Create a service with root permission

[Ed Embedd]

Good morning all,

I would like to create a service with root permission on an Android device such that I can communicate with this service from a regular app. Assume I have access to the platform build, but would like the least amount of change to it. The service could have functions making native system calls or using restricted APIs, and the regular app would be able to use IPC with the service to do work requiring root permission.

I tried to follow the standard guide "Android-Adding SystemService", but the service is executed with system privileges and this is not enough to make it run correctly.

Does anyone can suggest an alternative way, or a guide, to reach my goal?

Thanks in advance, have a nice day,

Ed

[Kristopher Micinski]

FYI, these libraries already exist, why create another one?

http://code.google.com/p/roottools/

for example, does exactly this. Along with a number of other good libraries.

Is there any reason you can't try to adapt something that already
exists to do your work?

Kris

> --
> You received this message because you are subscribed to the Google Groups
> "android-platform" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/android-platform/-/-vRIVYXZPhQJ.
> To post to this group, send email to android-...@googlegroups.com.
> To unsubscribe from this group, send email to
> android-platfo...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/android-platform?hl=en.

[Ed Embedd]

Well I have a native c code that need to be executed as root. this c code must run like a systemservice and must communicate with a normal activity (like bluetooth daemon and telephony do)

To do this I compiled my code as a shared lib that will be executed by systemServer.java (ServiceManager.addService) at startup. The problem is that the lib must be executed as root but systemServer runs as system.

Thanks

Ed.  

[rasputin]

It's a lonf shut but maybe u start by lerning how to gain root user privileges here:

http://android.stackexchange.com/questions/9307/how-do-i-grant-root-privileges-to-an-app

and then write a code for it ....wish u the best luck.

[David Turner]

I don't think running Dalvik VM processes as root are supported at all, and for good reason.

However, you can implement a small regular executable and use init.rc to start it when needed (either at boot-time or when an certain even is triggered). The "init" program will even create the Unix socket for it so your code won't need to.

Then have either your application talk to it directly, or if some restricted framework APIs are needed, use an intermediate system service that talks to your root process when needed, and answers queries from the app.

--

[Ed Embedd]

Il giorno mercoledì 9 gennaio 2013 11:33:14 UTC+1, Digit ha scritto:

I don't think running Dalvik VM processes as root are supported at all, and for good reason.

Yes I understand.

 

However, you can implement a small regular executable and use init.rc to start it when needed (either at boot-time or when an certain even is triggered). The "init" program will even create the Unix socket for it so your code won't need to.

Then have either your application talk to it directly,

This is actually the only "simple" way I found to reach my goal. Do you know if is possible to prevent the system to kill the service started with init?

 

or if some restricted framework APIs are needed, use an intermediate system service that talks to your root process when needed, and answers queries from the app.

Do you mean a sort of proxy for the ipc?

Thanks

[Dianne Hackborn]

We really, really, extremely, strongly recommend AGAINST running things as root.

In 99% of the cases, this should not be needed.

If your code needs access to some kernel driver or such that is only available as root, you should fix that to be properly permissioned so that you can run as a normal user and get access to it.  For example this is often done by assigning a unique gid to it, associating and Android framework permission with that gid (making it signature only), and giving your own code that permission so it can run as that gid and access the kernel facility.

To view this discussion on the web visit https://groups.google.com/d/msg/android-platform/-/9kj_6Om01GYJ.

To post to this group, send email to android-...@googlegroups.com.
To unsubscribe from this group, send email to android-platfo...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-platform?hl=en.

--
Dianne Hackborn
Android framework engineer
hac...@android.com

Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails.  All such questions should be posted on public forums, where I and others can see and answer them.

[Karim Yaghmour]

Comment inlined:

On 13-01-08 11:53 AM, Ed Embedd wrote:

Good morning all,

I would like to create a service with root permission on an Android device such that I can communicate with this service from a regular app. Assume I have access to the platform build, but would like the

I'm assuming you're really looking for a *system* service, not just a regular service component that uses the service API published by the SDK.

least amount of change to it. The service could have functions making native system calls or using restricted APIs, and the regular app would be able to use IPC with the service to do work requiring root permission.

I tried to follow the standard guide "Android-Adding SystemService", but the service is executed with system privileges and this is not enough to make it run correctly.

