I'm trying to remove some system apps from my android smartphone to debloat it. I use the following adb command: adb shell pm uninstall package.to.remove. But what if I will want to restore some of these apps? I can make a backup of the apk using adb pull my.package path/i/want. Then I can restore them using adb shell pm install package.to.install. I assume that the apps will be install as user app. So the questions are:
Will the system apps work even if they are installed as an user app?
Do I need to move the apks into the system partition?
If I remove some system apps and then I update my smartphone, will it break?
If you're using pm uninstall rather than pm uninstall -k --user 0 com.package.name, I'm asuming that you have root access. If that's the case, then its better/safer to use pm disable because you could enable them anytime with pm enable. If you're talking about some "non-necessary" apps, but not a system component, then yes you can uninstall them. But be careful doing that. Do your research on the app before uninstalling them, because it could lead you into boot loop. Make sure to keep backups of your apps if possible, if something goes wrong, you could copy them back again to their directories.
If you have root privilege, then yes, copying the apps back to their original place will retain their functionality. But if you try installing them without root, just as a user or using adb install, the apps will no longer be a system app, and most probably will be useless since they are already in the system, just disabled/uninstalled for the current user. A factory reset will reset all the apps like before. Hope this helps (:
Related
I need to run a security test on one of our Android mobile applications.
It must not run if the device is rooted.
It should run as expected on non-rooted devices.
I have tested part 1 without issue and found it to work as expected.
However, I cannot seem to create an emulator using the AVD Manager that will not start with root access.
-Is there a command line method to reduce the emulator instance to non-rooted at startup?
-Failing that, is there a method to send an adb shell command (or other command line call) to reduce the permissions to the installed application?
Thanks!
Edit for #Fred.
I have opened the shell and changed it to the user id (uid) of the application under test. Note that in the image you can see the command, "adb shell su u0_a53" and then the next prompt includes the user, "u0_a53#generic_x86_64" as the returned shell and has the "$" indicating non-root access. However, when opening the application under test on the emulator, the application detects the device is rooted. What am I missing?
See attached image - click here
Yes, there is a way using SU to change super user to non root, see answer in this so question for directions:
https://android.stackexchange.com/questions/60599/how-to-get-non-root-access-on-emulators
As it turns out, my question was fundamentally flawed. The environment i'm trying to achieve could not be created with an emulator as part of the security test checks to see if the phone is in 'release' mode, in addition to looking for the presence of 'su'. After conferring with several other teams, I have decided to obtain a physical phone for testing this security restriction.
I have ADBFS-rootless working on my ununtu VM as I can peruse the filesystems on my Android phone. The thing I have noticed is that I cannot access files with root only perms _rw______. Is this normal behaviour or should I be able to access such files a password.key.
Regards
Robert
Android, like any other unix-like system, will only allow file access if your user or group has permissions to the file, so the question comes down to if your access will occur as root, or not.
On a secured device such as a typical consumer phone, the ADB daemon on the device - and thus all access run through ADB - runs as the "shell" account. This account has somewhat greater privileges than a typical application's user account (for example it can install packages, take screenshots, etc) however it is still not the superuser or root account, and cannot generally access private files of applications or on recent builds (regrettably) even read large parts of the system installation.
On an emulator or engineering device (including some aftermarket ROMs), ADBD runs as root, or can be made to do so using the "adb root" command. When ADBD runs as root, your ADBFS system can presumably access anything root can.
In an aftermarket ROM or "rooted" device where ADB does not run as root, there may be a hacked "su" executable available which can start a root shell. If ADBFS is able to use that, it might be a solution. Otherwise, you may be able to use the root shell to somehow get ADBD restarted as root, but that may be a bit tricky.
My application uses Google maps feature which needs Google Play services to be installed and enabled on the device.I wanted to test a case in which if Google play service has been disabled by user manually ask user to enable it so that application can work properly.SO i need to test my code against this case but I don't know how do I disable (not uninstall) Google play service on my phone and check if my code works properly.
