I am analyzing a custom Android device. I tried to enumerate services running in the system (adb shell service list) and I found out that there is a service (let's call it MyService) that I would like to analyze more in depth. It might be a privileged (system) service, if that is a relevant information.
When I run adb shell service list | grep MyService, it returns something like aaa.bbb.ccc.ddd.MyService. I would like to get the code/binary/APK of this service. However, when I run adb shell pm path aaa.bbb.ccc.ddd.MyService, it returns error code 1 and doesn't print any path. The same situation occurs when I execute adb shell pm list packages | grep -i XXX, where XXX is any of aaa,bbb,ccc,ddd or MyService (for the record, aaa and bbb return some packages, but they do not have anything in common with the specific service).
My question is: How can I extract the code/binary/APK/... of the service? How do I find where it is installed?
If root access is needed, that shouldn't be a problem.
I'm new to this problem as well, and had some fun exploring the Android internals. Eventually, I was only able to find the process id that provides the service, and any information associated with that, through /proc and /sys VFS.
Here are my findings:
My first discovery was that, dumpsys <SERVICE_SHORT_NAME> can connect to any service, and ask it to dump its internal state. But this doesn't always include the package name or install directory for that service. I decided to trace system calls from this dumpsys program, using strace. But it turns out that IPC happens through a non-standard /dev/binder device that strace doesn't understand:
$ su
# strace -f -y dumpsys telephony_ims | grep binder | tail
openat(AT_FDCWD, "/dev/binder", O_RDWR|O_CLOEXEC) = 3</dev/binder>
ioctl(3</dev/binder>, BINDER_VERSION, 0x7fd88906b4) = 0
ioctl(3</dev/binder>, BINDER_SET_MAX_THREADS, 0x7fd88906a8) = 0
mmap(NULL, 1040384, PROT_READ, MAP_PRIVATE|MAP_NORESERVE, 3</dev/binder>, 0) = 0x7990b83000
ioctl(3</dev/binder>, BINDER_WRITE_READ, 0x7fd8890460) = 0
ioctl(3</dev/binder>, BINDER_WRITE_READ, 0x7fd8890110) = 0
[pid 15836] ioctl(3</dev/binder>, BINDER_WRITE_READ, 0x7990b7e8a0) = 0
[pid 15836] ioctl(3</dev/binder>, BINDER_WRITE_READ <unfinished ...>
[pid 15836] ioctl(3</dev/binder>, BINDER_THREAD_EXIT, 0) = 0
Luckily, there is still a method to trace what happens inside this binder device. With the help from this other Stack Overflow page, I was able to find the pid running any service.
I will examine the service telephony_ims as an example.
Please run the following commands as root.
First, we need to set up Android Binder Tracing, using commands from the other Stack Overflow page.
cd /sys/kernel/debug/tracing; echo > set_event; echo 1 > events/binder/enable; echo 1 > tracing_on
Then, we must run dumpsys, and immediately afterwards, read the trace logs.
Prerequisite: I used less command, which isn't available on all android devices. If your bash cannot find less, then you could dump the results to a file on SD Card, and open it using a text viewer.
Run (cat /proc/uptime; dumpsys telephony_ims >/dev/null & echo $!; cat /proc/uptime; cat /sys/kernel/debug/trace | tail -n 1000) | less
Look at the resulting output
The first three lines are
16682.46 92635.05
20823
16682.47 92635.12
Search for 20823 from the second line, which is the PID of dumpsys. (The first and third lines are start time timestamp, and end time timestamp, respectively)
Found out that dumpsys is talking with servicemanager:
dumpsys-20823 [006] .... 16682.479173: binder_transaction: transaction=10738057 dest_node=1 dest_proc=563 # more content afterwards, ignored. pid 563 is "servicemanager"
# ... more lines ...
servicemanager-563 [003] .... 16682.479283: binder_transaction: transaction=10738058 dest_node=0 dest_proc=20823 # more content afterwards, ignored.