Pretty cool, I hadn't seen this adaptation of my slides. Thx for pointing this out.

If you want a plug-and-play version, have a look at:
http://www.opersys.com/blog/extending-android-hal
https://github.com/opersys/opersys-hal-hw

Does anyone can suggest an alternative way, or a guide, to reach my goal?

And yes, both the example you found and what I'm pointing you to here will run as "system", not root. That's because in both cases the system service is added to the system_server process which itself is running as "system". Note that *NONE* of the processes housing system services is running as root. Here's are relevant ps snippets from 4.2 (servicemanager and zygote don't run system services, but they're relevant):
system    30    1     836    348   c0195c08 40036fc0 S /system/bin/servicemanager
...
system    36    1     16704  5412  ffffffff 4006bfc0 S /system/bin/surfaceflinger
...
root      37    1     166052 34808 ffffffff 400370e4 S zygote
...
media     39    1     28196  6872  ffffffff 4008afc0 S /system/bin/mediaserver
...
system    272   37    254784 41392 ffffffff 40036fc0 S system_server
...
radio     403   37    195408 27788 ffffffff 40037ebc S com.android.phone

In the cases where system services need some form of root access, the architecture that's relied on is to have a native C daemon running in the background and servicing a Java-based system service through a socket. Ex.:
phone service -> rild
mount service -> vold
package manager ->installd
etc.
In all those cases, the system service on the left runs as  "system" and the daemon on the right runs as some other user. Further ps snippets:
root      31    1     4008   824   ffffffff 4003e76c S /system/bin/vold
root      33    1     8632   1232  ffffffff 4006a76c S /system/bin/netd
...
radio     35    1     5468   836   ffffffff 4003776c S /system/bin/rild
...
install   40    1     848    440   c021db90 40036d50 S /system/bin/installd
...

I'm not 100% sure as to why this architecture has been chosen, but that's the template you'll find replicated. So you might want to stick with something like that.

If you want to be original then check out how "am", "pm" and "svc" are implemented. They all use app_process to start a Dalvik VM off the command line and proceed to talk to a system service through Binder. You could, I guess, write one that actually acts as a system service and that is started by init as a root process. Let me know if you do that, I'd be curious to see the code. You could also check out the surfaceflinger which is a system service written in C but that doesn't run as root. You could add your own that does.

Hope this helps,

-- 
Karim Yaghmour
CEO - Opersys inc. / www.opersys.com
http://twitter.com/karimyaghmour

[Kristopher Micinski]

On Wed, Jan 9, 2013 at 4:00 PM, Dianne Hackborn <hac...@android.com> wrote:
> ver or such that is only available as root, you should fix that to be
> properly permissioned so that you can run as a normal user and get access to
> it. For example this is often done by assigning a unique gid to it,
> associating and Android framework permission with that gid (making it
> signature only), and giving your own code that permission so it can run as
> that gid and access the kernel facility.

Agreed: generally these root libraries generally come off as hacks...

kris

[Ed Embedd]

Well, my service need to set a bluetooth class directly with bluez api, this needs the root permission because be part of the bluetooth group isn't enough and this service is essential for my embedded system.

I really thanks you for your answer but I ask you to be, if possible, more clear and add some details or suggest a guide that help to follow the official google way.

Thanks and have a nice day

[Ed Embedd]

Il giorno mercoledì 9 gennaio 2013 22:19:27 UTC+1, Karim Yaghmour ha scritto:

Comment inlined:

On 13-01-08 11:53 AM, Ed Embedd wrote:

Good morning all,

I would like to create a service with root permission on an Android device such that I can communicate with this service from a regular app. Assume I have access to the platform build, but would like the

I'm assuming you're really looking for a *system* service, not just a regular service component that uses the service API published by the SDK.

Exactly!

 

least amount of change to it. The service could have functions making native system calls or using restricted APIs, and the regular app would be able to use IPC with the service to do work requiring root permission.

I tried to follow the standard guide "Android-Adding SystemService", but the service is executed with system privileges and this is not enough to make it run correctly.

Pretty cool, I hadn't seen this adaptation of my slides. Thx for pointing this out.

