, ...
- Kafka源码分析(四) - Server端-请求处理框架
系列文章目录 https://zhuanlan.zhihu.com/p/367683572 一. 总体结构 先给一张概览图: 服务端请求处理过程涉及到两个模块:kafka.network和kafka. ...
- CCE云原生混部场景下的测试案例
本文分享自华为云社区<CCE云原生混部场景下在线任务抢占.压制离线任务CPU资源.保障在线任务服务质量效果测试>,作者:可以交个朋友. 背景 企业的 IT 环境通常运行两大类进程,一类是在 ...
- iptables命令详解
安装iptables yum install iptables-services 编写允许访问的策略 vim /etc/sysconfig/iptables # sample configuratio ...
- fastposter v2.9.2 最简海报生成器
fastposter v2.9.2 程序员必备海报生成器 fastposter海报生成器是一款快速开发海报的工具.只需上传一张背景图,在对应的位置放上组件(文字.图片.二维.头像)即可生成海报. 点击 ...
- Mark Lee:Splashtop 如何成为最新的 10 亿美元估值技术独角兽
从左至右:Splashtop联合创始人Rob.Philip.Mark和Thomas Splashtop 刚刚完成了由我们的长期投资者 Sapphire Ventures 领投的 5000 万美元的新融 ...
- k8s快捷命令
查看node使用率: for i in `kubectl get nodes|awk '{print $1}'|sed '1d'`;do echo "=========>" ...
- Dapper升级SqlSugar问题汇总
最近群里有个小伙伴把Dapper迁移SqlSugar几个不能解决的问题进行一个汇总,我正好写一篇文章来讲解一下 一.sql where in传参问题: SELECT * FROM users wher ...
- 基于 ESP8266_RTOS_SDK 驱动 HC-SR04
平台 芯片 ESP8266EX 模组 ESP-12F 开发板 NodeMCU SDK ESP8266_RTOS_SDK branch master commit 83517ba1f5e26b9413f ...