We are creating an Android application which requires super user privileges. The SuperUser.apk and su are installed. However there seems to be a difference between installing our application in /data/app vs. /system/app. If we install in /data/app, everything seems to work fine. If we install in /system/app, SuperUser.apk does not popup to grant privileges.
Are there certain types of programs that must be installed in one location vs. another?
TIA
APK files in the /system/app folder already have system-level permissions so they don't require SuperUser, which I assume is why it doesn't pop up.
You should confirm that your application already has the permission you have requested. For instance, AlarmManager.setTime requires the signatureOrSystem permission android.permission.SET_TIME and will throw an exception if it doesn't have it. You can also check explicitly with PackageManager.checkPermission.
If this doesn't work, check the attributes of the APK file. If they don't match the other APKs in the system folder Android may ignore them. You can fix it like this:
chmod 644 <filename>
Related
I am creating an android app for media box. The box is rooted. I have to bypass permissions (run time permission too) because user will not be interacting with the device. I tried to push the apk in system/priv-app folder also to make it system app. Still, whenever my app is launched, it asks for permissions. Is there any way to bypass permissions in rooted device? I have used following commands to push the APK to priv-app folder.
adb remount
adb push apk-filename-here /system/app/
adb shell chmod 644 /system/app/apk-filename-here
adb reboot
App seems to be like system app because it is not uninstallable now. But permission problem is still there. Is anything extra required to be done to grant all permissions? Please help.
I tried bypass android usb host permission confirmation dialog also but this seems to be a very old story now.
Some permissions are signature-level, meaning they can't be granted unless your app is signed with the same key used to sign the rest of the system. If you need any of these, there's very little you can do, unless the relevant APIs have shell-command alternatives.
Other permissions are privileged-level, meaning they're only granted if the app is located in /system/priv-app/. You haven't mentioned which permissions you're using, but I recommend putting your app in priv-app instead of app anyway. If this device is on Lollipop or later, apps should have a sub-folder inside priv-app (eg /system/priv-app/SomeApp/SomeApp.apk).
The third type is app-op permissions. These aren't runtime permissions, but they can be granted with a shell command:
cmd appops set <PACKAGE> <OP> <MODE>
For example, to grant the SYSTEM_ALERT_WINDOW permission:
cmd appops set com.some.package android:system_alert_window allow
The fourth type is runtime/development permissions. Both can be granted with the following:
pm grant <PACKAGE> <PERMISSION>
For example, to grant WRITE_EXTERNAL_STORAGE:
pm grant com.some.package android.permission.WRITE_EXTERNAL_STORAGE
You can check which type your permissions are by looking at the platform AndroidManifest.xml. Find your permission and check the protectionLevel field.
signature means signature
privileged means privileged
development means development
dangerous means runtime
normal permissions will be automatically granted
Certain permissions, like WRITE_SECURE_SETTINGS have multiple protection levels: signature|privileged|development.
If any of those conditions is met, Android will grant the permission to your app. With WSS, you could either put the app in priv-app or use pm grant. Either way will get you access.
If a permission's protection levels have both appops and development, such as PACKAGE_USAGE_STATS, be careful. Using cmd appops will grant that permission for certain functions, while pm grant will for others.
I made a filemanager that I want go be able to navegate/modify some system folders (say, /data/). I copied my apk to /system/app, gave 644 permission to the apk file, and rebooted. Yet, my app is still run without root privileges (deny simple access to /data). I'm using Cyanogenmod 11.
Any clue?
Thanks!
L.
To clarify, the app being in the /system/app folder does not run it as root. Android is linux based, so having root access means that your app is able to run shell commands as the root user.
Generally speaking an app being in the /system/app folder makes all declared permissions available to it, (for example, declaring WRITE_SECURE_SETTINGS only does anything for system apps), and then the code that was only available to system apps is now available to yours as well.
