I have a rooted tablet that gives adb root as soon as it connects.
When I type adb shell
I get
root#android:/#
I can do su
and it's not showing me any permissions errors
But when I try to execute a file on an sdcard that has already been given all permissions.
I get Permission Denied
Why is this happening?
The sdcard is mounted with a noexec flag, which means you cannot execute things stored there.
This is doubly important when running as root or even the semi privileged shell, since the lack of file permissions or ownership there means any userid with the write external storage permission could trojanize the program you might want to run.
As an aside the default shell has a limited vocabulary of errors and in many versions will also say permission denied as a substitute for command not found. Your current working directory is not in the search path, so if you want to run something from there, you typically need to do:
./filename
Related
Using the termux (https://termux.com) terminal-emulation program, I type the following command:
ls /sdcard
I get the following error:
ls: can't open '/sdcard': Permission denied
No, my device is not rooted, nor do I plan to root it - so I can not give any information that I'd have to root the device to obtain. However, not being rooted never in the past prevented me from having read access to the /sdcard directory - so this is new (and disturbing).
Granted - it's been a few months since previously I tried to do this - but this new limitation from Android seriously hampers the usability of termux and who-knows-what-else -- as I need to be able to have access to files that are on my SD Card. (I can still do a lot, even if not everything, even without write permissions -- but am pretty much stuck in the water if I can't get read permissions, as is presently the case.)
I've had the same issue, easly solved by typing termux-setup-storage. This will open the window to obtain storage r/w permissions and the job is done.
Be sure to run previously apt update and apt upgrade to have it available.
I need to mount nfs share from the system app to sdcard or to mnt folder, but mount works only with root access granted. How can I do this? (This is not only the one program, that not work without root. For example, I also need root to use dd to flash custom recovery on my system)
I downloaded AOSP Marshmallow sources, I added su and all it needs to /system/xbin folder. When I try to run su it prints me "Permission denied", but via adb shell root works normally (I can run it in xbin folder). What permissions I need to add to run my system apps as root? Thanks.
System and system apps built and signed with the platform key. App that I am testing has sharedUid=android.uid.system property in Manifest.xml
su as provided by AOSP has restrictions built it to ensure you are the root or shell user invoking it. This check is at https://android.googlesource.com/platform/system/extras/+/master/su/su.c#85
You could always add the system UID (AID_SYSTEM) to this check; however, this would pose a security risk by granting blanket root privileges to all apps/process with the system UID. I would only add the system user to this line in su.c if you are accepting those risks and want an easy solution.
I would recommend re-evaluating your use case and potentially write a native daemon/service that exposes an function for applications to only perform the actions required. You could then enforce these with higher-level android permissions, as well as, POSIX capabilities for the native daemon itself.
The only solution that works for me is the server binary that launched by init as root process. I wrote simple server binary that can be connected via LocalSocket from java side and I can send it some commands. To start server binary on system start, I added next lines to init.rc script:
service suservice /system/bin/suservice
class core
user root
group root
socket suservice stream 0600 system system
On java side I wrote simple library that works via callback interface and receives data from this service or error if something wrong.
Now only apps that started as system:system can use this local socket to run root commands. User apps receive Permission denied as expexted.
P.S. There is no need to run or keep su binary now at all, because server binary already runs as root. I can completly remove su binary from the system now.
I read lots of websites about how to root an android device and give the app root privileges.
Now I have installed superuser app. When I enter su in a console to the device then superuser comes to ask for rights. This looks fine.
But when I do Runtime.getRuntime().exec("su"); in my app nothing happens.
Error code is 1, message is permission denied. No superuser message appears. This looks like my app can't call su. Funny: when I let my app call Runtime.getRuntime().exec("su -v"); I get a result! (namely the su version).
Call to su only fails.
What am I missing?
Btw. I added permission android.permission.ACCESS_SUPERUSER to the manifest as stated somewhere.
There are so many threads about root privileges, but none of them explains what can go wrong.
Is this CyanogenMod? Look in the settings: you can choose whether to allow apps to request root, and whether to allow adb to do so. You might have got it set to "ADB only". If so, change it to "ADB and apps".
Your su -V tells you that you're successfully executing an external program; but su itself is refusing to let you become root.
I want to execute the "su" comand from an app..I have rooted the emulator and installed Superuser.apk(superuser 2.3.6.1)
Process pr= Runtime.getRuntime().exec("su");
process.waitFor();
Log.d("Ex.Value",Integer.toString(process.exitValue()));
But I'm getting 255 as the exit value which seems to be some error in executing "su".
I have included RootTools library (http://code.google.com/p/roottools/). When checked with the methods RootTools.isRootAvailable(), RootTools.isAccessGiven()...Its found that the emulator has SU, but my application is not granted Root permissions. Will it be the real issue?? ..If so Can you plz tell how to grant my app the Root permission?
When you execute 'su', you should have root access within that process. The app should then automatically ask for root permission to the user via a dialog box. This dialog box is provided by android but is only present in devices that have been rooted.
This blog post has an example that might help you:
http://www.stealthcopter.com/blog/2010/01/android-requesting-root-access-in-your-app/
The comments at the end are very informative as well.
We are creating an Android application which requires super user privileges. The SuperUser.apk and su are installed. However there seems to be a difference between installing our application in /data/app vs. /system/app. If we install in /data/app, everything seems to work fine. If we install in /system/app, SuperUser.apk does not popup to grant privileges.
Are there certain types of programs that must be installed in one location vs. another?
TIA
APK files in the /system/app folder already have system-level permissions so they don't require SuperUser, which I assume is why it doesn't pop up.
You should confirm that your application already has the permission you have requested. For instance, AlarmManager.setTime requires the signatureOrSystem permission android.permission.SET_TIME and will throw an exception if it doesn't have it. You can also check explicitly with PackageManager.checkPermission.
If this doesn't work, check the attributes of the APK file. If they don't match the other APKs in the system folder Android may ignore them. You can fix it like this:
chmod 644 <filename>