Thanks
Go to your device's Settings --> Applications --> Tab "All" --> Google Play services and press the Disable button.
It may pop up a dialog asking for a confirmation, in which case just answer OK.
Go to Setting then security then device administrator then the android one deactivate that one then back to the settings homepage then applications all and you can deactivate it 😀
If Google play services is not installed as a system app you won't have the option to disable it in system app settings, in this case where it's installed as a user app you can use an app like Titanium back up pro or link2SD to disable/freeze it.
(Root Required) (Only tested on CM13 Note 10.1)
Close Play Store if open
Open ADB Shell (or Terminal on your rooted device) and type
cd /data/app/*vending*
mv base.apk base.apk.back
Disabling gapps
To disable all the apps that come with google's gapps you can use
pm disable <PACKAGE_NAME> (if rooted, run su once before this)
or
pm hide <PACKAGE_NAME> if not rooted.
Re-enabling gapps
To re-enable the apps use
pm enable <PACKAGE_NAME> (if rooted run su once before this)
and
pm unhide <PACKAGE_NAME> (if not rooted).
Enabling can also be done via the Settings > Apps > Show All apps > (tap app name) > Enable.
The commands should be run either from adb shell when connected via cable, or directly on the device from a terminal.
Here is a list of packages (extracted from open gapps mini):
com.google.android.apps.turbo
com.google.android.apps.wallpaper
com.google.android.apps.nexuslauncher
com.opengapps.wellbeingoverlay
com.google.android.tts
com.google.android.gm.exchange
com.google.android.googlequicksearchbox
com.opengapps.pixellauncheroverlay
com.google.android.syncadapters.calendar
com.google.android.gm
com.google.android.markup
com.google.android.packageinstaller
com.google.android.apps.wellbeing
com.google.android.calendar
com.google.android.soundpicker
com.google.android.ext.shared
com.google.android.setupwizard
com.google.android.apps.restore
com.google.android.onetimeinitializer
com.google.android.carriersetup
com.google.android.backuptransport
com.google.android.setupwizard
com.google.android.gms
com.google.android.apps.pixelmigrate
com.google.android.gsf
com.google.android.gms.policy_sidecar_aps
com.android.vending
com.google.android.ext.services
com.google.android.feedback
com.google.android.syncadapters.contacts
com.google.android.configupdater
com.google.android.partnersetup
❗️ Use at your own risk! Make sure you backup your data before doing this!
The list may vary depending on the version of android and CPU architecture.
I removed Google Play services from my Samsung phone as it was taking up a lot of space.
Read everywhere on forums by experts of serious problems and later realised these were just copy & Paste from Google itself.
I went ahead and just uninstalled it and got bonus of much better battery too.
As I had sync on, Playstore still updated apps. So I disabled auto sync to do so manually for which I want as I do not really want maps etc;
Youtube refused to start, so I now created a bookmark in my browser and access from there as anyhow I use my comp for downloads.
So if you have enough space just disable it in 'applications' or just remove it, your phone will function great - forget the experts comments/views on different forums which are copy and paste opinions from Google, you can always re-install if needed.
I have an LG-E400 smart phone, I always had problems with lack of memory. I uninstalled Google PLay Services today and everything is working fine. Maps, Youtube, Internet, everything working as normal.
I'm having this same problem - as found in the google developer group. I quote what it is a very detailed explanation by Chris Grebeldinger (original author).
"In the documentation:
http://developer.android.com/guide/topics/data/backup.html#Testing
It recommends testing backup/restore of your application by:
installing your app
make sure backup/restore is enabled
changing some data and calling dataChanged()
forcing bmgr to run a backup pass
uninstall the app
re-install the app and check if your data was restored
All seems well until step 4, when I see this in the log:
V/BackupManagerService( 306): removePackageParticipantsLocked: uid=10078 #1
V/BackupManagerService( 306): Removing backed-up knowledge of com.example.app
And then for step 5:
V/BackupManagerService( 306): restoreAtInstall pkg=com.example.app token=21
V/BackupManagerService( 306): No restore set -- skipping restore
So apparently backed up data is destroyed when an app is uninstalled, which means the official testing workflow can't possibly work right? What's the best way to test this?"