Then, it turns out that dumpsys-20823 started a child process, 20827:
dumpsys-20823 [004] .... 16682.479808: binder_return: cmd=0x7206 BR_TRANSACTION_COMPLETE
dumpsys-20823 [004] .... 16682.479810: binder_transaction_received: transaction=10738061
dumpsys-20823 [004] .... 16682.479811: binder_return: cmd=0x80407203 BR_REPLY
dumpsys-20823 [004] .... 16682.479812: binder_read_done: ret=0
dumpsys-20823 [004] .... 16682.479813: binder_ioctl_done: ret=0
dumpsys-20827 [006] .... 16682.480058: binder_ioctl: cmd=0xc0306201 arg=0x780a5668a0
dumpsys-20827 [006] .... 16682.480060: binder_command: cmd=0x40406300 BC_TRANSACTION
dumpsys-20827 [006] .... 16682.480077: binder_transaction: transaction=10738063 dest_node=29113 dest_proc=2574 dest_thread=0 reply=0 flags=0x10 code=0x5f444d50
Eventually, it's this child process who gave away the PID of the service ("dest_proc=2574"):
dumpsys-20827 [006] .... 16682.480077: binder_transaction: transaction=10738063 dest_node=29113 dest_proc=2574 dest_thread=0 reply=0 flags=0x10 code=0x5f444d50
Look into this process for its package name / related jars and apks
$ ps -A | grep 2574
radio 2574 875 14414052 120280 SyS_epoll_wait 0 S com.android.phone
$ ls -l /proc/2574/fd | egrep 'apk|jar' | head
lr-x------ 1 root root 64 2020-12-15 13:42 10 -> /apex/com.android.art/javalib/bouncycastle.jar
lr-x------ 1 root root 64 2020-12-15 13:42 102 -> /system/app/Stk/Stk.apk
lr-x------ 1 root root 64 2020-12-15 13:42 11 -> /apex/com.android.art/javalib/apache-xml.jar
lr-x------ 1 root root 64 2020-12-15 13:42 12 -> /system/framework/framework.jar
lr-x------ 1 root root 64 2020-12-15 13:42 13 -> /system/framework/ext.jar
lr-x------ 1 root root 64 2020-12-15 13:42 14 -> /system/framework/telephony-common.jar
lr-x------ 1 root root 64 2020-12-15 13:42 15 -> /system/framework/voip-common.jar
lr-x------ 1 root root 64 2020-12-15 13:42 16 -> /system/framework/ims-common.jar
lr-x------ 1 root root 64 2020-12-15 13:42 18 -> /system/framework/framework-atb-backward-compatibility.jar
lr-x------ 1 root root 64 2020-12-15 13:42 19 -> /apex/com.android.conscrypt/javalib/conscrypt.jar
Related
I created a folder hdr in /sdcard/DCIM/Camera/ by linux c function: mkdir(), but when I set permission, I used '777' but not '0777' uncarefully, and the folder permission like this:
xxx:/sdcard/DCIM/Camera # ll
total 6
drwxrws--T 5 u0_a217 media_rw 3452 2022-03-01 09:26 hdrd
...
xxx:/sdcard/DCIM/Camera/hdrd # ll
total 9
drwxrws--T 2 u0_a217 media_rw 3452 2022-02-25 10:13 20220225_101334_1645755214821
...
xxx:/sdcard/DCIM/Camera/hdrd/20220225_101334_1645755214821 # ll
total 1952
-rw-rw---- 1 u0_a217 media_rw 460800 2022-02-25 10:13 IMG_20220225_101334_1645755214821_0_640x480_p_640x480_SRC.NV12
then , I wanna delete this hdrd folder so I used rm -r hdrd, there is an error:
xxx:/sdcard/DCIM/Camera # rm -r hdrd/
rm: IMG_20220225_101334_1645755214821_0_640x480_p_640x480_SRC.NV12: Math result not representable
...
I don't know why delete failed, I was in root state.
PS: I use lsattr fuction, but not succeed:
xxx:/sdcard/DCIM/Camera # lsattr hdrd
lsattr: reading flags 'hdrd/20220225_101334_1645755214821': Function not implemented
System: ubuntu 18.04
environment:VirtualBox
The first time I compiled the AOSP source code on Ubuntu 18.04, it passed, and the second time I compiled it failed.
Here is an error message.
