While developing in Android Studio on Windows, every now and then I have to check the database on my testing device. To pull it I use Android Device Manager. Through adb I granted access permissions to /data/data/xx.xxx.xxx/ folders, but read and write permissions to /data/data/xx.xxx.xxx/databases folder and its files I have to grant every few minutes.
I'm giving grants with chmod 777 command while running adb.
Is there a way to set things up that I can have constant read and write grants to the databases folder and its files?
You can root the phone or use an emulator. Emulator files (including sqlite db) are easily accessible via DDMS without any permission. It also has a neat little download button which you can use to download db on your computer .
Related
I have created this file on my device:
file:///data/user/0/io.ionic.starter/files/mypdf.pdf
But I can’t figure out how to find that file manually using my android device. Any ideas?
Note: I am using an emulator, Nexus 5X.
What do you mean by "manually"?
You can not access this file from another application on your Android device, such as a file manager or a PDF viewer.
This is because you created it inside your applications files directory, which is guarded by file system permissions and is only accessible to your application.
There are two exceptions to this rule:
If your device is rooted, you can use Root explorer to find the file.
If you created the file with "world readable" permission, another application can read it if it has the exact path (including full file name).
Note this may not work on newer versions of Android.
If you wish to access the file from you PC to examine it, you can use adb pull command. Since you are using an emulator, ADB should be running as root.
If it is not, use adb root command to switch ADB to run as root, then you will have no problem accessing any directory on the phone.
Keep in mind, this will not work on a real phone with stock ROM, as ADB can not run with root privileges on production systems.
I need to mount nfs share from the system app to sdcard or to mnt folder, but mount works only with root access granted. How can I do this? (This is not only the one program, that not work without root. For example, I also need root to use dd to flash custom recovery on my system)
I downloaded AOSP Marshmallow sources, I added su and all it needs to /system/xbin folder. When I try to run su it prints me "Permission denied", but via adb shell root works normally (I can run it in xbin folder). What permissions I need to add to run my system apps as root? Thanks.
System and system apps built and signed with the platform key. App that I am testing has sharedUid=android.uid.system property in Manifest.xml
su as provided by AOSP has restrictions built it to ensure you are the root or shell user invoking it. This check is at https://android.googlesource.com/platform/system/extras/+/master/su/su.c#85
You could always add the system UID (AID_SYSTEM) to this check; however, this would pose a security risk by granting blanket root privileges to all apps/process with the system UID. I would only add the system user to this line in su.c if you are accepting those risks and want an easy solution.
I would recommend re-evaluating your use case and potentially write a native daemon/service that exposes an function for applications to only perform the actions required. You could then enforce these with higher-level android permissions, as well as, POSIX capabilities for the native daemon itself.
The only solution that works for me is the server binary that launched by init as root process. I wrote simple server binary that can be connected via LocalSocket from java side and I can send it some commands. To start server binary on system start, I added next lines to init.rc script:
service suservice /system/bin/suservice
class core
user root
group root
socket suservice stream 0600 system system
On java side I wrote simple library that works via callback interface and receives data from this service or error if something wrong.
Now only apps that started as system:system can use this local socket to run root commands. User apps receive Permission denied as expexted.
P.S. There is no need to run or keep su binary now at all, because server binary already runs as root. I can completly remove su binary from the system now.
I made a filemanager that I want go be able to navegate/modify some system folders (say, /data/). I copied my apk to /system/app, gave 644 permission to the apk file, and rebooted. Yet, my app is still run without root privileges (deny simple access to /data). I'm using Cyanogenmod 11.
Any clue?
Thanks!
L.
To clarify, the app being in the /system/app folder does not run it as root. Android is linux based, so having root access means that your app is able to run shell commands as the root user.
Generally speaking an app being in the /system/app folder makes all declared permissions available to it, (for example, declaring WRITE_SECURE_SETTINGS only does anything for system apps), and then the code that was only available to system apps is now available to yours as well.
For reliability, you should use shell commands where possible for anything that's normally unavailable. Do not use java.io.File to access files that are normally restricted.
I would recommend using RootTools as it makes running shell commands as root much easier. The first 3 pages on this linux command cheat sheet will probably cover everything you need.
I have been reading some stuff about the new external SD security rules that were introduced in KitKat 4.4, and still can't figure why exactly can't a system application still delete files from the external card (yes, even files that aren't mine, but am I a system app or not)?
The device is rooted. Deleting files using adb shell works. From my application, however - it doesn't work (only on the external storage).
Another try I had was to execute "su" from my application, but I am getting: su: uid 1000 not allowed to su.
Any ideas anyone?
I am developing app which will come pre-installed with certain devices, however im testing the app on my own device and will need to demo it on my own device. At the moment its fine as im testing it as a user app, but now i need to use permissions which only the system apps get to use. Is their a way in the project settings to say its a system app so I can test and demo it?
short answer - i would root your phone. However, unlocking the bootloader is possible without root. So, IMO, you could install CWM as your recovery, then boot to CWM, then use the CWM option to MOUNT system, then use adb to copy your .apk to /cache, then use linux util 'cat' to get the apk from /cache to /system/app, then unmount /system using CWM, then reboot.
long answer - if you are developing system apps, learn the security environment of android. Learn the issues around permissions in the /system folder, and learn the recovery type tools that allow a developer to have access to the /system folder where adb activities like install , uninstall are restricted.
This is an older discussion 'froyo' on how-to install system app, illustrating some of the permissions issues in the /system folder. I would not simply follow these instructions without reading up on how its done in honeycomb and in ICS.