I want to use the permission android.permission.DEVICE_POWER and it is need system or signature, I searched a lot and seems the apk in /system/priv-app may have the permission, but I failed on my Nexus 4 5.0.2.
I put the apk to /system/priv-app, but the logcat shows that
Not granting permission android.permission.DEVICE_POWER to package xxxx
Is there something wrong I did? Or is there any other ways to get the permission?
Refer to the documentation on android:protectionLevel in the documentation.
Only permissions with a protection level of signatureOrSystem will be assigned upon install if the app is included in the /system/priv-app folder. android.permission.DEVICE_POWER is not one of these. Refer to the manifest definition in the source:
Here is the excerpt:
<!-- Allows low-level access to power management.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.DEVICE_POWER"
android:label="#string/permlab_devicePower"
android:description="#string/permdesc_devicePower"
android:protectionLevel="signature" />
Hence the app needs to be signed with the platform key of the ROM/system/AOSP-build in order to attain this permission.
To get this permission, the application must be signed with the key which used to sign the platform. This may be different for manufacturers. So its practically not possible to get these permissions granted to a user application.
Following are some of the permissions that may NOT be granted to the user application:
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.ACCESS_SURFACE_FLINGER
android.permission.ACCOUNT_MANAGER
android.permission.BIND_APPWIDGET
android.permission.BIND_DEVICE_ADMIN
android.permission.BIND_INPUT_METHOD
android.permission.BIND_WALLPAPER
android.permission.BRICK
android.permission.BROADCAST_PACKAGE_REMOVED
android.permission.BROADCAST_SMS
android.permission.BROADCAST_WAP_PUSH
android.permission.CALL_PRIVILEGED
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CLEAR_APP_USER_DATA
android.permission.CONTROL_LOCATION_UPDATES
android.permission.DELETE_CACHE_FILES
android.permission.DELETE_PACKAGES
android.permission.DEVICE_POWER
android.permission.DIAGNOSTIC
android.permission.FACTORY_TEST
android.permission.FORCE_BACK
android.permission.GLOBAL_SEARCH
android.permission.HARDWARE_TEST
android.permission.INJECT_EVENTS
android.permission.INSTALL_LOCATION_PROVIDER
android.permission.INSTALL_PACKAGES
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.MANAGE_APP_TOKENS
android.permission.MASTER_CLEAR
android.permission.READ_FRAME_BUFFER
android.permission.READ_INPUT_STATE
android.permission.REBOOT
android.permission.SET_ACTIVITY_WATCHER
android.permission.SET_ORIENTATION
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.SET_TIME
android.permission.STATUS_BAR
android.permission.UPDATE_DEVICE_STATS
android.permission.WRITE_GSERVICES
android.permission.WRITE_SECURE_SETTINGS
clean your project it will be fine like this :
project -> Clean
May this will work for you
How can i gain android.permission.DEVICE_POWER
Related
I need to do permission request change for my Gallery/Photo permission because since Android 13 (SDK 33) you cant request android.permission.READ_EXTERNAL_STORAGE to allow gallery browsing in case of photo upload. You need to use android:name="android.permission.READ_MEDIA_IMAGES" instead. Question is if I can simply put it like this to manifest:
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.READ_MEDIA_IMAGES"/>
If it will affect older SDKs because this permission is new one added in SDK 33.
Or if I have to somehow if this in Manifest so this permission gonna be listed only for SDK >= 33
I tried this here but it seems like incorrect command (warning that its not allowed there)
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission-sdk-33 android:name="android.permission.READ_MEDIA_IMAGES"/>
android.permission.READ_MEDIA_IMAGES is included in SDK >= 33, so older SKDs does not have this definition, hence it cannot be listed. I checked in the app settings of a device older than 33, and it is not listed, only android.permission.READ_EXTERNAL_STORAGE is listed. Then you need to programmatically ask for the correct permission depending on the SDK version of the device.
I work on Android 6 AOSP. I am able to build add the application as a system app
but now I want to add runtime permission by default on this system app. Like that the app can start without asking the user to validate the permission.
Do you know how I can do that?
Thanks for you help.
If your app is privileged, all Runtime permissions are granted if requested in manifest.
To make your app privileged:
in Android.mk
LOCAL_CERTIFICATE := platform
LOCAL_PRIVILEGED_MODULE := true
If this does not solve your problem:
1. You can grant Runtime permissions to your app in Runtime. App must have android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS. Pm.java
IPackageManager pm = IPackageManager.Stub.asInterface(ServiceManager.getService("package"));
pm.grantRuntimePermission(pkgname, perm, UserHandle.USER_OWNER);
pm.updatePermissionFlags(perm, pkgname, PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT,
PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, UserHandle.USER_OWNER);
You can grant permissions manually by modifying
DefaultPermissionGrantPolicy.java.
Additionally, if app use shared user id with system. Any permission is granted even though it is not requested in manifest.
android:sharedUserId="android.uid.system".
You can grant runtime permissions to system apps by modifying the DefaultPermissionsGrantPolicy.java class.
In the grantDefaultSystemHandlerPermissions(int userId) method, add this code:
PackageParser.Package yourPackage = getSystemPackageLPr("YOUR_APP_PACKAGE_NAME");
if (yourPackage != null
&& doesPackageSupportRuntimePermissions(yourPackage)) {
grantRuntimePermissionsLPw(yourPackage, CONTACTS_PERMISSIONS, userId);
grantRuntimePermissionsLPw(yourPackage, CALENDAR_PERMISSIONS, userId);
}
Make sure you add the code above this line:
mService.mSettings.onDefaultRuntimePermissionsGrantedLPr(userId);
In my manifest I only ask for these two permissions:
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
But when I install the app on my phone I also get this notice:
Low-risk permissions
Phone ID
Get your phone ID, including IMEI, IMSI, etc.
