Hi Mark, how are you?

OK, and you?

I'm good

Well, I'll be better when I've got my problem solved

how can I help you?

My question is regarding obtaining root perms

I haven't done that, sorry

Let me give you some background

so, while I can try to help, I may not be of a ton of use

ok, well hopefully you can at least give me in the right direction

My company build a scientific instrument based Android and some custom hardware

so, Android is running on your hardware?

We are building our own AOSP image and some C++ services using Binder to talk to UI written in Java

One of the apps we have is an updater app that allows the user to choose a file from the sd card which is a zip file that can contain new versions of our app apks, service executables, etc

OK

We have an existing product that is built on API 17 and the updater app gains the ACCESS_SUPERUSER perm, then calls a script that it gets from the zip file using: ProcessBuilder("su", "-c", "sh", updateScriptPath);

The problem comes in trying to make that work on the new version of the device which is based on API 22

The ACCESS_SUPERUSER perm has been removed in 22

And that same su call fails with Perm denied

The app is a priviliged system app, living in /system/priv-app

it's signed with the platform cert

I'm attempting to use libsuperuser from https://su.chainfire.eu/

I can see the app is running in the u:r:platform_app:s0 secontextg

But it fails to gain su.

I can successfully execute a script that does not require elevated privs, so I'm confident the basic mechanism working

I can't help you with libsuperuser, or getting root generally

I there a different approach I should be considering?

I would not recommend updating your device this way

I would recommend that you speak with experts in creating Android hardware, such as Karim Yaghmour

Running an arbitrary shell script from removable media with root privileges is a security nightmare

I know

But there's no sensitive content, no PII, etc

but, let's assume for the moment that you are stuck with this setup

if it is your firmware and your AOSP build, you are in control of *everything*

yes

AFAIK, libsuperuser is for trying to make minimally-invasive changes to get root

in your case, you should be able to just make it happen

for example, you control the init scripts

and the selinux policies

so, I would consider having this update process be outside of the Android SDK entirely

to some extent, Android is just a really funny-looking Linux distro

like a script that runs on boot?

I don't know whether that would make sense in your case -- I mentioned init scripts as a level of control you have, more so than it necessarily being part of the solution

the init script looks for the update script in a known location, something like that?

runs it then deletes it?

I can't answer that, as I don't know enough about this overall process

my point is more that since you're not really working with normal Android stuff here anyway, pretend that you're on Ubuntu, and figure out how you would approach it there

then, figure out how to adapt that to Android

and do all of this from normal Linux binaries, not Android SDK apps

Android apps are tied to all these sandboxes, which is why all these root things are needed

you aren't limited to those sandboxes, since it is your firmware

so, I'd be looking more to how custom ROMs grant durable root access to some of their stuff

And when your Mac updates is downloads stuff then reboots, so users should be used to that paradigm

I cannot say whether that would make sense for your equipment, but it is certainly a possibility

Would a selinux policy be involved in granting durable root access?

I have no idea, sorry

I was looking for some message to that effect in dmesg

but didn't see any

I'm sorry that I could not be of greater assistance

but, that's a wrap for today's chat

ok, well thanks for your help

the next chat is Tuesday, also at 7:30PM US Eastern

the transcript will go up on https://commonsware.com/office-hours/ shortly

have a pleasant day!

you too