You are welcome

The above method is what I have in mind. I don't want to abuse of the root permission, but this service is the core of my embedded system and this is the well documented way I have found

 

I'm not 100% sure as to why this architecture has been chosen, but that's the template you'll find replicated. So you might want to stick with something like that.

If you want to be original then check out how "am", "pm" and "svc" are implemented. They all use app_process to start a Dalvik VM off the command line and proceed to talk to a system service through Binder. You could, I guess, write one that actually acts as a system service and that is started by init as a root process. Let me know if you do that, I'd be curious to see the code. You could also check out the surfaceflinger which is a system service written in C but that doesn't run as root. You could add your own that does.

You know, with android when you try something original it will end with a complete madness :-)

 

Hope this helps,

Thanks you VERY much, it will help for sure!

Have a nice day,

Ed

[Kaveh Ghaboosi]

Hi Ed,

Did you get arund this problem? I have a very similar problem as yours and am trying to figure out if there is any clean way to do this.

What I am trying to do is to run SendIP that is invoked from my app. More specifically, I have built shared libraries from SendIP C source codes and am able to load them via System.loadLibrary("..."); When trying to issue native calls, which in turn attempt to open a Raw Socket, I get the error exit value indicating that Raw Socket couldn't be opened. After googling, it turned out that it needs root permission. Like your scenario, the process on which the app is running does not have root permssion, even if you push your app into /system/app. My device is rooted but that still doesn't work. I even tried issuing Process process = Runtime.getRuntime().exec("su") despite I know that would not work. No luck so far. I learned about SystemService but also learned it brings the Service up with System permission, not root. My last hope is edit my device init.c or some other ways if known to you. So, I would like to know if you happen to get around with this? Any help or hint is highly appreciated.

Thanks,
Kaveh Ghaboosi

[Kaveh Ghaboosi]

By the way, forgot to mention that even building the source codes to an executable and attempting to run it from Java did not work either.

Thanks,
Kaveh

On Tuesday, January 8, 2013 8:53:32 AM UTC-8, Ed Embedd wrote:

[Kaveh Ghaboosi]

Hi Mahesh,

Thanks a lot for your post but this does not help. I don't know if you have ever tried this by yourself but I have taken this route long time ago and it didn't work. When passing su command to the Runtime instance you obtain using Runtime.getRuntime() to be executed by exec(), you simply create a sub-process within the DVM instance which is being hosted by yet another process that has no root permission privilege. In other words, you cannot create a sub-process with root permission separately from the original process upon which your application is running. If you try this, you would get a message on your standard error console like su: uid xxx not allowed to issue su. If you do ps ax you will find the process on which your application in Java land is running has the same uid and process ID as indicated here (at least this is the case in all scenarios I have attempted, which seems to be the same as other folks' observation after couple of days of Googling around in forums). Even having the device being rooted does not help, which is obvious. The solution to this, which has been discussed in this thread briefly too is to create your own native service with root permission and use either binder or UNIX sockets to communicate with it. You could communicate with that service either from a native client or from Java land using magic JNI wrappers, specifically designed for this purpose. I am working on this option and seems to be working. Let me know if you think there are something missing here or you have better thoughts to share. Thoughs and suggestions are certainly welcome!

Cheers,
Kaveh


On Sunday, May 18, 2014 7:55:20 AM UTC-7, Mahesh Vt wrote:

Hi,

        This link might give you some info :

https://groups.google.com/forum/#!searchin/android-platform/calling$20native$20method$20with$20root$20mode/android-platform/84lXod3s1Sk/vSH-3IUKO1IJ

Best Regards,

Mahesh V Talewad

--

You received this message because you are subscribed to the Google Groups "android-platform" group.

To unsubscribe from this group and stop receiving emails from it, send an email to android-platfo...@googlegroups.com.

To post to this group, send email to android-...@googlegroups.com.

Visit this group at http://groups.google.com/group/android-platform.
For more options, visit https://groups.google.com/d/optout.

[Noy Cohen]

Kaveh,

I'm curios - did you ever manage to implement a system service with root permission? Does it have to be a native service or will a service registered in SystemServer.java do? I'm stuck with this problem and will definitely love to learn from your experience! Any code examples are most welcome :)

Thanks in advance,

Noy