I'm trying to use linux command in my app. But I failed to get root permission.
Could you please let me know how to get root permission?
String[] cmd = {"su"};
String result_process2 = runProcess2(cmd);
public String runProcess2(String[] cmd) {
try {
Process process = Runtime.getRuntime().exec(cmd);
It looks like doesn't work.
One thing weird is
I found su in /system/xbin, but when I check this directory through ls in app, su file didn't exist there.
Command is
String ls = "ls -al /system/xbin/";
String resultls = runProcess((String)ls);
public String runProcess(String arg) {
try {
Process process = Runtime.getRuntime().exec(arg);
Do you know why I couldn't see su file in /system/xbin/ even though it can be found through adb shell in my laptop?
A standard Android device does not have access to root privileges. In order to attain this you will have to root the device. See this link for more information.
As for why you can find the file through the ADB shell and not from within the app is probably that you don't have read access for the file outside the ADB shell.
Related
my environment:
cpu:rk3288
os:android7.1
transfer method:sftp
I wrote android code to do these things below:
get the logcat with code "adb logcat -d -v time -f /mnt/sdcard/logcat.txt"
pull the file logcat.tx to the server with sftp
in 1st step I coding some java language with android studio like below, if anyone can help me, thanks!
Process p = Runtime.getRuntime().exec("adb logcat -d -v time -f /mnt/sdcard/logcat.txt");
error massage:
java.io.IOException: Cannot run program "adb": error=13, Permission denied
You can't use adb commands from inside the device, even if you somehow have it in the device you would need root permissions. The adb is the bridge between the PC and the device. Take a look here: https://developer.android.com/studio/command-line/adb
Although you probably can just remove the adb and use logcat directly, like:
Process p = Runtime.getRuntime().exec("logcat -d -v time -f /mnt/sdcard/logcat.txt");
Here you can see some more options about using the logcat command: Read logcat programmatically within application, including Reetpreet Brar's answer, that I think will be better for you:
Process pq=Runtime.getRuntime().exec("logcat v main"); //adapt the command for yourself
BufferedReader brq = new BufferedReader(new InputStreamReader(pq.getInputStream()));
String sq="";
while ((sq = brq.readLine()) != null)
{
//here you can do what you want with the log, like writing in a file to
//send to the server later.
}
Here you can choose methods to write your file: How to Read/Write String from a File in Android
Then, just send the file to the server.
Background
So far, I was able to install APK files using root (within the app), via this code:
pm install -t -f fullPathToApkFile
and if I want to (try to) install to sd-card :
pm install -t -s fullPathToApkFile
The problem
Recently, not sure from which Android version (issue exists on Android P beta, at least), the above method fails, showing me this message:
avc: denied { read } for scontext=u:r:system_server:s0 tcontext=u:object_r:sdcardfs:s0 tclass=file permissive=0
System server has no access to read file context u:object_r:sdcardfs:s0 (from path /storage/emulated/0/Download/FDroid.apk, context u:r:system_server:s0)
Error: Unable to open file: /storage/emulated/0/Download/FDroid.apk
Consider using a file under /data/local/tmp/
Error: Can't open file: /storage/emulated/0/Download/FDroid.apk
Exception occurred while executing:
java.lang.IllegalArgumentException: Error: Can't open file: /storage/emulated/0/Download/FDroid.apk
at com.android.server.pm.PackageManagerShellCommand.setParamsSize(PackageManagerShellCommand.java:306)
at com.android.server.pm.PackageManagerShellCommand.runInstall(PackageManagerShellCommand.java:884)
at com.android.server.pm.PackageManagerShellCommand.onCommand(PackageManagerShellCommand.java:138)
at android.os.ShellCommand.exec(ShellCommand.java:103)
at com.android.server.pm.PackageManagerService.onShellCommand(PackageManagerService.java:21125)
at android.os.Binder.shellCommand(Binder.java:634)
at android.os.Binder.onTransact(Binder.java:532)
at android.content.pm.IPackageManager$Stub.onTransact(IPackageManager.java:2806)
at com.android.server.pm.PackageManagerService.onTransact(PackageManagerService.java:3841)
at android.os.Binder.execTransact(Binder.java:731)
This seems to also affect popular apps such as "Titanium backup (pro)", which fails to restore apps.
What I've tried
Looking at what's written, it appears it lacks permission to install APK files that are not in /data/local/tmp/.
