I have a deferred custom action which fetches a property using Customactiondata, it contains the value of password that should not be displayed in the log .
Packaging tool used: WIX
Custom action written in C++
I have tried the below workarounds nothing seems to be working.
Marked the property and CA name as hidden
Hidetarget = yes in CA definition
what needs to be done?
Code:
<CustomAction Id="CASETLOGINFORRCSERVICES" Return="check" HideTarget="yes" Execute="deferred" Impersonate="no" TerminalServerAware="no" DllEntry="SetLoginForRCServices" BinaryKey="CA_Dll" />
log:
MSI (s) (7C:CC) [18:35:39:011]: Executing op: CustomActionSchedule(Action=CASETLOGINFORRCSERVICES,ActionType=3073,Source=BinaryData,Target=SetLoginForRCServices,CustomActionData=Deps###151232323)
MSI (s) (7C:B0) [18:35:39:038]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSIEB69.tmp, Entrypoint: SetLoginForRCServices
MsiHiddenProperties: There is a property you can set to hide property values from being written to the log: MsiHiddenProperties property (there are further links in there to more information on preventing confidential information in your MSI).
Custom Action: Setting the attribute HideTarget="yes" for the custom action will set the above property value for you. However this feature does not seem to hide any value you hard-code in the property table from the log - so if you set an actual value for the property in the property table you need to set the property itself hidden as well (you can set a value programmatically or via the GUI without setting it in the property table). Here are samples:
HideTarget="Yes":
<CustomAction Id="ReadProperyDeferred" HideTarget="yes" ... />
Property Hidden="yes":
<Property Id="MYPROPERTY" Hidden="yes" Secure="yes">Text</Property>
Samples: Sample WiX source here: https://github.com/glytzhkof/WiXDeferredModeSample.
Here is another sample for deferred mode - it uses the DTF class CustomActionData to easily send properties to deferred mode: https://github.com/glytzhkof/WiXDeferredModeSampleDTF
Remember to avoid custom actions if you can: Why is it a good idea to limit the use of custom actions in my WiX / MSI setups?
Sensitive Information: Here is an answer on preventing sensitive or unwanted information to make it into your MSI: How do I avoid distributing sensitive information in my MSI by accident?
Code Extract: Prefer to open the above sample. However, here is a "compressed" sequence of WiX constructs needed for deferred mode custom actions retrieving data from a set-property custom action:
<Property Id="MYPROPERTY" Hidden="yes" Secure="yes">Send this text to deferred mode</Property>
<Binary Id="CustomActions" SourceFile="$(var.CustomActionSample.TargetDir)$(var.CustomActionSample.TargetName).CA.dll" />
<CustomAction Id="SetProperty" Return="check" Property="ReadProperyDeferred" Value="[MYPROPERTY]" />
<CustomAction Id="ReadProperyDeferred" HideTarget="yes" BinaryKey="CustomActions" Execute="deferred" DllEntry="TestCustomAction" />
<InstallExecuteSequence>
<Custom Action='SetProperty' Before='InstallInitialize'></Custom>
<Custom Action='ReadProperyDeferred' Before='InstallFinalize'></Custom>
</InstallExecuteSequence>
Links:
WIX execute custom action with admin privilege
Older answer of mine on deferred mode
How can I automate testing an MSI is installable with UAC?
Add HideTarget="Yes" to the custom action.
Related
How can WIX installer accept license key in UI and save it in a specified location?
I have created a customized dialog to accept key from user and set it in the specified property but when I pass this input to custom action so as to save the value in a file, the custom action receives the initial value of the property not the one entered by user.
May be my install execute sequence is wrong. When should I schedule its execution?
<InstallExecuteSequence>
<Custom Action="CA_SaveProperty" After="InstallFiles" />
</InstallExecuteSequence>
I have tried:
After="InstallInitialize"
and
Before ="InstallFinalize"
What I want is the custom action to invoke after user enters the license key and before installer is ready to copy files.
After lots of struggle I found it was easy :
<CustomAction Id="CA_SaveProperty" BinaryKey="CA_SavePropertyDLL" DllEntry="ReadProperty" Execute="commit" Return="check" />
<InstallExecuteSequence>
<Custom Action="CA_SaveProperty" After="InstallFiles" />
</InstallExecuteSequence>
I am installing ASP.NET MVC website using wix. I need to show the URL of installed site on the exit screen.
