F-Droid Privilege Extension that works with Shizuku (rootless)

Overview

F-Droid Shizuku Privileged Extension

This is a port of the official F-Droid Privileged Extension to Shizuku, an app that makes it easy to grant apps ADB permissions.

When the app is installed, F-Droid will automatically detect it and use it to perform non-interactive app installations.

Installation

Use the F-Droid repo: https://depau.github.io/fdroid_shizuku_privileged_extension/fdroid/repo/

Make sure you open the app after installing it, so it can request the required permissions.

Android 13 gotchas

Android 13 doesn't allow new apps to send notifications, so the app can't ask you to grant the Shizuku permission when needed.

To work around this, make sure you open the app once and grant the permission manually.

License

This app is a fork of the official F-Droid Privileged Extension, which is licensed under the Apache License, Version 2.0.

Some parts of the codebase are based on the Shizuku API demo app, which is licensed under the MIT license.


Here's relevant parts of the original README

F-Droid Privileged Extension

This enables F-Droid to install and delete apps without needing "Unknown Sources" to be enabled ( e.g. just like Google Play does). It also enables F-Droid to install updates in the background without the user having to click "install".

When F-Droid is installed as a normal Android app, installing, updating, and removing apps can only be done by sending requests to the Android operating system. F-Droid cannot execute these operations itself. Android shows a screen on every install/update/delete to confirm this is what the user actually wants. This is a security feature of Android to prevent apps or websites from installing malware without user intervention.

F-Droid Privileged Extension grants elevated permissions to F-Droid, which allows it to do installs and uninstalls without needing user approval. It gives only F-Droid access to its install and delete commands. In order for F-Droid Privileged Extension to get these "privileged" powers, it must be installed as part of your system by either being flashed as an update.zip or by being built into an Android device or ROM. On Android 4 and older, it can be installed directly if you have root on your device.

Design

F-Droid Privileged Extension is designed on the principals of "least privilege", so that elevated powers are only granted where they are absolutely needed, and those powers are limited as much as possible. Therefore, the code that runs with increased powers is very small and easy to audit. This is in contrast to how typical built-in app stores are granted all of the privileges available to a " system priv-app".

Advantages of this design:

  • "Unknown Sources" can remain disabled
  • Can easily be built into devices and ROMs
  • Reduced disk usage in the system partition
  • System updates don't remove F-Droid

Building with Gradle

Build a complete "update.zip" to flash to a device to install F-Droid and the Privileged Extension:

./create_ota.sh debug binaries

Build an "update.zip" to flash to a device to install just the Privileged Extension:

./create_ota.sh debug

Build the standalone APK using:

./gradlew assembleRelease

In order to have final, signed release versions that are ready for installing, a release signing key must be set up in signing.properties with these contents:

key.store=/path/to/release-keystore.jks
key.store.password=mysecurestorepw
key.alias=release
key.alias.password=mysecurekeypw

Supporting a different app

It is possible to use Privileged Extension with any app. To do that, make a "whitelabel" build of Privileged Extension that includes the Application ID, key fingerprint, and app name for the app that the custom build will support. These are set by the script below, and should be committed to a fork git repo:

$ export ApplicationID=my.app
$ export AppName=MyApp
sed -i "s,org.fdroid.fdroid.privileged,$ApplicationID,g" \
    create_ota.sh app/src/main/scripts/*
$ sed -i "s,F-Droid,$AppName,g" \
    create_ota.sh app/build.gradle app/src/main/scripts/* \
    app/src/main/res/values*/strings.xml

Testing in the Emulator

To test the Privileged Extension in the emulator, one has to modify the system.img file. It is located under the Android SDK install path. For example, here is the android-23 (Marshmallow, 6.0) x86_64 image with Google APIs:

$ANDROID_HOME/system-images/android-23/google_apis/x86_64/system.img

To install it, first build the standalone APK, and then run these in the base directory of this git repo. This copies the APK into the right place, and sets up the correct SELinux context.

android-14 through android-25

$ ./gradlew assembleDebug
$ mkdir /tmp/system
$ sudo mount -o loop /path/to/system.img /tmp/system
$ sudo mkdir /tmp/system/priv-app/F-DroidPrivilegedExtension
$ sudo cp app/build/outputs/apk/F-DroidPrivilegedExtension-debug.apk \
    /tmp/system/priv-app/F-DroidPrivilegedExtension/F-DroidPrivilegedExtension.apk
$ sudo chcon -R --reference=/tmp/system/app/webview /tmp/system/priv-app/F-DroidPrivilegedExtension
$ sudo umount /tmp/system

android-26 and newer

Starting with android-26, the system.img files have a different format that needs to be unpacked before it can be mounted. It has to be repacked after mounting as well. This requires the simg2img and make_ext4fs utilities.

