Android System App Info - android

I would like some general info on system apps. I am working with a manufacturer who is willing to give me the info required to make my app a system app. However, I do not know exactly what this information should be and how to change with my app to make it a system app with the given information. I believe I need the something in my manifest like this
android:sharedUserId="android.uid.system"
and then I need to sign my app with the manufactures key? I am not sure could someone explain to me exactly what the process would be please?
Also the reason my app needs to be a system app is so the user cannot uninstall it, but my app still needs to update. Is it possible to update my app when it is a system app? I would be updating if from google play like normal.
Thanks for any help I simply could not find very much information on this subject and would appreciate the help.

This link here would give you a bit of information.
A System application is NOT an application which is signed by the OS’s
platform signatures. This is a common mistake believed by many and we
shall come to this later on. A System application is merely an
application which is placed under /system/app folder in an Android
device. An application can only be installed in that folder if we have
access to the OS’s ROM (system.img). The application is placed under
/app folder after the ROM has been extracted. A device which loads the
custom ROM will have the new System application added. The benefit of
a System application is that the application cannot be removed from
the device (cannot be uninstalled by the user). This is only because
/system/app is a read-only folder.
http://ricston.com/blog/explaining-behavior-android-application-system-apps-nonsystem-apps/
As for updating your app through the play store, I am assuming you should be able to do that without any problems, if the app is on the play store, and you use the same signature every time. It need not be the manufacturer's certificate, but it's better to use that certificate to sign your app.
So, the only thing that you need to ensure is that, while building the ROM, the manufacturer puts your apk into the system folder, and it should work.

Use mkkey.sh http://www.kandroid.org/online-pdk/guide/release_keys.html script to create new certificates, including x509 certificates. you wont need these steps as manufacturer is giving you the keys.
In AndroidManifest.xml of your application : under the element add the attribute android:sharedUserId=”android.uid.system”
Export an unsigned version of your Android application using eclipse.
Project >> Android Tools >> Export Unsigned Application Package
Use /out/host//framework/signapk.jar to sign your app using platform.x509.pem and platform.pk8 in /build/target/product/security/ generated earlier
java –jar signapk.jar platform.x509.pem platform.pk8 your_app_unsigned.apk your_app_signed.apk
Answer to some of your other questions are already given by Kumar Bibek. These are the steps I followed when I had to do the same. This was in done in Android ICS. The steps might have changed but still worth a try.

Since Android O (Oreo), you need to sign the system apps with dev keys, unlike in the past versions you can just copy them to a system folder which has varied in the past.

Related

Can an Android app auto-upgrade itself?

The device my Android app is running does not have Playstore on it. The plan is to pre-install the software when shipping the device. I am now looking for a strategy to upgrade the application.
I found this useful link to install an Android app from the apk file:
Android: install .apk programmatically
I am thinking I will use this logic to auto-upgrade my app. I am wondering if it is even possible. I am thinking the upgrade will first try to uninstall existing version but will fail as the executable is still running and the file may be locked. Is there a better way? Regards.
Peter, we've just implemented the same thing.
Users have the software pre-installed on their device and we host update APK's on the companies servers.
From the app they can then check for updates where we have a WCF service which extracts the APK file (essentially a .zip) and returns the manifest details. From there we have the version of the APK and can compare it against the local version.
If the user decides to upgrade they can download the APK and you can automatically launch it. At which point the user will be told the application is going to be updated. There are no file locks etc, the app will just close and restart using the new version.
Note: Downgrading is not "automatic". The user would have to first uninstall the app. For upgrades, however, it's a simple case of downloading and launching the APK version (the user will be told they need to allow installations from unknown sources if this is not checked).
You have a couple of options, depending upon your target system.
Use the link you posted. This will provide the user with a traditional install dialog, whereby the user can choose to install or not. You should avoid doing that automatically, as APKs can be large and you might irritate the user if they don't want updates.
You can install updates magically, but you will require the firmware signing key (or possibly root, but I haven't tested that). That will not ask for consent from the user. You will need to add additional code using reflection to access the installation methods of Android. If you go this way, you should build an opt-out/in mechanism.
If your app is open-source, F-Droid would solve the problem for you.
F-Droid is an installable catalogue of FOSS (Free and Open Source
Software) applications for the Android platform. The client makes it
easy to browse, install, and keep track of updates on your device.
Mainly, it updates your app when necessary. (Or just have a look at its source code for inspiration on how to do it).
Yes but as far as I remember only if you had Root privileges in order to have access to the INSTALL_PACKAGES permission.