[ 10% 538/4980] Ensuring Jack server is installed and started
FAILED: setup-jack-server
/bin/bash -c "(prebuilts/sdk/tools/jack-admin install-server prebuilts/sdk/tools/jack-launcher.jar prebuilts/sdk/tools/jack-server-4.11.ALPHA.jar 2>&1 || (exit 0) ) && (JACK_SERVER_VM_ARGUMENTS=\"-Dfile.encoding=UTF-8 -XX:+TieredCompilation\" prebuilts/sdk/tools/jack-admin start-server 2>&1 || exit 0 ) && (prebuilts/sdk/tools/jack-admin update server prebuilts/sdk/tools/jack-server-4.11.ALPHA.jar 4.11.ALPHA 2>&1 || exit 0 ) && (prebuilts/sdk/tools/jack-admin update jack prebuilts/sdk/tools/jacks/jack-4.32.CANDIDATE.jar 4.32.CANDIDATE || exit 47 )"
Jack server already installed in "/home/user/.jack-server"
Communication error with Jack server (35), try 'jack-diagnose' or see Jack server log
SSL error when connecting to the Jack server. Try 'jack-diagnose'
SSL error when connecting to the Jack server. Try 'jack-diagnose'
[ 10% 541/4980] build out/target/product/rk3399_mid/obj/ETC/precompiled_sepolicy_intermediates/precompiled_sepolicy
ninja: build stopped: subcommand failed.
22:32:18 ninja failed with: exit status 1
#### failed to build some targets (01:11 (mm:ss)) ####
Build android failed!
Generate error reports
/prebuilts/sdk/tools/report/18577$ unzip jack-report.18557.zip
Archive: jack-report.18557.zip
inflating: report.18557.txt
inflating: launcher.jar
inflating: config.properties
creating: logs/
inflating: logs/outputs.txt
inflating: logs/jack-server-0-2.log
inflating: logs/jack-server-1-0.log
inflating: logs/jack-server-0-0.log
extracting: logs/jack-server-0-0.log.lck
inflating: logs/jack-server-0-1.log
inflating: server-1.jar
creating: jack/
report.18557.txt :
ps -o "pid args" | grep com.android.jack.launcher.ServerLauncher | grep -v grep | awk '{print dump-report}' | xargs kill -3
$ id -u
1000
$ ps -A -o "uid pid args" | grep com.android.jack.launcher.ServerLauncher | grep -v grep
1000 6708 java -XX:MaxJavaStackTraceDepth=-1 -Djava.io.tmpdir=/tmp -Dfile.encoding=UTF-8 -XX:+TieredCompilation -cp /home/zhangying/.jack-server/launcher.jar com.android.jack.launcher.ServerLauncher
$ lsof -i TCP:8376 -l
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 6708 1000 21u IPv6 58493 0t0 TCP localhost:8376 (LISTEN)
$ lsof -i TCP:8377 -l
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 6708 1000 23u IPv6 58499 0t0 TCP localhost:8377 (LISTEN)
$ cat "$JACK_CLIENT_SETTING"
# Server settings
SERVER_HOST=localhost
SERVER_PORT_SERVICE=8376
SERVER_PORT_ADMIN=8377
# Internal, do not touch
SETTING_VERSION=4
$ cd "$JACK_HOME"; ls -l -R -n .