Has anybody managed to run and test this sample correctly?
Thanks again to Chris Grebeldinger which kindly answered my reply to his original post in the google android developer group.
How it does work:
Install the app in device A.
Set any data or preferences in device A.
Force a backup on device A. (Using adb shell bmgr backup [app_name], adb shell bmgr run).
Grab a second device B.
Perform a factory reset on device B.
Once reset, install the app again.
The restore operation should be successful.
What annoys me is that the "steps" as shown on the Google Android documentation which appear to be quite detailed decided to omit what it appears to be a necessary and compulsory steps.
As Chris mentioned on his reply, I hope this helps other people who find the same problem.
Thanks.
EDIT:
After further testing with different devices, it appears that the whole backup/restore process can vary from manufacturer and device. I could test the sample app using Google's document approach i.e. by uninstalling and installing using a nexus 7 - just by a coincidence. So, my advice would be not to expect the same behaviour and consistency during your tests.
Try using the emulator for testing purposes. Nexus 5 with API 22 worked for me just by uninstalling and installing the app.
Full process:
Enable backup by adb: bmgr enable true
Set local transport:
bmgr transport android/com.android.internal.backup.LocalTransport
Run your app and prepare for backup
Run backup: bmgr backup <package> & bmgr run
Uninstall app from emulator
Install the app again - restore should happen automatically
Tip: lookup logcat for "backup" activities
Is there any way to run Android system app without root permission? I can execute system app via adb such as:
adb shell /system/bin/screencap -p /sdcard/screen.png
In my own application, I wanna run a shell command like that without "su" command. Is there any way? How does android prevent user apps to execute system app?
You should be able to run this command in java code:
Runtime.getRuntime().exec("screencap -p /sdcard/screen.png");
There are some shell commands you can execute without having root. So you don't need to run "su". I'm not sure if you can execute screencap. Certainly you need permission to write to the SD_CARD in your app.
android.permission.WRITE_EXTERNAL_STORAGE
But why you don't use the Android API to make your screenshot? For more information read this post on stackoverflow: How to programmatically take a screenshot in Android?
Androids security model bases on user ids, like Linux does. Each app gets his own user id. So your app has a userid like 1001. If your user is allowed to run the command you can, otherwise you will receive an error.
EDIT:
You need root to take screenshots or be a system application. There is a permission READ_FRAME_BUFFER but you only can obtain it when you are a system application. Its a security problem when an app could take screenshots of your device.
I've found this API http://code.google.com/p/android-screenshot-library/ which promises to take screenshots without root. I didn't test it. The library starts a native service which then takes the screenshots for you.
But you have to run the service each time your phone boots. So it gets the system privileges. That's not really comfortable...
Conclusion: There is no nice way to take screenshots without root from code...
Is there any way to run android system app without root permission?
It have to be NO, but some times, some functions which are not for public use still can be used. I've seen examples using java reflection.
I can execute system app via adb such as: ...
In my own application, I wanna run a shell command like that without
"su" command. Is there any way? How does android prevent user apps to
execute system app?
I think, no.
The thing is adb shell and user app have different security levels based on User and Group IDs (UID and GID).
More info: http://android-dls.com/wiki/index.php?title=Android_UIDs_and_GIDs
Besides, there are limitations via app permissions and hiden & internal classes, procedures, etc which made for internal use.
P.S.: About screenshots. On android market (google play) there are few apps which provide screenshots without ROOT access. So, it's possible.
Although, since Android 4.0 screenshots are available "from box".