$ sudo apt-get install android-tools-fsutils
$ ./gradlew assembleDebug
$ simg2img /path/to/system.img system.img.raw
$ mkdir /tmp/system
$ sudo mount -t ext4 -o loop system.img.raw /tmp/system
$ sudo mkdir /tmp/system/priv-app/F-DroidPrivilegedExtension
$ sudo cp app/build/outputs/apk/F-DroidPrivilegedExtension-debug.apk \
    /tmp/system/priv-app/F-DroidPrivilegedExtension/F-DroidPrivilegedExtension.apk
$ sudo chcon -R --reference=/tmp/system/app/webview /tmp/system/priv-app/F-DroidPrivilegedExtension
$ make_ext4fs -s -T -1 -S file_contexts -L system -l 512M -a system system.img.new /tmp/system
$ sudo umount /tmp/system
$ mv system.img.new /path/to/system.img

Upon booting the emulator, it should have the Privileged Extension installed. It is also possible to install the F-Droid app this way, or via the normal methods.

via adb on android-19 and older

On old Android versions (4.4 and older), it is possible using only adb, but then each time the emulator is rebooted, it will lose the changes. Take a snapshot after completing this process to save the state.

$ adb -e root
$ adb -e remount
$ adb -e shell mkdir /system/priv-app/F-DroidPrivilegedExtension
$ sudo cp app/build/outputs/apk/F-DroidPrivilegedExtension-debug.apk \
    /tmp/system/priv-app/F-DroidPrivilegedExtension/F-DroidPrivilegedExtension.apk
$ sudo chcon -R --reference=/tmp/system/app/webview /tmp/system/priv-app/F-DroidPrivilegedExtension
You might also like...
FairEmail is easy to set up and works with virtually all email providers, including Gmail, Outlook and Yahoo!
FairEmail is easy to set up and works with virtually all email providers, including Gmail, Outlook and Yahoo!

Downloads • Privacy • Support • License FairEmail Fully featured, open source, privacy oriented email app for Android FairEmail is easy to set up and

The unofficial Syncplay client for Android. Works with the Desktop version of Syncplay !

SyncPlay BETA: About Syncplay BETA: This is the UNOFFICIAL Syncplay client for Android. If you don't know Syncplay, have a look here: https://syncplay

Let third-party launcher always get themed icon in MIUI (Maybe also works for other Android based OS).
Let third-party launcher always get themed icon in MIUI (Maybe also works for other Android based OS).

English 简体中文 Introduction This module can let third party launcher always use icons with MIUI/Flyme Themes. It may also work with other custom Android

A VS Code killer that actually works.

VS Code Killer A VS Code killer that actually works. Background Recently, JetBrains released a public preview of their new IDE called Fleet. Many peop

A Python native extension written in Kotlin Native

Kotlin Python Ext This is a proof of concept for a Python extension in Kotlin. It is recommended to read the Official Python C API Documentation befor

Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth

Log4J Scanner Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth. Disclaimer I am not responsible for your actions, bur

ADX provides extension functions and lint.

ADX: Android development extensions Overview ADX provides extension functions and lint. Installation ADX implementation "com.github.wada811.adx:adx:$v

The Launcher3 fork known as Rootless Pixel Launcher

The Launcher3 fork known as Rootless Pixel Launcher

Mi-FreeForm - An APP that is activated through Shizuku/Sui and can display most apps in the form of freeform
Mi-FreeForm - An APP that is activated through Shizuku/Sui and can display most apps in the form of freeform

Mi-FreeForm 简体中文 Mi-FreeForm is an APP that is activated through Shizuku/Sui and

ZRoot is a library that makes it easy to use root on Android, such as calling system service with root privilege.

ZRoot is a library that makes it easy to use root on Android, such as calling system service with root privilege. Usage See sample or user guide

Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`
Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`

Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`

A library that checks for your apps' updates on Google Play, GitHub, Amazon, F-Droid or your own server. API 9+ required.
A library that checks for your apps' updates on Google Play, GitHub, Amazon, F-Droid or your own server. API 9+ required.

AppUpdater Android Library Android Library that checks for updates on Google Play, GitHub, Amazon, F-Droid or your own server. This library notifies y

F-Droid client with Material UI.
F-Droid client with Material UI.

Droid-ify A quick material F-Droid client. 📖 Features Material F-Droid style No cards or inappropriate animations Fast repository syncing Standard An

Unofficial F-Droid client in the style of the classic one.
Unofficial F-Droid client in the style of the classic one.

