I have an app that works well on Android N.
It is (via root) installed into /system/priv-app/* and gets the permissions granted that are only for priviledged apps.
Now on Android O Preview, the app does not get the permissions granted:
08-12 20:30:01.178 687 814 W PackageManager: Privileged permission android.permission.CAPTURE_AUDIO_OUTPUT for package eu.asd.service - not in privapp-permissions whitelist
08-12 20:30:01.178 687 814 W PackageManager: Privileged permission android.permission.UPDATE_APP_OPS_STATS for package eu.asd.service - not in privapp-permissions whitelist
08-12 20:30:01.178 687 814 W PackageManager: Privileged permission android.permission.WRITE_SECURE_SETTINGS for package eu.asd.service - not in privapp-permissions whitelist
Anyone knows where this "privapp-permissions whitelist" comes from, and what to do, to get onto this list on a rooted Android?
There should be a xml file where the priv-app permissions for you app are listed. Please check /system/etc/permissions
You'll have to add your permissions to one of the files inside.
Example:
<privapp-permissions package="[your package name]">
<permission name="android.permission.PERMISSION_YOU_WANT"/>
....
</privapp-permissions>
Adding to #pedrop's correct answer - in case you are developing your own AOSP, you can edit these XMLs before compilation and have them inserted to the build. The files can be found in the source code. There is one file for the platform (all devices and vendors), one for each vendor and one for each device.
You can find them in the following locations:
1. Platform -
AOSP/frameworks/base/data/etc/privapp-permissions-platform.xml
2. Vendor -
AOSP/vendor/VENDOR_NAME/proprietary/system/etc/permissions/privapp-permissions-VENDOR.xml
3. Device -
AOSP/vendor/VENDOR_DEVICES/DEVICE_NAME/proprietary/etc/permissions/privapp-permissions-DEVICE_NAME.xml
Related
I have a valid manifest file with the right permission & "exported" set as well. But, I still get the below error:
Error: Requires permission android.permission.BIND_JOB_SERVICE
The command (initiated over adb) is a running a service (via "am startservice") & the manifest file has these details:
<service
android:name=".MyService"
android:enabled="true"
android:exported="true"
android:permission="android.permission.BIND_JOB_SERVICE" />
Logcat doesn't have anything useful, just throws the permission required error (which the APK already has). This seems like a sepolicy restriction since if I remove the policy (by running "setenforce 0"), then the command works fine (no errors seen as well)
I've tried running in "permissive" mode but it doesn't show any useful messages. Is there any way to figure out what policy needs to be turned on?
Here's the actual error from logcat:
05-16 14:03:32.892 566 897 W ActivityManager: Permission Denial: Accessing service com.abc.def/.MyService from pid=6757, uid=2000 requires android.permission.BIND_JOB_SERVICE
What I found was, putting the same command in a bash script and sourcing it works fine!!
I'm working on a system level app for Android (minSdk=20, targetSdk=22).
I need to grant the android.permission.MODIFY_AUDIO_ROUTING permission, which I add to my manifest. However, at runtime I get an error:
06-30 03:33:45.972 W/ServiceManager( 237): Permission failure: android.permission.MODIFY_AUDIO_ROUTING from uid=10004 pid=15076
06-30 03:33:45.972 E/empty ( 237): android.permission.MODIFY_AUDIO_ROUTING
I tried modifying the permission's android:protectionLevel to use signature|privileged as seen here, but that didn't compile. So I changed it to signatureOrSystem (which is the new API) described here. This builds, but still doesn't work. Is there some other magic I need to get this permission?
You need to reboot the device if you change a system level permission like this.
I made a music player app. It runs properly in some devices but it crashes in some others. I am not able to understand the error. How do I fix it? All I understand is the first error and that is I have to take separate permission for read phone state permission.
Error 1:
java.lang.RuntimeException: Unable to create service beatbox.neelay.beatbox.MediaService: java.lang.SecurityException: Neither user 10103 nor current process has android.permission.READ_PHONE_STATE.
at android.app.ActivityThread.handleCreateService(ActivityThread.java:2804)
at android.app.ActivityThread.access$1900(ActivityThread.java:154)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1404)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:135)
at android.app.ActivityThread.main(ActivityThread.java:5292)
at java.lang.reflect.Method.invoke(Native Method)
at java.lang.reflect.Method.invoke(Method.java:372)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:904)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:699)
Caused by: java.lang.SecurityException: Neither user 10103 nor current process has android.permission.READ_PHONE_STATE.
at android.os.Parcel.readException(Parcel.java:1546)
at android.os.Parcel.readException(Parcel.java:1499)
at com.android.internal.telephony.ITelephonyRegistry$Stub$Proxy.listenForSubscriber(ITelephonyRegistry.java:544)
at android.telephony.TelephonyManager.listen(TelephonyManager.java:2514)
at beatbox.neelay.beatbox.MediaService.callStateListener(MediaService.java:612)
at beatbox.neelay.beatbox.MediaService.onCreate(MediaService.java:126)
at android.app.ActivityThread.handleCreateService(ActivityThread.java:2794)
... 9 more
This is the error that is submitted by the user.
