How can I get root permissions through the Android SDK? - android

I'm learning Android programming, and I want to make an application which has to run as root. The logical thing would be to add a root permission in the Android Manifest.
I saw this link in the documentation, and especially noted the FACTORY_TEST permission:
public static final String FACTORY_TEST
Since: API Level 1
Run as a manufacturer test
application, running as the root user.
Only available when the device is
running in manufacturer test mode.
Constant Value:
"android.permission.FACTORY_TEST"
Is that the best way?
If it's not possible using the SDK, how can I make a "root" application work?

What you need to do is something like:
Process root = Runtime.getRuntime().exec("su");
That causes SuperUser to show, which lets you either Allow or Block it from root access. This approach might not work if the user is not rooted. Here is a way you can test it.

First lets us get the basics right. Android run Linux kernel underneath. Now if you have to run your process on it with super user privileges(run it as root) the only way is to execute your process is via command line because it is the only way you can directly interact with the kernel. Also you need to use su before running any command. Also as Chris has mentioned in his comment on the 1st answer
Process process = Runtime.getRuntime().exec("su");
will accomplish nearly nothing. It will just ask for super use privilege using dialog. What you can do is instead of just executing su you can execute your process with su as following
Process process = Runtime.getRuntime().exec(new String[] { "su", "-c", yourCommand});
The -c Option
Among the most commonly used of su's few options is -c, which tells su to execute the command that directly follows it on the same line. Such command is executed as the new user, and then the terminal window or console from which su was run immediately returns to the account of the former user after the command has completed execution or after any program that it has launched has been closed.(More details)
Alternate Option
Alternative to above method one another way that might work is to use command line to copy you app to /system/app/ directory. Then your application will run automatically with root privileges(same as System apps)

The SDK does not offer a way to run an app as root.

Related

Android: How to get the process id of the foreground app

First of all, please note that this question is not same as all the "android foreground app" questions I found on SO, please read on :-)
I'm trying to write an android app for my own use, using golang, without using android-sdk or ndk (this is the KEY point). It is pretty simple, just use golang to write a http service, compile it for arm CPU and voila my app is running and can be access by simply visit http://localhost.
For the purpose of my app, I need to know the currently running foreground application, to define it precisely:
Foreground application is the application that occupies the screen, or has an "activity" what-so-ever (forgive me I'm not an android developer).
Anything that that is depended by the foreground application (e.g. services) is NOT what I am interested in.
If the phone is LOCKED/screen turned off, I want the solution to tell me there is NO foreground app.
And since I do not use anything android, just treat the phone as a LINUX machine, I want the solution to use native LINUX ways, e.g. by inspect /proc, or by calling any installed android command line tool (including sending messages via these command line tools), but NOT using any SDK/NDK way so that I have to use java or incorporate these thing into my app.
Starting from Android SDK 26 (if I remember well) Apps are executed on -one-User-per-App, so (i.e.) WhatsApp is running on UID=30 and Telegram on UID=76, so executing a ROOT command of "ps -A -o PID,USER,NAME" you can parse output and then Kill all Processes that you don't want to be executed.
36119 u30_a149 <WhatsApp_packagename>
36203 u76_a211 <Telegram_packagename>
37399 root [kworker/1:2H]
37423 u0_a329 su
38069 root sh
Without Root Permissions nothing of what you're trying to achieve is possible simply because is not possibile to denied an application to be executed or to kill it without Superuser privilege.

Run application as root:root

I have a rooted phone and on it an application that I've built.
My application receives su powers from the superuser app and can call commands that require root, but the problem is that I have a piece of code that has to run from a process with root uid, and the file can't be compiled separately.
Now, is it possible to fork my process and run the child process as root:root? or somehow change the uid to root (I've tried with seteuid / setuid and it didn't work.. probably because the application's setuid flag is off).
I would like something like this:
fork process
if (child-process)
run_special_code()
else
wait_for_the_child_process_to_exit()
Thanks!

Running a command as a shell user from an Android app

I am trying to execute an fopen() function on a file that is given permissions only to "shell" from a native (C++) application that is triggered from a service on my Android application. When I run the native code as a PIE from the shell, I am able to open the file for reading, but if I try from the Android application, it fails to open the file as the Android application is run in a different user space and so I am not able to open the file. My question is, is it possible to run the command as a "shell" user or a child of "shell" from the Android application. I want to be able to do this without rooting the device so su is out of question.
You can't change the user ID of your app without a rooted device. If you could, the security model wouldn't be very useful. If your app needs access to the file, you will need to grant appropriate permissions.
The other common workaround is to have a service, running as the "shell" user, whose job is to open the file and hand back a file descriptor. The tricky part is that you need a way to launch that service as the "shell" user, which brings us back to needing "su".
FWIW, the situation is the same whether you're coding in Java or C++.

monkeyrunner script - starting an activity that requires a permission

in a monkeyrunner script while launching an activity, is there a way to mimic yourself having a certain permission that the starting activity requires?
I am using "device.startActivity(component='com.package/.MyActivity)" but the activity MyActivity requires a permission, and hence device.startActivity fails. Is there a way to give this permission to the script?
When I had this problem, I solved it by creating a very small application(with the correct permissions in the manifest) that I pushed to the phone. All the application did was re-send intents sent to it, but to a different destination. My application also had a gui for triggering events manually, but that's optional.
You can add permissions in AndroidManifest.xml file.
I don't know what monkeyRunner script is, and do we talk about the same permissions here, but in Android, all permissions you want to give to the app, you go to Manifest file.
Running an activity through monkeyrunner is not exactly different than running it manually. So, when it asks for permission, you can verify it right after installation by sending an extra command like:
device.press('KEYCODE_ENTER', MonkeyDevice.DOWN_AND_UP)
or
device.press('KEYCODE_BUTTON_SELECT', MonkeyDevice.DOWN_AND_UP)
You can also get your application have system privilages by pushing it into a special folder with these commands:
>adb remount
>adb push your\local\apk\path.apk system/priv-app
>adb shell stop
>adb shell start
Hope it works for you...

strace shell command issue in Android

I'm building a monitor app, which runs in background and logs the system calls executed by currently running application using the strace command.
String cmd="strace -p "+processID+" -o /mnt/sdcard/traceFile_"+processID+".txt";
Runtime.getRuntime().exec(cmd);
Here processID is the PID of currently running process which is got from some other method implemented. It logs the system calls of the first app it monitors properly with all executed system call information. But when a new app is started(second one onwards), the processID is updated correctly, but the file traceFile_processID is written as an empty file.
I'm not able to figure out why its happening. Is it because the strace execution of first app monitored still there?? If so how I can execute a ^C to terminate that session and start a new one as in adb shell command prompt?? Plz help me.....
If you want to "^C" as you say, what you're really asking for is how to raise the signal called SIGINT to the given processID. You can do that simply by kill(processID, SIGINT); - this is equivalent to pressing Ctrl-C on the keyboard for the target process.

Categories

Resources