Foxy Droid Yet another F-Droid client. Description Unofficial F-Droid client in the style of the classic one. Jump over the lazy dog, manage repositor

Candroid does things different. The Candroid app store is a library of APK client wrappers (F-Droid, APKPure, etc.) For the main Candroid app store, try visiting the Candroid Market.
Candroid does things different. The Candroid app store is a library of APK client wrappers (F-Droid, APKPure, etc.) For the main Candroid app store, try visiting the Candroid Market.

Candroid App Store Candroid does things different. The Candroid app store is a library of APK client wrappers (F-Droid, APKPure, etc.) For the main Ca

Support extension to use Android ViewBinding quickly and smooth transform from kotlin-synthetic-extension.

ViewBinding Delegate Extension Support extension to use Android ViewBinding quickly and smooth transform from kotlin-synthetic-extension. Binding inst

LiveEdgeDetection is an Android document detection library built on top of OpenCV. It scans documents from camera live mode and allows you to adjust crop using the detected 4 edges and performs perspective transformation of the cropped image.  It works best with a dark background. Provides 9-patch based drop shadow for view elements. Works on API level 9 or later.
Provides 9-patch based drop shadow for view elements. Works on API level 9 or later.

Material Shadow 9-Patch This library provides 9-patch based drop shadow for view elements. Works on API level 14 or later. Target platforms API level

RoboDemo is a ShowCase library for Android to demonstrate to users how a given Activity works.
RoboDemo is a ShowCase library for Android to demonstrate to users how a given Activity works.

RoboDemo RoboDemo is a ShowCase library for Android to demonstrate to users how a given Activity works. A sample is available in the download area of

Comments
  • fdroid updates stalled

    fdroid updates stalled

    After installing the Shizuku Fdroid Privileged Extension, it is impossible to install updates as they keep on going forever in "Downloading and Installing" status in the app and in the notification bar as well.

    Samsung Note9 Android 10 Latest Fdroid Latest fdroid_shizuku_privileged_extension

    opened by sn0wD4N 1
Owner
Davide Depau
Into guys, Arch Linux, sleeping and decompilers. Computers were a mistake. He/Him.
Davide Depau
Unofficial F-Droid client in the style of the classic one.

Foxy Droid Yet another F-Droid client. Description Unofficial F-Droid client in the style of the classic one. Jump over the lazy dog, manage repositor

null 355 Dec 26, 2022
RoboDemo is a ShowCase library for Android to demonstrate to users how a given Activity works.

RoboDemo RoboDemo is a ShowCase library for Android to demonstrate to users how a given Activity works. A sample is available in the download area of

Stéphane Nicolas 220 Nov 25, 2022
A 2020s compatible React Native keyboard avoiding view for Android and iOS that just works.

react-native-keyboard-shift Example Snack coming soon Until then: Clone this repo: git clone https://github.com/FullStackCraft/react-native-keyboard-s

Full Stack Craft 66 Aug 16, 2022
📲💬 react-native-fontext is a lightweight library to integrate fonts in your React Native application that works seamlessly in android and iOS devices.

React Native Fontext react-native-fontext is a lightweight library to integrate fonts in your React Native application that works seamlessly in androi

mroads 9 Dec 3, 2021
Works Planning Application

Works Planning Application Clean Architecture MVVM Room database Binding Adapters Data Binding View Binding RecyclerView.Adapter DiffUtil LiveData Vie

null 0 Nov 23, 2021
A rewrite of the popular project GitUp that works in Linux, Mac, and Windows.

GitDown This is a rewrite from the ground up of the popular GitUp library available on Mac. It is built using Kotlin and Compose Desktop from Jetbrain

Cody Mikol 20 Dec 16, 2022
You can store all your password, bank details, card details in one place and remember only one master PIN. The application works totally offline.

Keep Password An application where you can store all your password, bank details, card details in one place and remember only one master PIN. The appl

rıdvan 4 Apr 18, 2022
A dictionary that works out of box

Easydict A dictionary that works out of box Features Basic dictionary functions, query word, show the definition and translation Show the query histor

chen_null 0 May 16, 2022
A Kotlin Mindustry mod that works on Android and PC

Mindustry Kotlin Mod Template A Kotlin Mindustry mod that works on Android and PC. This is equivalent to the Java version, except in Kotlin. Building

Eclipse 15 Sep 24, 2022
SyncPlay - The unofficial Syncplay client for Android. Works with the Desktop version of Syncplay

About SyncPlay BETA: The unofficial Syncplay client for Android. Works with the

null 34 Dec 31, 2022