From what I gather from this SO answer, I should need to use TelephonyManager and call
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
to require this permission. But I'm not using TelephonyManager or calling that permission. I don't want to ask users to give this permission. I've looked through my manifest and gradle files. Could it be that some code I used triggered this permission being called without me specifically asking for it? I know I'm not giving you a lot to go on, by I don't know where else to look.
Update 1
I created a completely new project in Android Studio and generated a signed APK from it. I installed it but no permissions were asked. (That at least confirmed for me that it wasn't some "new feature" in Android Studio that automatically asked for this permission.)
Update 2
As of #antonio's answer I found app/build/outputs/logs/manifest-merger-release-report.txt However, I didn't find any implied permissions being requested.
Update 3
Here are the dependencies my app is using (from gradle.build):
dependencies {
compile 'com.android.support:support-v4:21.0.3'
compile 'com.readystatesoftware.sqliteasset:sqliteassethelper:+'
}
I tested a new application with both of these dependencies and no permissions were requested.
My next step is to add every activity again from scratch and see if I can find where this permission starts getting called. To be continued...
Update 4
I played around with copying everything to a new project and refactoring the project name and removing pieces, but it turned out to be quite complex. I wasn't able to isolate a reason.
Update 5
I set the targetSdkVersion to 1. This gives a new message when announcing permissions before installing the app:
read phone status and identity
Allows the app to access the phone features of the device. This
permission allows the app to determine the phone number and device
IDs, whether the call is active, and the remote number connected by a
call.
The old Phone ID permission notice that I wrote about at the beginning is still there (showing up after the app is installed). This makes me wonder if it is related to the OS (I'm using MIUI Android on a Xiaomi phone). There is still something about the app that causes this to display in this app but not in other apps. I need to test this out on other devices next.
This happens because you are importing a library with a targetSdkVersion lower than your application's targetSdkVersion
From the Manifest Merger documentation:
When importing a library with a targetSdkVersion lower than the
importing application targetSdkVersion, some permissions maybe
automatically added to the resulting merged manifest file.
This is necessary since such libraries targeted runtimes where such permissions were implicitly granted. Therefore declaring such permission was not necessary. However in more recent Android releases, these permissions are not automatically granted. Therefore, a library targeting such old runtime without the permissions would not work properly once merged in the application targeting a more recent runtime.
The permissions that can be added are:
WRITE_EXTERNAL_STORAGE Added when importing a library with a targetSdkVersion < 4
READ_EXTERNAL_STORAGE Added when importing a library that declared WRITE_EXTERNAL_STORAGE
READ_PHONE_STATE Added when importing a library with a targetSdkVersion < 4
READ_CALL_LOG Added when importing a library with a targetSdkVersion < 16 and using READ_CONTACTS permission
WRITE_CALL_LOG Added when importing a library with a targetSdkVersion < 16 and using WRITE_CONTACTS permission
You can inspect the report generated by Manifest Merger (In \app\build\outputs\logs\manifest-merger-XXX-report) to see what library caused the adding of the READ_PHONE_STATE permission. You will see something like:
android:uses-permission#android.permission.READ_PHONE_STATE
IMPLIED from AndroidManifest.xml:2:1 reason: the.library has a targetSdkVersion < 4
In a multi-module gradle-project, one has to apply an matching configuration, like defaultConfig{ ... }, where the targetSdkVersion should be specified to resolve these IMPLIED permissions.
Add the following code to your AndroidManifest.xml to remove the unnecesary permission(s):
<uses-permission android:name="android.permission.READ_PHONE_STATE" tools:node="remove" />
Source:
https://stackoverflow.com/a/27542669/406295
I try to add a permission on the corodva build apk file to enable in-app products. I tried to add permission from the project tap -- permission. But each time I upload the apk I can't find the billing permission on the uploaded apk.
I always get that
Required permissions 8 permissions
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.VIBRATE
I add the permission
BILLING
and/or
com.android.vending.BILLING
but with no result.
One more thing is that when I open the intelxdk.config.android.xml I found this line
<preference name="android - permission" value="BILLING"/>
please note that there is a space in the "android - permission"
and I can't change that as this file are auto formatted when I build for android.
Many thanks in advance
Try this:
<preference name="android-permission" value="Billing> />
Note that your name contains spaces but the documentation doesnot.
W/PackageManager(61): Not granting permission android.permission.SET_ACTIVITY_WATCHER to package
This is one such example of a permission that will not be granted to applications without being signed using the platform signature. With that said I would like to know how any application running on a rooted device (with /system/bin/su and SuperUser.apk) can be granted any of these permissions.
Process p = Runtime.getRuntime().exec("su");
p.waitFor();
Doing this prompts the super user dialog with "accept" or "reject," but SecurityExceptions are still thrown.
You can declare your app to run as a system app by setting the sharedUserId as follows in the AndroidManifest.xml
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="[your package name]"
android:sharedUserId="android.uid.system">
More details can be found here: How to sign Android app with system signature?
you need to copy your apk file to '/system/apps'. It can be done programatically. you can do this only if you have root permissions. once copied, reboot the device(reboot can also be done programatically if you have root) and you'll be granted all permissions mentioned in your manifest file. You can also distribute this on market.