.:
total 10412
-rw------- 1 1000 1000 2097 May 2 10:04 client.jks
-rw------- 1 1000 1000 2814 May 2 21:48 client.pem
-rw------- 1 1000 1000 356 May 2 10:12 config.properties
drwxr-xr-x 2 1000 1000 4096 May 2 10:04 jack
-rw------- 1 1000 1000 5102506 May 2 10:04 launcher.jar
drwx------ 2 1000 1000 4096 May 2 21:48 logs
-rw------- 1 1000 1000 982 May 2 22:39 report.18557.txt
-rw------- 1 1000 1000 5522186 May 2 10:04 server-1.jar
-rw------- 1 1000 1000 2066 May 2 10:04 server.jks
-rw------- 1 1000 1000 1042 May 2 21:48 server.pem
./jack:
total 0
./logs:
total 32
-rw-r--r-- 1 1000 1000 689 May 2 22:03 jack-server-0-0.log
-rw-r--r-- 1 1000 1000 0 May 2 10:20 jack-server-0-0.log.lck
-rw-r--r-- 1 1000 1000 585 May 2 10:23 jack-server-0-1.log
-rw-r--r-- 1 1000 1000 689 May 2 10:19 jack-server-0-2.log
-rw-r--r-- 1 1000 1000 585 May 2 10:16 jack-server-1-0.log
-rw------- 1 1000 1000 13411 May 2 22:39 outputs.txt
$ curl --version
curl 7.58.0 (x86_64-pc-linux-gnu) libcurl/7.58.0 OpenSSL/1.1.1 zlib/1.2.11 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) nghttp2/1.30.0 librtmp/2.3
Release-Date: 2018-01-24
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
$ JACK_EXTRA_CURL_OPTIONS=-v jack-admin list server
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8377 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /home/zhangying/.jack-server/server.pem
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:8377
* Closing connection 0
SSL error when connecting to the Jack server. Try 'jack-diagnose'
$ jack-admin server-stat
Getting statistic from background server
SSL error when connecting to the Jack server. Try 'jack-diagnose'
$ base64 --version
base64 (GNU coreutils) 8.28
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Written by Simon Josefsson.
$ (echo amFjaw==;echo LXNlcnZlcg==) | base64 --decode
I get the same error when I switch to Ubuntu 16.04.Below is a list of the installed Curl versions of Ubuntu 18.04.
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
curl/bionic-updates,bionic-security,now 7.58.0-2ubuntu3.13 amd64 [installed]
libcurl3-gnutls/bionic-updates,bionic-security,now 7.58.0-2ubuntu3.13 amd64 [installed,automatic]
libcurl4/bionic-updates,bionic-security,now 7.58.0-2ubuntu3.13 amd64 [installed,automatic]
libcurl4-openssl-dev/bionic-updates,bionic-security,now 7.58.0-2ubuntu3.13 amd64 [installed]
I have tried many ways, but I can't solve it. Please help me,thanks.
After the two steps below were applied, the AOSP was successfully built.
Remove TLSv1, TLSv1.1 from jdk.tls.disabledAlgorithms in /etc/java-8-openjdk/security/java.security file
Restart the jack server:
cd /prebuilts/sdk/tools/
./jack-admin kill-server
./jack-admin start-server
I just found the answer, see the link below
enter link description here
Change the code to this,
from /etc/java-8-openjdk/security/java.security remove TLSv1, TLSv1.1.
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA,
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL,
include jdk.disabled.namedCurves
I just want to give all the different ways to solve the problem.
There are few ways to overcome this problem, one may work for someone -
Try to simply restart the jack server by below command at your android root folder
./prebuilts/sdk/tools/jack-admin kill-server
./prebuilts/sdk/tools/jack-admin start-server
Try to reduce the number of concurrent services in file $HOME/.jack-server/config.properties
Code:
jack.server.max-service=4
Try to make this value 2 or 1.
If jack server is not running or it hangs when try to run. Than try removing TLSv1, TLSv1.1 from rom /etc/java-8-openjdk/security/java.security
Solution 3 Worked for me.
A way to fix that in your Dockerfile :
USER root
# Fix jack server SSL issue during build
RUN perl -0777 -i -p -e 's/(jdk.tls.disabledAlgorithms=.*?), TLSv1, TLSv1\.1/$1/g' \
/etc/java-8-openjdk/security/java.security
I want to run a service on few tablets (VONINO NAVO P) that they will serve as a photo frame for digital ads.
What i'm trying to achieve is to run some commands at boot and i'm stuck.
I have created digitalads.rc in system/etc/init which will execute /system/bin/digitalads.sh from where i need to run some commands like:
svc power stayon true
settings put system screen_brightness 255
pm disable com.android.systemui
settings put system screen_off_timeout 999999999
settings put system accelerometer_rotation 0
settings put global airplane_mode_on 0
svc bluetooth disable
monkey -p my.app -c android.intent.category.LAUNCHER 1
and some other custom commands that they will update the contents of media files
my .rc file:
tulip-f708:/ # cat /system/etc/init/digitalads.rc
service digitalads /system/bin/digitalads.sh
disabled
user root
group root
u:object_r:system_file:s0
on property:sys.boot_completed=1
start digitalads
dmesg output
tulip-f708:/ # dmesg | grep digitalads
[ 6.512868] init: /system/etc/init/digitalads.rc: 5: invalid keyword 'u:object_r:system_file:s0'
[ 6.522694] init: (Parsing /system/etc/init/digitalads.rc took 0.01s.)