Android system app

I'm developing a remote-control application for Android.
I want to be able to lock/unlock the screen.
To do this there are two ways:
Making the app a Device Administrator.
Using PowerManager.goToSleep(), which requires the DEVICE_POWER permission, which is a system permission.
So eclipse tells me "this permission is only granted to system apps".
I really need this and some other system permissions in my app, as it's a remote control app that must be able to control system features.
From the support page:
Uploading System Applications
Most developers will not need to upload system applications and may ignore this section. System applications may come pre-installed on certain devices and may or may not already be published in the Play store.
If you need to upload a system application and encounter an error message when doing so, please contact us. Please be sure to select the Publishing issues and distribution option.
If I'm understanding it right, It's possible to make a system application. how?
I'm developing a remote-control application for Android
Fortunately, this is not possible, except perhaps if you run as root, or you download the Android source code, modify it, and roll it into your own ROM mod.
If I'm understanding it right, It's possible to make a system application. how?
Build your own ROM mod. Sign the app with the same signing key as is used to sign your ROM mod. Put your app in your ROM mod. Install your ROM mod on your device.
This, of course, will limit your app's distribution to those devices running your ROM mod.
A lot of “system” permissions are really SIGNATURE_OR_SYSTEM permissions. For those, you need to do one of the following:
After building the APK, install it as a system app.
Sign the app with the same key as the Android distribution on your device.
For the first option, you would need to be root on your device. Regular APKs reside in /data/app, while system APKs need to be placed in a different folder (on Android 6 and 7 it’s /system/priv-app, earlier versions may differ). However, this is not very suitable for an app to be distributed to end users, especially if your target audience is not very tech-savvy.
For the second option, you need to build Android from source for your target device. If you sign the app with the same key as your Android build, then users running that build of Android can install it in the usual manner.

Android signing conflict

I am developing 2 android applications, which are clients for my server. I cannot install both applications on my android phone. I install the first app to phone, everything is ok. Then when I try to install the second app on the phone, I get the message that the application will replace another application (the first one), and then I get following error:
Application not installed: an existing package by the same name with a conflicting signature is already installed.
I mention that I have created one separate keystore file for every application, export them as in the android official signing application guide, then zipaligned them.
So the OS thinks that it is a single application? But in fact there are 2 different apps.
What am I doing wrong?
I think you are using the same package, which is not allowed for two different apps.
But for anyone who have the same error for installing another version on top of previously installed app:
I wanted to test released version of my app when the problem occured. I've had the app previously installed using eclipse, and than I wanted to install the same app but with released signature. I have even uninstalled the app using apps gallery, but the problem persisted.
The solution for me was to unistall the app using Settings->Apps->"the app"->top right corner menu->Uninstall for all users
I had the same error message, but these answers did not help. On a 4.3 nexus 7, I was using a user who was NOT the owner. I had uninstalled the older version but I kept getting the same message.
Solution: I had to login as the owner and go to the settings->apps... Scroll down to the end of the list where my old version was listed with a mark 'not installed'. Select it and press the 'settings' button in the top right corner and finally 'uninstall for all users'
Not sure what happens when you use the same signing key, because in all honesty, I never really tried it.
That being said, as Anand Tiwari, in his comment, has already simplified the answer, you cannot install two different applications with the same package name on one device. They, logically speaking, may be different to you, but for the OS, they are in fact, the same.
The problem also manifests itself when you try to upload the applications to the Android Market (Google Play). Google Play will simply not accept the second application. There is a short and simple explanation by Warren Faith here: https://stackoverflow.com/a/5788664/450534
As an example of how similar applications with a few changes are published to the Google Play store:
The free version of FriendCaster is: https://play.google.com/store/apps/details?id=uk.co.senab.blueNotifyFree
The paid version if the same app is: https://play.google.com/store/apps/details?id=uk.co.senab.blueNotify
Notice the ending of the package names. In this case, you will be able to install both the apps simultaneously on one device.
I think your problem is that both your files have the same package name. You can name both apps with similar packages, but they can't be identical. In fact, using the same package base can be used to communicate between applications ie. App1: com.mypkg.app1 and App2: com.mypkg.app2. However, they both can't be called com.mypkg.app - the package name is how Android identifies apps, and can't be identical.
You should be able to sign as many different apps (assuming their package is different) with the same key.
Make sure not to lose your signing certificate, if you lose it, you will not be able to upload a new app with the same package name. If you lose your signing certificate, you will be in big trouble.
Good luck.

Download Apk inside my apk without user interaction

I made an android application inside that i have put an apk file in "res/raw" folder now what i want when i am installing my apk the apk inside the raw folder also install without clicking once more on install button. If it possible by writing my own package manager or package installer please suggest me.
Spyware? Malware? Even if it is not, it might be flagged as such if you have nested APKs.
You can't install without user interaction unless you have system or root permissions. This is a good thing too. If you are building your own firmware, and distributing to limited devices, you can sign your app with the platform key and be able to install packages directly. There are multiple questions about this, but generally you use one of the hidden (from SDK apps) installPackage() methods of PackageManager.
I think you would have to Root your phone to do this.
The main question is why you would want to.

Re-sign android applications?

My lecturer gave me a project on patching APK files. I wrote a sample application, using Apk_Manager 5.0 to patch the app. It's ok. But then I tried with an application downloaded from market.android.com, the re-signed application can't run on my Android Virtual Device. What's the problem?
As a security feature Android will not let you install an updated version of an app that was not signed using the same keys. If this were allowed a malicious app with the same package name could gain access to private data stored by the original app. To install an app with the same package name but different signing keys you must first uninstall the original app, which will remove the app's private data.
Since you mentioned that you are attempting to modify other people's apps potentially without their knowledge or consent, please respect the copyrights of others. Many developers may consider this to be a breach of license.

Categories

Resources