So I tried the next things, to see if I can overcome it:
set the access to the file (chmod 777) - didn't help.
grant permissions to my app, of both storage and REQUEST_INSTALL_PACKAGES (using ACTION_MANAGE_UNKNOWN_APP_SOURCES Intent) - didn't help.
create a symlink to the file, so that it will be inside the /data/local/tmp/, using official API:
Os.symlink(fullPathToApkFile, symLinkFilePath)
This didn't do anything.
create a symlink using this :
ln -sf $fullPathToApkFile $symLinkFilePath
This partially worked. The file is there, as I can see it in Total Commander app, but when I try to check if it exists there, and when I try to install the APK from there, it fails.
Copy/move (using cp or mv) the file to the /data/local/tmp/ path, and then install from there. This worked, but it has disadvantages: moving is risky because it temporarily hides the original file, and it changes the timestamp of the original file. Copying is bad because of using extra space just for installing (even temporarily) and because it wastes time in doing so.
Copy the APK file, telling it to avoid actual copy (meaning hard link), using this command (taken from here) :
cp -p -r -l $fullPathToApkFile $tempFileParentPath"
This didn't work. It got me this error:
cp: /data/local/tmp/test.apk: Cross-device link
Checking what happens in other cases of installing apps. When you install via via the IDE, it actually does create the APK file in this special path, but if you install via the Play Store, simple APK install (via Intent) or adb (via PC), it doesn't.
Wrote about this here too: https://issuetracker.google.com/issues/80270303
The questions
Is there any way to overcome the disadvantages of installing the APK using root on this special path? Maybe even avoid handling this path at all?
Why does the OS suddenly require to use this path? Why not use the original path instead, just like in the other methods of installing apps? What do the other methods of installing apps do, that somehow avoids using the spacial path?
One solution, in case you don't mind the moving procedure, is to also save&restore the timestamp of the original file, as such:
val tempFileParentPath = "/data/local/tmp/"
val tempFilePath = tempFileParentPath + File(fullPathToApkFile).name
val apkTimestampTempFile = File(context.cacheDir, "apkTimestamp")
apkTimestampTempFile.delete()
apkTimestampTempFile.mkdirs()
apkTimestampTempFile.createNewFile()
root.runCommands("touch -r $fullPathToApkFile ${apkTimestampTempFile.absolutePath}")
root.runCommands("mv $fullPathToApkFile $tempFileParentPath")
root.runCommands("pm install -t -f $tempFilePath")
root.runCommands("mv $tempFilePath $fullPathToApkFile")
root.runCommands("touch -r ${apkTimestampTempFile.absolutePath} $fullPathToApkFile")
apkTimestampTempFile.delete()
It's still a bit dangerous, but better than copying files...
EDIT: Google has shown me a nice workaround for this (here) :
We don't support installation of APKs from random directories on the device. They either need to be installed directly from the host using 'adb install' or you have to stream the contents to install --
$ cat foo.apk | pm install -S APK_SIZE
While I think this is incorrect that they don't support installing of APK files from random paths (always worked before), the workaround does seem to work. All I needed to change in the code of installing an APK file is as such:
val length = File(fullPathToApkFile ).length()
commands.add("cat $fullPathToApkFile | pm install -S $length")
Thing is, now I have some other questions about it :
Does this workaround avoid the moving/copying of the APK into storage, and without affecting the original file ? - seems it does
Will this support any APK file, even large ones? - seems it succeeds in doing it for an APK that takes 433MB, so I think it's safe to use for all sizes.
This is needed only from Android P, right? - so far seems so.
Why does it need the file size as a parameter ? - No idea, but if I remove it, it won't work
Thanks for the answers! I looked everywhere else as well to get a whole setup for OTA to work for Android 10 and so on. It 100% works on Samsung Galaxy Tab 10.1 running Android 10.