For reliability, you should use shell commands where possible for anything that's normally unavailable. Do not use java.io.File to access files that are normally restricted.
I would recommend using RootTools as it makes running shell commands as root much easier. The first 3 pages on this linux command cheat sheet will probably cover everything you need.
How would you programmatically get the application to install itself in /system/app so that it is treated as a System application and not a user app?
I don't believe it's possible to programmatically install your app in /system/app folder. You can however, ask for root permissions and execute any commands requiring root privileges using this guide:
http://muzikant-android.blogspot.in/2011/02/how-to-get-root-access-and-execute.html
I have added "android.permission.WRITE_SECURE_SETTINGS" in the Manifest. But still i get an error message saying - required "WRITE_SECURE_SETTINGS".
I have seen a lot of talks about this, and that this setting is prevented for third party software.
It is any other way that i can add my application can gain this permission?
I have see this adb command, but i not so familiar how to use this to add my application to my device, is below command is require root my device before it can be use because it failed to copy by Read-only file system?
adb remount
adb push app.apk /system/app/
I would like to add that WRITE_SECURE_SETTINGS permission can be granted over adb and this approach does NOT require root. Here is a command:
adb shell pm grant your.package.name android.permission.WRITE_SECURE_SETTINGS
Firstly, as you have read before, WRITE_SECURE_SETTINGS is NOT available to applications! So you cannot use this permission regardless whether you are on rooted or production builds.
So, if you wish to enable this setting, create your own firmware that does what you need and load that firmware on whatever devices you wish. Or, contribute your changes to existing firmware mods (e.g., Cyanogen).
Some other applications use techniques like Reflection using Java to gain access to functions not exposed via API, you can probably try the same.
Secondly, adb remount does not work as is with production builds unless the phone is rooted or firmware enables it by default.
I recently struggled with this very thing. My client wanted an app that would turn NFC off when the device was charging (wireless charger) and then on when it was removed from the charger. I was running KitKat on my Nexus 7, and even though I had WRITE_SECURE_SETTINGS in the Manifest, and the app in /system/app/, it would not work.
Turns out, that in 4.4 they added additional security. In 4.3 however, it works if three things are true:
Manifest has WRITE_SECURE_SETTINGS
App is in /system/app/
The package is signed by a key (any key)
I rooted the device using the awesome Nexus Root Toolkit (NRT) from http://www.wugfresh.com/nrt/ then installed BusyBox and system app mover from:
https://play.google.com/store/apps/details?id=stericson.busybox
https://play.google.com/store/apps/details?id=de.j4velin.systemappmover
I installed my custom signed APK and moved it into place using system app mover, which then restarted the device. It worked perfectly. Hope this helps.
For the api that I used, which required WRITE_SECURE_SETTINGS privileges, I had to include this in the manifest:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
...
coreApp="true"
android:sharedUserId="android.uid.system">
<uses-permission android:name="android.permission.WRITE_SECURE_SETTINGS"/>
...
ref: https://github.com/android/platform_packages_apps_settings/blob/master/AndroidManifest.xml
I also had to run the application as a system app (under: /system/app).
Here is an how to: http://www.addictivetips.com/mobile/how-to-install-any-app-as-system-app-on-android/
I met this situation too,and then i follow the rules below:
1.add WRITE_SECURE_SETTINGS in manifest
2.make my own firmware
3.add LOCAL_CERTIRICATE := platform
Try this,
adb shell pm grant your.package.name android.permission.WRITE_SECURE_SETTINGS
I was able to fix this problem by enabling notification access.
go to settings
click on sound and notification
scroll down
click on notification access
I'm attempting to install an apk programmatically, but I'm not having much luck. I'm setting up an automated test framework targeting physical devices, and I want to have the test devices retrieve the latest apk from the build server before running tests. While I am aware that there is no general way to actually install an apk without the user's consent, I'm curious if there might be some approach available in the case where a developer owns both the apk and device.