[ 44.546434] init: Service digitalads does not have a SELinux domain defined.
SElinux output
tulip-f708:/ # getenforce
Enforcing
tulip-f708:/ # setenforce 0
tulip-f708:/ # getenforce
Permissive
other services run under u:object_r:system_file:s0
tulip-f708:/ # ls -Z /system/bin/
u:object_r:system_file:s0 4d78d2ea-a631-70fb-aaa787c2b5773052.ta
u:object_r:system_file:s0 a98befed-d679-ce4a-a3c827dcd51d21ed.ta
u:object_r:system_file:s0 acpi
u:object_r:system_file:s0 am
u:object_r:system_file:s0 app_process
u:object_r:zygote_exec:s0 app_process32
u:object_r:zygote_exec:s0 app_process64
u:object_r:system_file:s0 applypatch
u:object_r:system_file:s0 appops
u:object_r:system_file:s0 appwidget
u:object_r:system_file:s0 arping
.............................
I also tried to unpack boot.img to modify init.rc but failed when put it back (bricked two of them). Not mention that to root them i had to contact the manufacturer directly...
Some hints would help me! Thx
It seems your .rc files misses the seclabel keyword. Your service declaration should look like this:
service digitalads /system/bin/digitalads.sh
disabled
user root
group root
seclabel u:object_r:system_file:s0
Edit regarding your SE Linux violation: The message says that init cannot start a program labelled with system_file. That means you have to modify the SE Linux rules. The best approach would be to add a new label specific to your service:
Identify the folder where you want to add your policy. This is somewhat specific to your setup, so I cannot give you a definite answer. Check for .te files in your source code. The core Android policies are in system/sepolicy/, but if your setup has special SE policies somewhere in devices/ or vendor/, these location would be better suited for your customization (because it makes it easier for your to update to a new Android version when your customizations are as isolated as possible).
In that folder, create a new policy file, e.g. digitalads.te. Add the following rules:
type digitalads_exec, system_file_type, exec_type, file_type;
type digitalads domain;
init_daemon_domain(digitalads)
In the same folder, there should be a file file_contexts: Add a line like
/system/bin/digitalads u:object_r:digitalads_exec:s0
(When you boot with this change, ls -Z /system/bin/digitalads should show this label.)
For the seclabel in your .rc file, replace system_file with digitalads.
(Check dmesg output and also ps -Z to verify your service has been labelled correctly.)
I'm having android app that extracts some native executable on first run and uses it to do some work. It worked before Nougat and stopped working. After few days or investigation i've found that PATH environment variable is accepted but not taken into account! I'm, trying out if it's a feature or a bug.
First, let's see what we have and if we're able to do the same from cmd.
I've replaced actual android app package with 'my.app.package' and not related output with '...' for SO.
ZTE_BLADE_V0800:/ $ run-as my.app.package
ZTE_BLADE_V0800:/data/data/my.app.package $ whoami
u0_a129
ZTE_BLADE_V0800:/data/data/my.app.package $ ls -l
total 56
drwxrwx--x 2 u0_a129 u0_a129 4096 2017-03-14 16:15 app_build
drwxrwx--x 2 u0_a129 u0_a129 4096 2017-03-15 13:15 app_buildSources
drwxrwx--x 2 u0_a129 u0_a129 4096 2017-03-14 16:15 app_downloads
-rw------- 1 u0_a129 u0_a129 35 2017-03-14 16:16 app_repository
drwxrwx--x 14 u0_a129 u0_a129 4096 2017-03-14 16:16 app_sdk
drwxrwx--x 3 u0_a129 u0_a129 4096 2017-03-14 16:15 app_temp
drwxrwx--x 2 u0_a129 u0_a129 4096 2017-03-14 16:15 cache
lrwxrwxrwx 1 root root 54 2017-03-15 13:15 lib -> /data/app/my.app.package-2/lib/arm
ZTE_BLADE_V0800:/data/data/my.app.package $ ls -l ./app_sdk/
total 96
...
drwx------ 4 u0_a129 u0_a129 4096 2017-03-14 16:16 cppcheck#1.64#1
...