I have following properties:
<Property Id="WEBSITE_URL" Value="NotSet" />
<Property Id="WIXUI_EXITDIALOGOPTIONALTEXT" Value="NotSet" />
Which are populated using custom actions:
<CustomAction Id="GetWebsiteUrl"
BinaryKey="CustomActions"
DllEntry="GetWebsiteUrl"
Execute="immediate"
Return="ignore" />
<CustomAction Id="SetExitDialogAdditionalText"
Property="WIXUI_EXITDIALOGOPTIONALTEXT"
Value="The API may be accessed from the following URL: [WEBSITE_URL]"/>
InstallUISequence is following:
<InstallUISequence>
<Custom Action='GetWebsiteUrl' Before='ExecuteAction'>NOT Installed AND NOT REMOVE</Custom>
<Custom Action="SetExitDialogAdditionalText" After="GetWebsiteUrl">NOT Installed AND NOT REMOVE</Custom>
</InstallUISequence>
And the result string on exit screen is:
The API may be accessed from the following URL: NotSet
I've tried to execute custom actions in the InstallExecuteSequence and in the logs I can see that string looks correct:
<InstallExecuteSequence>
<Custom Action='GetWebsiteUrl' Before='InstallFinalize'>NOT Installed AND NOT REMOVE</Custom>
<Custom Action="SetExitDialogAdditionalText" After="GetWebsiteUrl">NOT Installed AND NOT REMOVE</Custom>
</InstallExecuteSequence>
The result in logs:
PROPERTY CHANGE: Modifying WEBSITE_URL property. Its current value is
'NotSet'. Its new value: 'http://localhost:80'.
PROPERTY CHANGE: Modifying WIXUI_EXITDIALOGOPTIONALTEXT property. Its
current value is 'NotSet'. Its new value: 'The API may be
accessed from the following URL: http://localhost:80'.
But in UI something is going wrong.
I feel like the problem is in the InstallUISequence, but can't understand what I'm doing wrong. Please advise.
Try declaring your WEBSITE_URL property as secure in case the value isn't being properly saved across UI and Execute sequences.
from a Wix installer package I am starting one of the installed programs at the end of the setup, according to http://wixtoolset.org/documentation/manual/v3/howtos/ui_and_localization/run_program_after_install.html:
<Property Id="WixShellExecTarget" Value="[#myapplication.exe]" />
<CustomAction Id="LaunchApplication" BinaryKey="WixCA" DllEntry="WixShellExec" Impersonate="yes" />
I now need to include a switch ("/X") to start the program with and failed to find out how to do that (adding it to Value disables the start of the program alltogehter) - any advice? Thanks!
WixShellExecTarget must be only the path of the executable/document.
There's no support to add arguments. For that, use a "normal" exe custom
action instead of WixShellExec.
Because a more typical use case is to launch a document (like a
readme.html or .pdf). WixShellExec was designed just for that purpose.
http://windows-installer-xml-wix-toolset.687559.n2.nabble.com/Passing-command-line-arguments-to-an-app-launched-after-setup-td1366362.html
You could replace your custom action with something like:
<CustomAction Id="LaunchApplication"
Impersonate="yes"
FileKey="[Id for File element that was installed]"
ExeCommand="/X"
Return="asyncNoWait" />
I guessed on some of the attributes that you'd want, but you could use the Wix CustomAction element reference page for more information. I think you want custom action type 18 (to run an executable copied during this installation), so this example should help as well.
We need our MSI to store the password in the registry, so users can use our installer to change connection strings, etc.
We found MsiExt for its cryptography DLL and are trying to configure the custom actions.
Our users will need to be able to install both through the UI dialogs and silently -- so we need to able to execute in both sequences.
