microsoft
[MSIX Bucket] Launch issues caused by bad permissions on WindowsApps, and others
There is a class of issues whose root cause seems to be bad permissions on C:\Program Files\WindowsApps.
-
wt.execan launch the "wrong" copy of Terminal without user settings-
DIFFERENTIAL DIAGNOSTIC The version number switches between (example)
1.7.1991and1.7.210451004-release1.7
-
DIFFERENTIAL DIAGNOSTIC The version number switches between (example)
- error
0xc0000022on launch (#9399)
REPORTERS: If you have one of these issues, can you share the output of icacls "C:\Program Files\WindowsApps" (from an admin shell?)
Correct WindowsApps permissions
\Program Files\WindowsApps NT SERVICE\TrustedInstaller:(F)
NT SERVICE\TrustedInstaller:(OI)(CI)(IO)(F)
S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204:(RX)
S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204:(OI)(CI)(IO)(GR,GE)
NT AUTHORITY\SYSTEM:(F)
NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
BUILTIN\Administrators:(CI)(RX)
NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(RX)
NT AUTHORITY\NETWORK SERVICE:(OI)(CI)(RX)
NT AUTHORITY\RESTRICTED:(OI)(CI)(RX)
BUILTIN\Users:(Rc,S,RD,REA,X,RA)
zadjii-msft notes circa 2023-09-06:
There's a collection of "crash on startup" issues which started around 1.16. They're all in the neighborhood of Cannot_create_instance_of_type__Microsoft.UI.Xaml.Controls.XamlControlsResources or winrt::impl::consume_Windows_ApplicationModel_IPackageStatics_winrt::Windows::ApplicationModel::IPackageStatics_::Current, depending on how the exception was handled. More notes in:
- https://github.com/microsoft/terminal/issues/15583#issuecomment-1708760392 (collected notes, resolution steps)
- https://github.com/microsoft/terminal/issues/15583#issuecomment-1708641554 (x-links a bunch of bugs)
- https://github.com/microsoft/terminal/issues/15526#issuecomment-1708635865 (another couple dupes)
- https://github.com/microsoft/terminal/issues/14961#issuecomment-1461141118 (an early analysis)
@DHowett here is the output of that command, but inheritance is not enabled for vcruntime140.dll.
C:\Windows\system32>icacls "C:\Program Files\WindowsApps"
C:\Program Files\WindowsApps NT SERVICE\TrustedInstaller:(I)(F)
NT SERVICE\TrustedInstaller:(I)(CI)(IO)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
BUILTIN\Administrators:(I)(F)
BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
BUILTIN\Users:(I)(RX)
BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(I)(RX)
APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)
APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)
APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(I)(OI)(CI)(IO)(GR,GE)
Successfully processed 1 files; Failed processing 0 files
In process monitor, I am getting ACCESS_DENIED on a CreateFile operation. I don't know why it would be attempting to create the file when WindowsTerminal is already installed:
icacls for that file is:
C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe>icacls vcruntime140.dll
vcruntime140.dll APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX)
NT AUTHORITY\SYSTEM:(F)
APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX)
NT AUTHORITY\LOCAL SERVICE:(RX)
NT AUTHORITY\NETWORK SERVICE:(RX)
NT SERVICE\TrustedInstaller:(F)
S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204:(RX)
BUILTIN\Users:(R)
BUILTIN\Users:(Rc,S,RD,REA,X,RA)
BUILTIN\Users:(Rc,S,RD,REA,X,RA)
BUILTIN\Users:(Rc,S,RD,REA,X,RA)
NT AUTHORITY\RESTRICTED:(RX)
S-1-19-512-4096:(I)(RX,D,WDAC,WO,WA)
Successfully processed 1 files; Failed processing 0 files
A workaround for me is to enable inheritance on this file:
Cheers!
I am specifically interested in the ACLs on WindowsApps, the root for all store-installed applications. 😄
sorry: misread your message. Thanks!
So, CreateFile is the Win32 API for open and creat. That part isn’t strange. I’ll have to look at the permissions on my machine!
That's very curious. I do have inheritance enabled on that file. If you reset inheritance and clear out all locally overridden permissions, does that resolve the issue?
@DHowett Just going about my normal business, and the permissions have reset. Inheritance is no longer enabled. I don't know what was the catalyst. Is there any way I can provide more insight?
Might be worth running Process Monitor with the filter set to include filesystem events for that path. It’ll be noisy and may take a long time to reproduce, but it should definitely point to a culprit!
This issue happens time to time, finally I ve become mad and created a scheduled task running command to reset NTFS permissions to everyone;
Icacls "C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\vcruntime140.dll" /Grant Everyone:(F)
@nascar3000 the request for a process explorer trace extends to you, as well. It would be very helpful in figuring out what’s going on!
From a related thread:
ixcxaxxclxs "C:\Progxram Files\WindxowsApps" /reset /t /c /q
NEVER DO THIS, IT WILL BREAK YOUR ENTIRE APP CATALOG IRREVOCABLY
for those who are suffered to #15526 , here is my workable solution,
- please refer to #15526 for making sure you are in the same trouble
- I did take the ownership of 'WindowsApps' folder with my own account therefore I tried to restore its original permission setup by referring to this doc
- uninstall WT, reboot, and re-install it
- however, the first time of un- and re- install, the issue was there still, no idea why ...
- shutdown computer and restart, un- and re- install WT again
- start WT via Microsoft Store at the very first time (maybe this was the key ?)
- pin WT to taskbar
finally it came back
I encounter a Windows Terminal crash when trying to start Windows Terminal with Run as administrator. The UAC pops up with 'Unknown Program'. Windows Terminal launches normally when not starting with Run as administrator.
icacls output: C:\WINDOWS\system32>icacls "c:\Program Files\WindowsApps" c:\Program Files\WindowsApps NT SERVICE\TrustedInstaller:(F) NT SERVICE\TrustedInstaller:(OI)(CI)(IO)(F) S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204:(RX) S-1-15-3-1024-3635283841-2530182609-996808640-1887759898-3848208603-3313616867-983405619-2501854204:(OI)(CI)(IO)(GR,GE) NT AUTHORITY\SYSTEM:(F) NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F) BUILTIN\Administrators:(CI)(RX) NT AUTHORITY\LOCAL SERVICE:(OI)(CI)(RX) NT AUTHORITY\NETWORK SERVICE:(OI)(CI)(RX) NT AUTHORITY\RESTRICTED:(OI)(CI)(RX) BUILTIN\Users:(Rc,S,RD,REA,X,RA)
Successfully processed 1 files; Failed processing 0 files
Event logs: Faulting application name: WindowsTerminal.exe, version: 1.18.2311.14001, time stamp: 0x6553b19e Faulting module name: KERNELBASE.dll, version: 10.0.19041.1387, time stamp: 0x0b9a844a Exception code: 0xc000027b Fault offset: 0x000000000010b302 Faulting process ID: 0x2c64 Faulting application start time: 0x01da5424779c9f1c Faulting application path: C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.18.3181.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report ID: 1663eff1-8a3f-4d4d-bd23-addf6bd506b4 Faulting package full name: Microsoft.WindowsTerminal_1.18.3181.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App
Fault bucket 1805946374774718074, type 5 Event Name: MoAppCrash Response: Not available Cab Id: 0
Problem signature: P1: Microsoft.WindowsTerminal_1.18.3181.0_x64__8wekyb3d8bbwe P2: praid:App P3: 1.18.2311.14001 P4: 6553b19e P5: combase.dll P6: 10.0.19041.1348 P7: baf10630 P8: 802b000a P9: 00000000000862a6 P10:
Can I provide any more info?