Error 2:
Writing exception to parcel
java.lang.SecurityException:
External path: /storage/emulated/0/Android/data/com.android.providers.media/albumthumbs/1481126994678: Neither user 10199 nor current process has android.permission.WRITE_EXTERNAL_STORAGE.
at android.app.ContextImpl.enforce(ContextImpl.java:1443)
at android.app.ContextImpl.enforceCallingOrSelfPermission(ContextImpl.java:1475)
at android.content.ContextWrapper.enforceCallingOrSelfPermission(ContextWrapper.java:675)
at com.android.providers.media.MediaProvider.enforceCallingOrSelfPermissionAndAppOps(MediaProvider.java:6793)
at com.android.providers.media.MediaProvider.checkAccess(MediaProvider.java:5570)
at com.android.providers.media.MediaProvider.ensureFileExists(MediaProvider.java:4381)
at com.android.providers.media.MediaProvider.getAlbumArtOutputUri(MediaProvider.java:5834)
at com.android.providers.media.MediaProvider.makeThumbInternal(MediaProvider.java:5976)
at com.android.providers.media.MediaProvider.getThumb(MediaProvider.java:5897)
at com.android.providers.media.MediaProvider.openFile(MediaProvider.java:5466)
at android.content.ContentProvider.openAssetFile(ContentProvider.java:1427)
at android.content.ContentProvider.openTypedAssetFile(ContentProvider.java:1607)
at android.content.ContentProvider.openTypedAssetFile(ContentProvider.java:1673)
at android.content.ContentProvider$Transport.openTypedAssetFile(ContentProvider.java:430)
at android.content.ContentProviderNative.onTransact(ContentProviderNative.java:313)
at android.os.Binder.execTransact(Binder.java:458)
I have take permission for Android m both in manifest and in Java, and I'm not using any function of write external storage but then also it is showing this error.
On Android >=6.0, We have to request permission runtime.
Step1: add in AndroidManifest.xml file
Step2: Request permission.
Step3: Handle callback when you request permission.
Check this one: Permission at Run Time
Edit: I think you have similar Issue:
you must add this permissions
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
to AndroidManifest.xml file
It might be because some of the devices are running Android 6.0 or higher and others are not.
See https://developer.android.com/training/permissions/requesting.html
If the device is running Android 5.1 or lower, or your app's target SDK is 22 or lower: If you list a dangerous permission in your manifest, the user has to grant the permission when they install the app; if they do not grant the permission, the system does not install the app at all.
If the device is running Android 6.0 or higher, and your app's target SDK is 23 or higher: The app has to list the permissions in the manifest, and it must request each dangerous permission it needs while the app is running. The user can grant or deny each permission, and the app can continue to run with limited capabilities even if the user denies a permission request.
Im working on Android application development.
PROBLEM:
All I want is just enable face detection on my application, but it does not work.
I've already tried multiple sample codes given on books, webs, but no one succeeded.
Probably these 2 alerts show the cause:
W/WindowManager﹕ Access to extended visibility flags denied: Requires com.sonymobile.permission.SYSTEM_UI_VISIBILITY_EXTENSIONS permission.
and
W/ServiceManager﹕ Permission failure: com.sonyericsson.permission.CAMERA_EXTENDED
Even if I added
<uses-permission android:name="com.sonymobile.permission.SYSTEM_UI_VISIBILITY_EXTENSIONS" android:protectionLevel="normal" />
<uses-permission android:name="com.sonyericsson.permission.CAMERA_EXTENDED"/>
it says
W/PackageManager﹕ Not granting permission com.sonymobile.permission.SYSTEM_UI_VISIBILITY_EXTENSIONS to package com.example.facedetect (protectionLevel=18 flags=0x8be46)
W/PackageManager﹕ Not granting permission com.sonyericsson.permission.CAMERA_EXTENDED to package com.example.facedetectbybook (protectionLevel=2 flags=0x8be46)
Can anyone help me?
I use Android Studio, Xperia M C1905 with android-ver. 4.3.
I already did followings:
.change protection level to signature
.make sure params.getMaxNumDetectedFaces() is more than 1 (its 5)
.min sdk version: 14
I'm building an application which gives this exception because i call some internal methods
Permission Denial: Do not have permission in call getContentProviderExternal() from pid=2520, uid=10047 requires android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY
java.lang.SecurityException: Permission Denial: Do not have permission in call getContentProviderExternal() from pid=2520, uid=10047 requires android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY
I did some search and i knew that android OS gives this permission only for the shell users,
I wonder if there exists any workaround this ..
Is there anything that would allow me to trick android and makes my application looks like a shell user?
Note: I tried to add the permission in the manifest file but obviously it didn't work.