Une application Système est une application classique : elle est au format APK, elle doit déclarer ses permissions. LA différence est qu'elle est placée dans /system/ (un dossier spécial et protégé) au lieu de /data/app comme toutes les autres apps.
L'app ADB-Lock est capable de détecter toute seule si elle est Système et dans ce cas cesse d'utiliser le mécanisme ROOT pour permuter l'état de l'ADB.
- Avec "/system/app mover" disponible sur le PlayStore. (déconseillé pour Android > 4.3)
- Via le shell ADB après avoir téléchargé l'application sur le PlayStore:
k@mbp:~ $ adb shell mount | grep system /dev/block/sda6 /system ext4 ro,relatime,data=ordered 0 0
Par défaut la partition /system est en lecture seule (ro), pour la passer en lecture écriture (rw) il faut passer root :
k@mbp:~ $ adb shell shell@android:/ $ su shell@android:/ # id uid=0(root) gid=0(root) groups=1003(graphics) (…)
Puis remonter la partition en rwshell@android:/ # mount -o remount,rw /system
On peut s'assurer du bon remontage avec grepshell@android:/ # mount | grep system /dev/block/sda6 /system ext4 rw,relatime,data=ordered 0 0
L'installation dans /system se fait par simple copie :shell@android:/ # cp /data/app/net.cekage.adb_lock*.apk /system/app/ADBLock.apk
Ne pas oublier de corriger les droits :shell@android:/ # chmod 644 /system/app/ADBLock.apk
Pour vérifier :shell@android:/ # ls /system/app/ADBL* /system/app/ADBLock.apk
Puis désinstaller proprement l'application :shell@android:/ # pm uninstall net.cekage.adb_lock Success
Finir par un rebootshell@android:/ # reboot
- Via un script et un interpreteur "root" (comme là ) après avoir téléchargé l'application sur le PlayStore:
## Basic script to pass ADBLock as system app. ## Common errors are handled. ## © CeKaGe - 2013 - WTFPL mount -o remount,rw /system || (echo "fail [mount]"; kill -SIGINT $$) echo "ok [mount]" cp /data/app/net.cekage.adb_lock*.apk /system/app/ADBLock.apk || (echo "fail [cp]" && kill -SIGINT $$ ) echo "ok [cp]" chmod 644 /system/app/ADBLock.apk || (echo "fail [chmod]" && kill -SIGINT $$ ) echo "ok [chmod]" ls -al /system/app/ADBLock.apk mount -o remount,ro /system || (echo "fail [mount]" && kill -SIGINT $$ ) echo "ok [mount]" pm uninstall net.cekage.adb_lock || (echo "fail [pm]" && kill -SIGINT $$ ) reboot
---
Android is full of handsome internals features which are reserved to elite class apps called "System" apps. It is this kind of hidden privileges that makes app "Settings" allowed to toggle ADB state whithout using ROOT mechanism.
Technically, System apps are classical apps : packaged in APK format and have to declare permissions. The only difference between standard and System apps is the location of the APK inside Android memory. Common apps use /data/app whereas System ones use /system/apps (this is a special and highly protected directory).
ADB-Lock knows if it runs in System mode and then use Android internals features (and eventually stops using ROOT mechanism).
- With a ready-to-use app from PlayStore : "/system/app mover". (not accurate for Android > 4.3)
- Via ADB shell :
k@mbp:~ $ adb shell mount | grep system /dev/block/sda6 /system ext4 ro,relatime,data=ordered 0 0
The default state of /system partition is read-only (ro), the first step to change this, is to become root :
k@mbp:~ $ adb shell shell@android:/ $ su shell@android:/ # id uid=0(root) gid=0(root) groups=1003(graphics) (…)
Then remount partition in rw modeshell@android:/ # mount -o remount,rw /system
With grep we can verify the rw state.shell@android:/ # mount | grep system /dev/block/sda6 /system ext4 rw,relatime,data=ordered 0 0
Systemize an app is basically copying apk from /data/app to /system/appshell@android:/ # cp /data/app/net.cekage.adb_lock*.apk /system/app/ADBLock.apk
Correcting rights management :shell@android:/ # chmod 644 /system/app/ADBLock.apk
Checking :shell@android:/ # ls /system/app/ADBL* /system/app/ADBLock.apk
Uninstall properly the "normal" app :shell@android:/ # pm uninstall net.cekage.adb_lock Success
Then rebootshell@android:/ # reboot
- Via a script plus a "root" interpreter (like this) :
## Basic script to pass ADBLock as system app. ## Common errors are handled. ## © CeKaGe - 2013 - WTFPL mount -o remount,rw /system || (echo "fail [mount]"; kill -SIGINT $$) echo "ok [mount]" cp /data/app/net.cekage.adb_lock*.apk /system/app/ADBLock.apk || (echo "fail [cp]" && kill -SIGINT $$ ) echo "ok [cp]" chmod 644 /system/app/ADBLock.apk || (echo "fail [chmod]" && kill -SIGINT $$ ) echo "ok [chmod]" ls -al /system/app/ADBLock.apk mount -o remount,ro /system || (echo "fail [mount]" && kill -SIGINT $$ ) echo "ok [mount]" pm uninstall net.cekage.adb_lock || (echo "fail [pm]" && kill -SIGINT $$ ) reboot
Aucun commentaire:
Enregistrer un commentaire