Is it possible to block installing apps from apk file directly. How can do this using code, not by using some setting on the phone.
I just need to block installation of apps outside of the play store. That is stop the user from copying a apk file to the phone and install it. But still allow them to install apps through the Play Store.
This isn't possible on AOSP Android.
The Install from unknown sources option is a setting in Settings.Global (previously in Settings.Secure) and cannot be controlled by third party applications.
However, it is possible do achieve this if you're willing to modify and compile Android itself for each and every device you want to use this on, as is done by AT&T on some of their devices.
You can't. This is a system setting you can't handle, because it's a security setting. This won't be editable by any application. Just think about what if, when any application could do: Then the application could download a bad .apk and install it without any warning.
try using code to copy file into directry /data/app/ .
but device is rooted and some app work not correctly
Related
The device my Android app is running does not have Playstore on it. The plan is to pre-install the software when shipping the device. I am now looking for a strategy to upgrade the application.
I found this useful link to install an Android app from the apk file:
Android: install .apk programmatically
I am thinking I will use this logic to auto-upgrade my app. I am wondering if it is even possible. I am thinking the upgrade will first try to uninstall existing version but will fail as the executable is still running and the file may be locked. Is there a better way? Regards.
Peter, we've just implemented the same thing.
Users have the software pre-installed on their device and we host update APK's on the companies servers.
From the app they can then check for updates where we have a WCF service which extracts the APK file (essentially a .zip) and returns the manifest details. From there we have the version of the APK and can compare it against the local version.
If the user decides to upgrade they can download the APK and you can automatically launch it. At which point the user will be told the application is going to be updated. There are no file locks etc, the app will just close and restart using the new version.
Note: Downgrading is not "automatic". The user would have to first uninstall the app. For upgrades, however, it's a simple case of downloading and launching the APK version (the user will be told they need to allow installations from unknown sources if this is not checked).
You have a couple of options, depending upon your target system.
Use the link you posted. This will provide the user with a traditional install dialog, whereby the user can choose to install or not. You should avoid doing that automatically, as APKs can be large and you might irritate the user if they don't want updates.
You can install updates magically, but you will require the firmware signing key (or possibly root, but I haven't tested that). That will not ask for consent from the user. You will need to add additional code using reflection to access the installation methods of Android. If you go this way, you should build an opt-out/in mechanism.
If your app is open-source, F-Droid would solve the problem for you.
F-Droid is an installable catalogue of FOSS (Free and Open Source
Software) applications for the Android platform. The client makes it
easy to browse, install, and keep track of updates on your device.
Mainly, it updates your app when necessary. (Or just have a look at its source code for inspiration on how to do it).
Yes but as far as I remember only if you had Root privileges in order to have access to the INSTALL_PACKAGES permission.
I would like some general info on system apps. I am working with a manufacturer who is willing to give me the info required to make my app a system app. However, I do not know exactly what this information should be and how to change with my app to make it a system app with the given information. I believe I need the something in my manifest like this
android:sharedUserId="android.uid.system"
and then I need to sign my app with the manufactures key? I am not sure could someone explain to me exactly what the process would be please?
Also the reason my app needs to be a system app is so the user cannot uninstall it, but my app still needs to update. Is it possible to update my app when it is a system app? I would be updating if from google play like normal.
Thanks for any help I simply could not find very much information on this subject and would appreciate the help.
This link here would give you a bit of information.
A System application is NOT an application which is signed by the OS’s
platform signatures. This is a common mistake believed by many and we
shall come to this later on. A System application is merely an
application which is placed under /system/app folder in an Android
device. An application can only be installed in that folder if we have
access to the OS’s ROM (system.img). The application is placed under
/app folder after the ROM has been extracted. A device which loads the
custom ROM will have the new System application added. The benefit of
a System application is that the application cannot be removed from
the device (cannot be uninstalled by the user). This is only because
/system/app is a read-only folder.
http://ricston.com/blog/explaining-behavior-android-application-system-apps-nonsystem-apps/
As for updating your app through the play store, I am assuming you should be able to do that without any problems, if the app is on the play store, and you use the same signature every time. It need not be the manufacturer's certificate, but it's better to use that certificate to sign your app.
So, the only thing that you need to ensure is that, while building the ROM, the manufacturer puts your apk into the system folder, and it should work.
Use mkkey.sh http://www.kandroid.org/online-pdk/guide/release_keys.html script to create new certificates, including x509 certificates. you wont need these steps as manufacturer is giving you the keys.
In AndroidManifest.xml of your application : under the element add the attribute android:sharedUserId=”android.uid.system”
Export an unsigned version of your Android application using eclipse.
Project >> Android Tools >> Export Unsigned Application Package
Use /out/host//framework/signapk.jar to sign your app using platform.x509.pem and platform.pk8 in /build/target/product/security/ generated earlier
java –jar signapk.jar platform.x509.pem platform.pk8 your_app_unsigned.apk your_app_signed.apk
Answer to some of your other questions are already given by Kumar Bibek. These are the steps I followed when I had to do the same. This was in done in Android ICS. The steps might have changed but still worth a try.
Since Android O (Oreo), you need to sign the system apps with dev keys, unlike in the past versions you can just copy them to a system folder which has varied in the past.
i have an old backup Android phone (i can't say it's name cause it's marked as bad grammar for some stupid reason) that only has android platform 2.1 (Eclair) and only got market than play (google), but i can't log in to the market since it always says that my password is wrong. So i have find other ways to install them.
So how can i install the apps without market?
I have already tried to factory reset the phone, but it still says that the google mail password is wrong. so i have to find other ways to install the apps.
I had done this earlier on my phone. Not sure if will work on Android 2.1. The easiest way I found was download the apk file. Store it on your SD card. Check the box that says unknown sources in your Application settings. This will allow you to install non Market Applications . Go to your SD card and click on the apk file in your SD card. Make sure the apk you download is compatible with your device.
Well you can install applications from the Amazon App Store. You might also search the application you want online, and tons of sites will come up. You just download the apk file from there and add to your SD card. Then install the application. Ensure that it is compatible with your device.
You can download the apk's directly from other websites.
One is AppLounge
I made an android application inside that i have put an apk file in "res/raw" folder now what i want when i am installing my apk the apk inside the raw folder also install without clicking once more on install button. If it possible by writing my own package manager or package installer please suggest me.
Spyware? Malware? Even if it is not, it might be flagged as such if you have nested APKs.
You can't install without user interaction unless you have system or root permissions. This is a good thing too. If you are building your own firmware, and distributing to limited devices, you can sign your app with the platform key and be able to install packages directly. There are multiple questions about this, but generally you use one of the hidden (from SDK apps) installPackage() methods of PackageManager.
I think you would have to Root your phone to do this.
The main question is why you would want to.
I want to allow user to install my app directly from my web-site, not through the Android market.
I'm working on a specific non-phone android device, which can't be connected to the Android market.
how can I accomplish such a thing ?
The device can download the APK files like a normal file. After that, the user can open it and gets prompted to install it by checking the apps permissions. This required the unknown source preference (Preferences->Applications->Development usually) to be checked.
If you want to create some sort of drive-by-download/install: Thats not possible for (obvious) security reasons.