Thats some screwed up priorities if updates are more important than
the ability to actually install the update due to limited space...
And last I checked, android is pretty graceful about application data
suddenly being unavailable. It certainly isn't a big deal to add a few
checks on unmounting the media, i.e., that there are no open file
handles in that filesystem. Last I checked though, this is already
handled by the kernel. Ever try unmounting a filesystem with open file
handles? It doesn't let you.
Oh, and pulling the sdcard without unmounting (forget about powering
off, that's irrelevant), even if there are no apps installed to it,
should never be expected to be graceful. It can be expected to crash
whatever program might be holding open file handled, which is, of
course, the reason why filesystems must be unmounted.
As it stands, if you have apps installed to the SD card (unofficial
hack -- using unionfs/aufs), and you suddenly make that device
unavailable, you are guaranteed that launcher will crash, as well as
any apps running from the SD. The apps running from the SD will
disappear, launcher will restart. Android keeps on ticking. Note:
using the old symlink hack, result will be much more disastrous. Want
to make this more stable? Add native support for proper filesystems on
the sdcard, make additions to allow apps, app-data, and dalvik cache
(the three elements required by an installed app) to be stored in
multiple physical locations -- /data and some subdirectory within the
sdcard filesystem. Keep 2 separate app databases, 1 on the device and
1 on the sdcard. When the sdcard is mounted, open the sdcard database
and add to the launcher list. When the sdcard is unmounted (I mean via
the place in the menu where it says to unmount), kill any sdcard apps,
pull the apps from the sd-database from the launcher, unmount. If
that's done, the sdcard-apps won't crash since they're killed, and the
launcher won't crash. Simple.
I suspect that there really isn't much of a problem understanding
this, you just come up with the "we can't do it because we don't know
how" in order to hide the fact that the real reason is that you don't
want apps to leave the protection of the internal storage (in terms of
piracy). Well feel free to keep the protected apps internal -- let
unprotected apps install to sdcard. I find it really funny that with
my old palm treo (palmos5), I could physically rip out the sdcard even
with, say, tomtom running from it, and it wouldn't so much as
hiccup...
Now since this discussion is strongly related to extending the
usefulness of the device beyond designed support, it must be noted
that some of the silly limitations, such as the division of the
storage space as defined in the SPL, can be dealt with withOUT messing
with the SPL. I should point out that the SPL *has been hacked* for a
more sensible division of internal storage (
http://andblogs.net/
2009/05/new-spl/) A word of caution though, there have been a number
of people "brick" their device from it due to limited IPL
compatibility (only the latest works). Alternatively, an approach like
LVM can be used to combine and re-divide the space, OR EVEN just
spreading the data out over the 3 large partitions and symlinking as
required.