ZTE_BLADE_V0800:/data/data/my.app.package $ ls -l ./app_sdk/cppcheck\#1.64\#1/
total 16
...
drwx------ 3 u0_a129 u0_a129 4096 2017-03-14 16:16 bin
-rw------- 1 u0_a129 u0_a129 0 2017-03-14 16:16 init.done
ZTE_BLADE_V0800:/data/data/my.app.package $ ls -l ./app_sdk/cppcheck\#1.64\#1/bin
total 6960
drwx------ 2 u0_a129 u0_a129 4096 2017-03-14 16:16 cfg
-rwxr-xr-x 1 u0_a129 u0_a129 2345332 2017-03-14 16:16 cppcheck
-rwxr-xr-x 1 u0_a129 u0_a129 1211424 2017-03-14 16:16 libgnustl_shared.so
ZTE_BLADE_V0800:/data/data/my.app.package $ export PATH=$PATH:./app_sdk/cppcheck#1.64#1/bin
ZTE_BLADE_V0800:/data/data/my.app.package $ export LD_LIBRARY_PATH=./app_sdk/cppcheck#1.64#1/bin
ZTE_BLADE_V0800:/data/data/my.app.package $ cppcheck --version
Cppcheck 1.65 dev
ZTE_BLADE_V0800:/data/data/my.app.package $
Now let's try to do the same in Runtime:
ProcessBuilder processBuilder = new ProcessBuilder();
String path =
System.getenv("PATH") +
":./app_sdk/cppcheck#1.64#1/bin";
processBuilder.command(new String[] {
// "sh", "-c", "echo $PATH", // (1) working
// "sh", "-c", "echo $LD_LIBRARY_PATH", // (2) working
"./app_sdk/cppcheck#1.64#1/bin/cppcheck", "--version" // (3) working
// "cppcheck", "--version" // (4) NOT working even with PATH env variable passed
});
processBuilder.directory(new File("/data/data/my.app.package/"));
Map<String, String> env = processBuilder.environment();
env.put("PATH", path);
env.put("LD_LIBRARY_PATH", "./app_sdk/cppcheck#1.64#1/bin");
process = processBuilder.start();
and i get IOException thrown:
Cause: error=13, Permission denied
Cannot run program "cppcheck" (in directory
"/data/data/my.app.package"): error=13
Let's see if PATH is passed correctly.
Uncomment comment (1) and comment the other command lines, confirm it's set:
/sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin:./app_sdk/cppcheck#1.64#1/bin
Let's see if LD_LIBRARY_PATH is passed correctly.
Uncomment comment (2) and comment the other command lines, confirm it's set:
./app_sdk/cppcheck#1.64#1/bin
Now let's see if i'm able to run the tool passing full path.
Uncomment comment (3) and comment the other command lines, see it's working now:
Cppcheck 1.65 dev
Wow, even with PATH passed i have to pass full path for the executable. If i use short tool name, i'm getting Permission denied error.
Is it Nougat (since i'm having it starting Nougat only) feature or issue or i missed anything?
I know Nougat introduced more strict security policies but i see no reason for this in my case to stop working as all the files are in app sandbox (internal directory in my app directory).
PS. I can't just replace all short executable names in command-lines as executable can run another executable too using short executable name, so i need to get PATH variable taken into account eventually.
I did not get any response from Google (they are working on it starting Jan 25) so i had to workaround it passing full executable path like in comment (3).
D:\WORK\git\target>adb shell vmstat
procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu----
r b swpd free buff cache si so bi bo in cs us sy id wa
3 1 131096 78612 130452 1037964 1 2 304 146 1 292 7 7 86 0
So i have this result when i run the above command. I need to use an adb command that returns me the free memory. Something like this:
adb shell vmstat | grep 'free'
Of course this does not work. Any ideas ? Thanks
I found a hardcoded command so far:
adb shell "vmstat | awk 'NR ==3' | awk '{print $4}'"