开发一整个网站要多久,多终端网站开发,wordpress配置页面跳转,重庆省建设厅网站特权应用 官网说明
特权应用是位于系统映像某个分区上 priv-app 目录下的应用#xff0c;如 system/priv-app/ 。
特权应用
相比安装在 system/app/ 目录的应用#xff0c;具有更高的权限。基本都是系统预装#xff0c;不可卸载。可以不是系统签名。
源码预制
源码下预…特权应用 官网说明
特权应用是位于系统映像某个分区上 priv-app 目录下的应用如 system/priv-app/ 。
特权应用
相比安装在 system/app/ 目录的应用具有更高的权限。基本都是系统预装不可卸载。可以不是系统签名。
源码预制
源码下预制到 priv 分区根据编译规则配置即可。
Android.mk
配置 LOCAL_PRIVILEGED_MODULE : true 如
LOCAL_PATH : $(call my-dir)include $(CLEAR_VARS)LOCAL_MODULE : LuoDemoLOCAL_MULTILIB : 32LOCAL_MODULE_CLASS : APPSLOCAL_MODULE_SUFFIX : $(COMMON_ANDROID_PACKAGE_SUFFIX)LOCAL_CERTIFICATE : platformLOCAL_PRIVILEGED_MODULE : trueLOCAL_SRC_FILES : $(LOCAL_MODULE)$(COMMON_ANDROID_PACKAGE_SUFFIX)include $(BUILD_PREBUILT)include $(call all-makefiles-under,$(LOCAL_PATH))
Android.bp
配置 privileged: true
android_app {name: LuoDemo,srcs: [src/**/*.java],certificate: platform,privileged: true,platform_apis: true,static_libs: [xz-java,androidx.leanback_leanback,androidx.appcompat_appcompat,],
}privapp-permissions 权限配置
特权应用申请的特殊权限需要在 xml 中声明权限。
如果不配置权限机器预制特权应用编译后开机可能会异常常见的表现是卡在开机Logo 或者 开机动画无限重启。 报错 log 中典型特征 Signature|privileged permissions not in privapp-permissions whitelist 完整log如下
--------- beginning of crash
10-16 14:18:39.065 3151 3151 E AndroidRuntime: *** FATAL EXCEPTION IN SYSTEM PROCESS: main
10-16 14:18:39.065 3151 3151 E AndroidRuntime: java.lang.IllegalStateException: Signature|privileged permissions not in privapp-permissions whitelist: {com.demo.permission: android.permission.DELETE_PACKAGES, com.demo.permission: android.permission.READ_NETWORK_USAGE_HISTORY, com.demo.permission: android.permission.READ_LOGS, com.demo.permission: android.permission.PACKAGE_USAGE_STATS, com.demo.permission: android.permission.CLEAR_APP_CACHE, com.demo.permission: android.permission.REAL_GET_TASKS, com.demo.permission: android.permission.READ_PRIVILEGED_PHONE_STATE}
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.server.pm.permission.PermissionManagerService.systemReady(PermissionManagerService.java:3118)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.server.pm.permission.PermissionManagerService.access$100(PermissionManagerService.java:122)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.server.pm.permission.PermissionManagerService$PermissionManagerServiceInternalImpl.systemReady(PermissionManagerService.java:3179)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.server.pm.PackageManagerService.systemReady(PackageManagerService.java:21886)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.server.SystemServer.startOtherServices(SystemServer.java:1995)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.server.SystemServer.run(SystemServer.java:513)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.server.SystemServer.main(SystemServer.java:350)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at java.lang.reflect.Method.invoke(Native Method)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:492)
10-16 14:18:39.065 3151 3151 E AndroidRuntime: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:916)配置 privapp-permissions 权限的方法如下任选其一即可。逐个说明。
原生 privapp-permissions-platform.xml
修改 frameworks/base/data/etc/privapp-permissions-platform.xml
根据 log 中的报错逐个添加权限添加如下
permissions privapp-permissions packagecom.demo.permissionpermission nameandroid.permission.DELETE_PACKAGES/permission nameandroid.permission.READ_NETWORK_USAGE_HISTORY/permission nameandroid.permission.READ_LOGS/permission nameandroid.permission.PACKAGE_USAGE_STATS/permission nameandroid.permission.CLEAR_APP_CACHE/permission nameandroid.permission.REAL_GET_TASKS/permission nameandroid.permission.READ_PRIVILEGED_PHONE_STATE//privapp-permissions/permissions厂商的 privapp-permissions-xxx.xml
厂商基本都有自己定制 privapp-permissions-xxx.xml 如
LOCAL_PATH: $(call my-dir)include $(CLEAR_VARS)
LOCAL_MODULE : privapp-permissions-xxx.xml
LOCAL_MODULE_CLASS : ETC
LOCAL_MODULE_PATH : $(TARGET_OUT)/etc/permissions
LOCAL_MODULE_TAGS : optional
LOCAL_SRC_FILES : privapp-permissions-xxx.xml
include $(BUILD_PREBUILT)include $(call all-makefiles-under,$(LOCAL_PATH))最终编译到 system/etc/permissions/
新增
自己新增一个 privapp-permissions-my.xml 文件在 device.mk 中拷贝到 system/etc/permissions/ 下
PRODUCT_COPY_FILES \device/tv201/DAEWOO/etc/permissions/privapp-permissions-my.xml:system_ext/etc/permissions/privapp-permissions-my.xml \此方法可能不完全适用谨慎使用。
提前获取应用的特殊权限
前面是根据报错 log 来知道特权应用申请的权限如果可以提前获取就可以避免编译耗时。
如果应用可以直接安装就可以用命令获取。
安装
先安装特权应用pm install -r --user 0 apkFilePath 。 -r 、–user 0 参数按需使用。
获取
用 pm get-privapp-permissions TARGET-PACKAGE 命令获取 get-privapp-permissions TARGET-PACKAGE Prints all privileged permissions for a package. 如
console:/ # pm get-privapp-permissions com.demo.permission
{android.permission.REAL_GET_TASKS, android.permission.PACKAGE_USAGE_STATS, android.permission.READ_PRIVILEGED_PHONE_STATE, android.permission.READ_LOGS, android.permission.READ_NETWORK_USAGE_HISTORY, android.permission.CLEAR_APP_CACHE, android.permission.DELETE_PACKAGES}
console:/ #这是串口获取的 adb 获取的话用 adb shell pm get-privapp-permissions TARGET-PACKAGE 。
源码分析
报错 log Signature|privileged permissions not in privapp-permissions whitelist 位于 frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java private void systemReady() {mSystemReady true;if (mPrivappPermissionsViolations ! null) {throw new IllegalStateException(Signature|privileged permissions not in privapp-permissions whitelist: mPrivappPermissionsViolations);}mPermissionControllerManager mContext.getSystemService(PermissionControllerManager.class);mPermissionPolicyInternal LocalServices.getService(PermissionPolicyInternal.class);}待续