Here is a sample of our Product.wxs
<Property Id="DB_PASSWORD" Secure="yes"/>
<Property Id="P.DB_PASSWORD">
<RegistrySearch Id="S.DB_PASSWORD" Root="HKLM" Key="SOFTWARE\$(var.Manufacturer)\$(var.ProductName)" Name="DB_PASSWORD" Type="raw" Win64="$(var.Win64)"/>
</Property>
<Component Id="c.RegistryEntries" Guid="XXXXX-XXXXX-XXXXX-XXXXX" Directory="INSTALLDIR">
<RegistryKey Root="HKLM" Key="SOFTWARE\$(var.Manufacturer)\$(var.ProductName)" Action="createAndRemoveOnUninstall">
<RegistryValue Id="R.DB_PASSWORD" Name="DB_PASSWORD" Value="[ENCRYPTED_DBPASSWORD]" Type="string" />
</RegistryKey>
</Component>
<!--For encrypting the database password on the way to the registry-->
<Binary Id="Cryptography" SourceFile="..\..\lib\msiext-1.4\CustomActions\Cryptography.dll"/>
<!--This property will receive the encrypted DB_PASSWORD that the user enters and will be encrypted-->
<Property Id="CRYPTPROTECT_DATA" Hidden="yes" />
<Property Id="CRYPTPROTECT_FLAGS" Value="CRYPTPROTECT_LOCAL_MACHINE|CRYPTPROTECT_UI_FORBIDDEN" />
<CustomAction Id="EncryptPassword" BinaryKey="Cryptography" DllEntry="CryptProtectDataHex" Execute="immediate" />
<CustomAction Id="SetDBUSERsPASSWORDForEncryption" Property="CRYPTPROTECT_DATA" Value="[DB_PASSWORD]" />
<Property Id="ENCRYPTED_DBPASSWORD" Hidden="yes" />
<SetProperty Id="ENCRYPTED_DBPASSWORD" Value="[CRYPTPROTECT_RESULT]" Sequence="execute" After="SetDBUSERsPASSWORDForEncryption" />
<!--This is for decrypting the registry value-->
<Property Id="CRYPTUNPROTECT_DATA" Hidden="yes" />
<Property Id="CRYPTUNPROTECT_FLAGS" Value="CRYPTPROTECT_LOCAL_MACHINE|CRYPTPROTECT_UI_FORBIDDEN" />
<SetProperty Id="CRYPTUNPROTECT_DATA" Value="[P.DB_PASSWORD]" Before="DecryptPassword" >NOT(DB_PASSWORD)</SetProperty>
<CustomAction Id="DecryptPassword" BinaryKey="Cryptography" DllEntry="CryptUnprotectDataHex" Execute="firstSequence" />
<CustomAction Id="SetDBUSERsDecryptedPASSWORD" Property="DB_PASSWORD" Value="[CRYPTUNPROTECT_RESULT]"/>
<CustomAction Id="LaunchApplication" BinaryKey="WixCA" DllEntry="WixShellExec" Impersonate="yes" />
<InstallUISequence>
<Custom Action="DecryptPassword" After="CostFinalize"><![CDATA[NOT(DB_PASSWORD)]]></Custom>
<Custom Action="SetDBUSERsDecryptedPASSWORD" After="DecryptPassword" ><![CDATA[NOT(DB_PASSWORD)]]></Custom>
</InstallUISequence>
<InstallExecuteSequence>
<Custom Action="SchedXmlConfig" After="InstallFiles"><![CDATA[(NOT REMOVE~="All")]]></Custom>
<Custom Action="SetDBUSERsPASSWORDForEncryption" Before="InstallInitialize" />
<Custom Action="EncryptPassword" After="SetDBUSERsPASSWORDForEncryption" />
<Custom Action="DecryptPassword" Before="InstallFiles"><![CDATA[CRYPTUNPROTECT_RESULT]]></Custom>
<Custom Action="SetDBUSERsDecryptedPASSWORD" After="DecryptPassword" ><![CDATA[CRYPTUNPROTECT_RESULT]]></Custom>
</InstallExecuteSequence>
The install log shows that the DecryptPassword is firing during the UISequence. The decryption custom action fires, then the DecryptPassword works.
Action ended 17:52:43: CostFinalize. Return value 1.
MSI (c) (CC:A8) [17:52:43:936]: Doing action: SetCRYPTUNPROTECT_DATA
Action 17:52:43: SetCRYPTUNPROTECT_DATA.
Action start 17:52:43: SetCRYPTUNPROTECT_DATA.
MSI (c) (CC:A8) [17:52:43:937]: PROPERTY CHANGE: Adding CRYPTUNPROTECT_DATA property. Its value is '**********'.
Action ended 17:52:43: SetCRYPTUNPROTECT_DATA. Return value 1.
MSI (c) (CC:A8) [17:52:43:937]: Doing action: DecryptPassword
Action 17:52:43: DecryptPassword.
Action start 17:52:43: DecryptPassword.
MSI (c) (CC:7C) [17:52:49:129]: Invoking remote custom action. DLL: C:\Users\kujotx\AppData\Local\Temp\MSI9904.tmp, Entrypoint: CryptUnprotectDataHex
MSI (c) (CC:54) [17:52:49:130]: Cloaking enabled.
MSI (c) (CC:54) [17:52:49:130]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (CC:54) [17:52:49:130]: Connected to service for CA interface.
CryptUnprotectDataHex: MSI Extensions 1.4.1114.0
MSI (c) (CC!94) [17:52:49:236]: PROPERTY CHANGE: Adding CRYPTUNPROTECT_RESULT property. Its value is 'password'.
Action ended 17:52:49: DecryptPassword. Return value 1.
MSI (c) (CC:A8) [17:52:49:238]: Doing action: SetDBUSERsDecryptedPASSWORD
Action 17:52:49: SetDBUSERsDecryptedPASSWORD.
Action start 17:52:49: SetDBUSERsDecryptedPASSWORD.
MSI (c) (CC:A8) [17:52:49:239]: PROPERTY CHANGE: Adding DB_PASSWORD property. Its value is '**********'.
