Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

windows core run command with elevated privileges

There are a few options for standard user to run as Administrator (or any another user), however, even when logged as Administrator, some functions requires to run 'elevated'.

On a windows gui, just right click a .exe and select run as Administrator or even elevate 'cmd' or 'powershell'.

How can you get elevated privileges on Windows core?

like image 483
fcm Avatar asked Dec 31 '22 23:12

fcm


1 Answers

Generally, to programmatically invoke an executable with elevation (Run as Administrator) on Windows, use the Start-Process cmdlet with -Verb RunAs.

This applies equally to pwsh.exe, the PowerShell Core executable, so that in the simplest case you can write:

# Open a new console window with PowerShell Core running with admin privileges.
Start-Process -Verb RunAs pwsh

If you wanted to wrap that in a convenience function that is also more robust and cross-edition on Windows (also works in Windows PowerShell):

  • Note: See the bottom section for a more sophisticated function, downloadable from a Gist, which notably also allows passing commands to execute in the elevated PowerShell session.
function Enter-AdminPSSession {
  Start-Process -Verb RunAs (Get-Process -Id $PID).Path
}

# Optionally also define a short alias name:
# Note: 'psa' is a nonstandard alias name; a more conformant name would be
#       the somewhat clunky 'etasn' 
#       ('et' for 'Enter', 'a' for admin, and 'sn'` for session), analogous
#       to built-in 'etsn' alias referring to 'Enter-PSSession'
Set-Alias psa Enter-AdminPSSession

If you want the function to also be cross-platform (to also work on Unix-like platforms):

function Enter-AdminPSSession {
  if ($env:OS -eq 'Windows_NT') {
    Start-Process -Verb RunAs (Get-Process -Id $PID).Path
  } else {
    sudo (Get-Process -Id $PID).Path
  }
}

Important: Due to the cmdlets / utilities involved,

  • on Windows, the new session invariably opens in a new console window.

    • The fact that the new session is an admin session is reflected in its window's title (prefix Administrator: )
  • on Unix (Linux, macOS), the new session invariably opens in the same console (terminal) window.

    • On Unix there is no obvious indicator that an admin session has been entered; running whoami is a quick way to test for that (returns root in an admin session); a better solution would be to modify the prompt function to reflect an admin session in the prompt string, as the prepackage solution discussed next does.

If you additionally want the ability to run commands in the new session and optionally auto-close it, much more work is needed:

You can download function Enter-AdminPSSession from this Gist, which:

  • enables passing commands to execute via a script block ({ ... })

    • keeps the session open by default, so that command output can be inspected, but you can opt-out with -Exit or -ExitOnSuccess (close the session only if no error occurred).

    • tries to reflect overall success of the commands passed via $LASTEXITCODE (even for PowerShell-native commands this variable is normally not set); 0 indicates success.

  • ensures that the calling session's current location (working directory) is also the elevated session's current location.

  • allows you to opt out of loading the profiles, with -NoProfile

  • prefixes the prompt string in interactive elevated sessions with [admin] , on all platforms.

Assuming you have looked at the linked Gist's source code to ensure that it is safe (which I can personally assure you of, but you should always check), you can install Enter-AdminPSSession directly as follows:

irm https://gist.github.com/mklement0/f726dee9f0d3d444bf58cb81fda57884/raw/Enter-AdminPSSession.ps1 | iex

Example calls (which assume that Set-Alias psa Enter-AdminPSSession has been called):

  • Enter an interactive elevated session:
psa
  • Windows: Enter an elevated session without loading profiles and set the all-users execution policy, then exit if that succeeded.
psa -NoProfile -ExitOnSuccess { Set-ExecutionPolicy -Scope LocalMachine RemoteSigned }
  • Unix: Gets the content of file /etc/sudoers (which can only be read with administrative privileges), then exits:
psa -Exit { Get-Content /etc/sudoers }
like image 107
mklement0 Avatar answered Jan 09 '23 09:01

mklement0