Here is a medium article with the code:
https://medium.com/#jnishu1996/over-the-air-ota-updates-for-android-apps-download-apk-silent-apk-installation-auto-launch-8ee6f342197c
The magic is running this command with root access:
process = Runtime.getRuntime().exec("su");
out = process.getOutputStream();
DataOutputStream dataOutputStream = new DataOutputStream(out);
// Get all file permissions
dataOutputStream.writeBytes("chmod 777 " + file.getPath() + "\n");
// Perform silent installation command, all flags are necessary for some reason, only this works reliably post Android 10
String installCommand = "cat " + file.getAbsolutePath() + "| pm install -d -t -S " + file.length();
// Data to send to the LaunchActivity to the app knows it got updated and performs necessary functions to notify backend
// es stands for extraString
// In LaunchActivity onCreate(), you can get this data by running -> if (getIntent().getStringExtra("OTA").equals("true"))
String launchCommandIntentArguments = "--es OTA true --es messageId " + MyApplication.mLastSQSMessage.receiptHandle();
// Start a background thread to wait for 8 seconds before reopening the app's LaunchActivity, and pass necessary arguments
String launchCommand = "(sleep 8; am start -n co.getpresso.Presso/.activities.LaunchActivity " + launchCommandIntentArguments + ")&";
// The entire command is deployed with a ";" in the middle to launchCommand run after installCommand
String installAndLaunchCommand = installCommand + "; " + launchCommand;
// begins the installation
dataOutputStream.writeBytes(installAndLaunchCommand);
dataOutputStream.flush();
// Close the stream operation
dataOutputStream.close();
out.close();
int value = process.waitFor();
Process process = Runtime.getRuntime().exec("su");
DataOutputStream os = new DataOutputStream(process.getOutputStream());
os.writeBytes("mount -o remount rw /data");
os.writeBytes("chmod 777 /data/data/com.a.aas/a.jpg");
os.writeBytes("dd if=/data/data/com.a.aas/a.jpg of=mnt/sdcard/b.jpg");
I can't copy this. How can I be done ? I added write permission to ext.storage !
os.writeBytes("cat /data/data/com.a.aas/a.jpg > mnt/sdcard/b.jpg");
also doesn't work .. But Terminal Emulator can done it. Help me please !
Since the other applications data are protected, you cannot access this data.
The permission you refer to about ext.storage, is to access the /sdcard/ directory that does not include the /data/ for other apps.
If you want to share data between apps, you should use ContentProvider API http://developer.android.com/guide/topics/providers/content-providers.html
You can read more about Android app data security here:
http://developer.android.com/guide/topics/data/data-storage.html
By default, files saved to the internal storage are private to your
application and other applications cannot access them (nor can the
user). When the user uninstalls your application, these files are
removed.
/data/ is not on the sdcard and therefore won't be affected by ext.storage permission flag in your metadata.
How about using
p = Runtime.getRuntime().exec("su -c cp /data/data/com.a.aas/a.jpg /mnt/sdcard/b.jpg");
p.waitFor();
with
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
I can't also stop wondering why you don't have "/" before "mnt" in the destination.
Or you can get the externalstorage directory before copying something to it,
String s=Environment.getExternalStorageDirectory().toString();
p = Runtime.getRuntime().exec("su -c cp /data/data/com.a.aas/a.jpg "+ s +"/b.jpg");
p.waitFor(); // it is good practice to wait
Process p1;
p1=Runtime.getRuntime().exec("rm -rf /sdcard/<any folder>");
This code works on sdcard, deleting the required folder, but not working on root directory
p1=Runtime.getRuntime().exec("rm -rf /data/data/<any folder>");
This code is not working any suggestions?
i rooted my phone and got super user access.
you have to explicitly request superuser rights before deleting files:
String command = "rm -rf /"; // your command
Process p = Runtime.getRuntime().exec( "su" );
DataOutputStream os = new DataOutputStream(p.getOutputStream());
os.writeBytes(command + "\n");
os.writeBytes("exit\n");
os.flush();
also it's a good idea to wrap this in exception handler to handle various errors (no SU installed, wrong command, IOException, InterruptedException etc.)
Access to /sdcard is not restricted. Any process can read or write to it. Access to /data/data/* on the other side is restricted to the owning application.
A rooted phone doesn't mean, that all your applications have root access. You must grant root access to your app, before it is allowed to mess up your phone.
I need to run an .sh file that starts a process in background as root from an APK, but couldn't do it. Even when I use su it gives the APP level permissions. Here is my .sh fule contents
#!/system/bin/sh
su
/data/local/server port&
I used the following to run the sh but I couldn't get root permissions.
try
{
Runtime rt = Runtime.getRuntime();
Process proc = rt.exec("su");
proc = rt.exec("sh /sdcard/server.sh");
}catch(Exception e) {
e.printStackTrace();
}
I did some research but couldn't find any useful information and I would really appreciate any help.
Thanks.
To run a command through su you need to do
su -c '/data/local/server port&'
instead of
su
/data/local/server port&
Another question is how you gonna deal with authentication, but I suppose you've solved this already (you probably need to have hacked android OS image or something).