Action ended 17:52:49: SetDBUSERsDecryptedPASSWORD. Return value 1.
My problem is that SetCRYPTUNPROTECT_DATA is not executing during ExecuteSequence, so DecryptPassword fails:
Action ended 17:53:47: AppSearch. Return value 1.
MSI (s) (28:1C) [17:53:47:206]: Doing action: DecryptPassword
Action 17:53:47: DecryptPassword.
Action start 17:53:47: DecryptPassword.
MSI (s) (28:98) [17:53:47:217]: Invoking remote custom action. DLL: C:\Windows\Installer\MSI9020.tmp, Entrypoint: CryptUnprotectDataHex
CryptUnprotectDataHex: MSI Extensions 1.4.1114.0
CryptUnprotectDataHex: [CryptUnprotectDataHex] std::exception: 0x80070057 - Error in CryptUnprotectData: The parameter is incorrect.
MSI (s) (28!DC) [17:53:47:237]: PROPERTY CHANGE: Adding CA_ERROR property. Its value is '0x80070057 - Error in CryptUnprotectData: The parameter is incorrect.'.
CustomAction DecryptPassword returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
Action ended 17:53:47: DecryptPassword. Return value 3.
Action ended 17:53:47: INSTALL. Return value 3.
Can you point out how to schedule our custom actions to get this to decrypt properly?
Your problem is likely due to one of the following:
The <SetProperty> element that sets the CRYPTUNPROTECT_DATA property is being conditionally run based on the value of DB_PASSWORD not being set, but we can't see from the logs that this property is indeed not set. The property action won't run if this evaluates to false.
The default setting for the Sequence attribute on the <SetProperty> element is not working correctly. Try setting the Sequence attribute to first, which will schedule it to be run in the first of either InstallUISequence or InstallExecuteSequence (will be first in silent mode). If that doesn't work, try setting it to both explicitly.
Try changing the Before attribute on the custom action for DecryptPassword in the InstallExecuteSequence to After="InstallInitialize", which is much earlier on in the install sequence than InstallFiles. This will get you behavior that is similar to running with the UI Sequence, which computes and modifies your properties and runs your actions prior to anything actually being installed.
See this page for suggested sequencing (and see relative ordering of events)
I am trying to execute the custom action at the time of uninstall the installer in wix.It is working perfectly but it is showing the splash screen of cmd prompt at the time of custom action.Latter I tried with CAQuietExec but it is unable to uininstall the installer and giving error.
(CAQuietExec: Error 0x80070057: failed to get command line data).
The command that I am using is :
<Fragment>
<Property Id="ModifyOutlookRegInitSign_14" Value=""[SystemFolder]reg.exe" ADD "HKCU\SOFTWARE\Microsoft\Office\14.0\Outlook\Security" /v InitSign /t REG_DWORD /d 0 /f"/>
<CustomAction Id="ModifyOutlookRegInitSign_14" BinaryKey="WixCA" DllEntry="CAQuietExec"
Execute="deferred" Return="check" />
<InstallExecuteSequence>
<Custom Action="ModifyOutlookRegInitSign_14" Before="InstallFinalize"></Custom>
</InstallExecuteSequence>
</Fragment>
If it is an immediate custom action, the name of the property containing the command line as value must have an Id="QtExecCmdLine". For other types of custom actions read Quiet Execution Custom Action.
It seems to me that you are trying to update HKCU during the uninstall. This is probably because Windows Installer doesn't natively support the ability to do so.
But your proposed solution is lacking in several way. Mainly that it doesn't support rollback and doesn't support cleaning up other user profiles.
Did this registry entry had to be implemented in HKCU? Could it be implemented in HKLM?
I've created a custom action to kill a process silently like this:
<!-- WixQuietExecCmdLine specify the cmd to be executed -->
<Property Id="WixQuietExecCmdLine" Value='"[WindowsFolder]System32\TaskKill.exe" /F /T /IM MyApp.exe'/>
<!-- From WiX v3.10, use WixQuietExec -->
<CustomAction Id="MyAppTaskKill" BinaryKey="WixCA" DllEntry="WixQuietExec" Execute="immediate" Return="ignore"/>
<!-- trigger the custom action -->
<InstallExecuteSequence>
<Custom Action='MyAppTaskKill' Before='InstallValidate'></Custom>
</InstallExecuteSequence>
You have more info about the possible configuration combinations here:
http://wixtoolset.org/documentation/manual/v3/customactions/qtexec.html
Wrap your custom action around a Property with Id set to WixQuietExecCmd.
<Property Id="WixQuietExecCmdLine" Value="command line to run"/>
WiX Property Element
WiX Quiet Execution of Custom Action