Approaches I've tried in the past (the apk has been downloaded to pathName/apkFilename):
String command = "adb install " + pathName + apkFilename;
Runtime.getRuntime().exec(command);
And:
Intent intent = new Intent(Intent.ACTION_VIEW);
intent.setDataAndType(Uri.fromFile(new File(pathName + apkFilename)), "application/vnd.android.package-archive");
getActivity().startActivity(intent);
While I haven't been able to get the first approach to work, the second attempt creates a system dialog asking the user to confirm the installation (so almost there, but not quite). Since it is a System dialog, I, unfortunately, cannot use Robotium to confirm.
A lot of people are trying to solve similar problems. I believe it may not be possible to install an APK without confirmation, at least not easily:
Silent installation on Android devices
I've accepted for a while now that it's impossible to silently install an application on Android
Install apps silently, with granted INSTALL_PACKAGES permission
You cannot silently install app, its not supported by Android for obvious reasons. Application installation requires user intervention to continue.
Workarounds?
You need the app to have the android.permission.INSTALL_PACKAGES permission.
There are some hints on those threads about how to do this if you have certain priveleges, though it might be hard to get your app to run that way. You might have to install to a special directory, and/or you might have to run as a special user (which might be hard to do).
One possible way to run the app with elevated permissions: How can I get root permissions through the Android SDK?
On this thread, they mention you might have to "root" your phone to enable that permission:
http://www.anddev.org/androidpermissioninstall_packages_not_granted-t5858.html
I wouldn't be surprised if this voids the warranty though. You mentioned in the comments on your post that you don't have "control over the device", so that might kill this option too.
There is some mention on this thread of exploits that some apps use, but I don't think they're supported. If they still work, they might stop working at some point.
I'm trying to do the same thing, in order to push updates to devices we control. In our case they're already rooted, and the application has been granted superuser, so I think just copying the .apk over the top of the existing file would probably work, but this seems very hacky.
What seems like a better approach (if it works) is to use the pm Package Manager application:
# /system/bin/pm
usage: pm [list|path|install|uninstall]
pm list packages [-f]
pm list permission-groups
pm list permissions [-g] [-f] [-d] [-u] [GROUP]
pm list instrumentation [-f] [TARGET-PACKAGE]
pm list features
pm path PACKAGE
pm install [-l] [-r] [-t] [-i INSTALLER_PACKAGE_NAME] [-s] [-f] PATH
pm uninstall [-k] PACKAGE
pm enable PACKAGE_OR_COMPONENT
pm disable PACKAGE_OR_COMPONENT
pm setInstallLocation [0/auto] [1/internal] [2/external]
The list packages command prints all packages. Options:
-f: see their associated file.
The list permission-groups command prints all known
permission groups.
The list permissions command prints all known
permissions, optionally only those in GROUP. Options:
-g: organize by group.
-f: print all information.
-s: short summary.
-d: only list dangerous permissions.
-u: list only the permissions users will see.
The list instrumentation command prints all instrumentations,
or only those that target a specified package. Options:
-f: see their associated file.
The list features command prints all features of the system.
The path command prints the path to the .apk of a package.
The install command installs a package to the system. Options:
-l: install the package with FORWARD_LOCK.
-r: reinstall an exisiting app, keeping its data.
-t: allow test .apks to be installed.
-i: specify the installer package name.
-s: install package on sdcard.
-f: install package on internal flash.
The uninstall command removes a package from the system. Options:
-k: keep the data and cache directories around.
after the package removal.
The enable and disable commands change the enabled state of
a given package or component (written as "package/class").
The getInstallLocation command gets the current install location
0 [auto]: Let system decide the best location
1 [internal]: Install on internal device storage
2 [external]: Install on external media
The setInstallLocation command changes the default install location
0 [auto]: Let system decide the best location
1 [internal]: Install on internal device storage
2 [external]: Install on external media