Difference between revisions of "Android"
m |
|||
(293 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
* [https://secure.wikimedia.org/wikipedia/en/wiki/Google_android Wikipedia] |
* [https://secure.wikimedia.org/wikipedia/en/wiki/Google_android Wikipedia] |
||
===App stores=== |
===App stores=== |
||
− | * [ |
+ | * [https://play.google.com/store Google Play] |
+ | Alternate views on the official market: |
||
− | ** [http://appslib.com/ AppsLib] |
||
− | + | * [http://www.androlib.com/ AndroLib] |
|
− | + | * [http://www.cyrket.com/m/android/ Cyrket] |
|
+ | Alternate markets: |
||
− | ** [http://www.handmark.com/ Handmark] |
||
− | + | * [http://appslib.com/ AppsLib] |
|
− | + | * [http://andspot.com/ AndSpot] (beta) |
|
− | + | * [http://www.getjar.com/ GetJar] |
|
− | + | * [http://www.handmark.com/ Handmark] |
|
− | + | * [http://www.mobango.com/ Mobango] |
|
− | + | * [http://www.handango.com/ Handango] |
|
− | + | * [http://www.explorepda.com/ explorePDA] |
|
− | + | * [http://www.mikandi.com/ MiKandi] |
|
− | + | * [http://corporate.mobihand.com/default.asp MobiHand] |
|
+ | * [http://www.mobspot.com/ Mobspot] |
||
+ | * [http://www.smartphone.net/ Smartphone.net] |
||
+ | * [http://www.androidgear.com/ AndroidGear] |
||
+ | * [http://slideme.org/ SlideME] |
||
+ | |||
===User manuals=== |
===User manuals=== |
||
− | * [ |
+ | * [https://support.google.com/nexus Android for Nexus devices] |
+ | <!--* [http://www.htc.com/uk/userguide.aspx?p_id=316 HTC Wildfire Manual] |
||
+ | * [http://www.samsung.com/us/Nexus_S_Owners_Guide/ Nexus S Manual] |
||
+ | Some internals info [http://wiki.freesmartphone.org/index.php/Hardware/Nexus_S/Interfaces here]--> |
||
+ | |||
+ | ==Short notes== |
||
+ | ===ADB=== |
||
+ | To reveal developer menu, tap 10x on "settings/about/build nr" |
||
+ | <br>Then enable usb debug. |
||
+ | <br>USB debugging is [http://nelenkov.blogspot.jp/2013/02/secure-usb-debugging-in-android-422.html pretty secured] since Jelly Bean but beware for older versions! |
||
+ | |||
+ | Since Android 5.0.1, it's required to use at least [https://skia.googlesource.com/skia/+archive/cd048d18e0b81338c1a04b9749a00444597df394/platform_tools/android/bin/linux.tar.gz adb v1.0.32]. |
||
+ | |||
+ | apt-get install android-tools-adb |
||
+ | |||
+ | Note that from recovery, you can also use adb: |
||
+ | * adb shell |
||
+ | * adb sideload update.zip |
||
+ | * adb push |
||
+ | etc |
||
+ | ===Fastboot=== |
||
+ | apt-get install android-tools-fastboot |
||
+ | |||
+ | ====USB permissions on the host==== |
||
+ | Create /etc/udev/rules.d/99-android.rules for Nexus phones: |
||
+ | <pre> |
||
+ | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", MODE="0666", OWNER="<your_account>" # all Nexus |
||
+ | </pre> |
||
+ | Then execute /etc/init.d/udev reload |
||
+ | |||
+ | ====To enter Fastboot mode==== |
||
+ | * Power off phone |
||
+ | * Depends on the phone, e.g.: |
||
+ | ** Nexus S: keep volume-up pressed while pressing power on for 5 secs |
||
+ | ** Nexus 4: keep volume-down pressed while pressing power on for 5 secs |
||
+ | ** Nexus 5: keep volume-down pressed while pressing power on for 5 secs |
||
+ | ** You've entered fastboot |
||
+ | See https://source.android.com/source/running.html for other models |
||
+ | |||
+ | Alternatively, fastboot can be triggererd from adb: adb reboot bootloader |
||
+ | |||
+ | ===OEM unlock=== |
||
+ | Necessary step before being able to flash partitions or boot on alternative recovery. |
||
+ | |||
+ | '''''This will wipe ALL DATA!!!''''' |
||
+ | fastboot oem unlock |
||
+ | ===OEM unlock for rooted devices=== |
||
+ | Once the device has been unlocked and rooted, it can be locked/unlocked again without wiping all the data, at least on some phone models. |
||
+ | <br>Install [https://play.google.com/store/apps/details?id=net.segv11.bootunlocker&hl=en BootUnlocker] |
||
+ | |||
+ | ===Factory images for Nexus phones=== |
||
+ | * https://developers.google.com/android/nexus/images |
||
+ | |||
+ | Typical usage: (requires OEM unlock) |
||
+ | tar xzf CODENAME-VERSION-factory-CHECKSUM.tgz |
||
+ | cd CODENAME-VERSION |
||
+ | ./flash-all.sh |
||
+ | |||
+ | To avoid erasing user data: |
||
+ | <br>Very important if you want to keep your data!!! Edit flash-all.sh and replace |
||
+ | fastboot -w update image-....zip |
||
+ | by |
||
+ | fastboot update image-....zip |
||
+ | |||
+ | ===Recovery=== |
||
+ | ====TWRP==== |
||
+ | * https://twrp.me/Devices/ |
||
+ | ====ClockworkMod==== |
||
+ | * http://www.clockworkmod.com/rommanager |
||
+ | ====Usage==== |
||
+ | Flashing an alternative recovery (requires OEM unlock): |
||
+ | fastboot flash recovery recovery-clockwork-VERSION-CODENAME.img |
||
+ | |||
+ | Booting (without flashing) an alternative recovery (requires OEM unlock): |
||
+ | fastboot boot recovery-clockwork-VERSION-CODENAME.img |
||
+ | ====Stock recovery==== |
||
+ | To show menu with Nexus stock recovery, it depends on the phone, e.g.: |
||
+ | * Nexus 4: hold "power" and press "volume-up" |
||
+ | * Nexus 5: press & release quickly volume-up & power a few times |
||
+ | |||
+ | ===Rooting=== |
||
+ | ====SuperSU==== |
||
+ | Requires OEM unlock, see above fastboot oem unlock (! erase all) and see below BootUnlocker (for already rooted) |
||
+ | <br>Requires e.g. TWRP recovery |
||
+ | <br>Requires e.g. [http://download.chainfire.eu/supersu ChainFire SuperSU] (you can check [http://forum.xda-developers.com/apps/supersu forum] for beta releases) |
||
+ | adb reboot bootloader |
||
+ | fastboot boot recovery-xxx.img |
||
+ | # In recovery, choose Advanced / Install zip / from sideload |
||
+ | adb sideload UPDATE-SuperSU-v2.xx.zip |
||
+ | # Reboot (and decline erasing recovery updater install-recovery.sh) |
||
+ | |||
+ | ====Rooting Android M==== |
||
+ | Rooting method has changed quite a bit and is still uncertain as those lines are written, see e.g. http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344 |
||
+ | |||
+ | ====Rooting securely==== |
||
+ | Rooting can be done securely if: |
||
+ | * bootloader is locked again |
||
+ | ** problem is that unlocking would erase again the data |
||
+ | ** see below BootUnlocker which allows on rooted Nexus to toggle bootloader without deleting data |
||
+ | * keep stock recovery |
||
+ | * SuperSU is locked with a PIN |
||
+ | ** this requires the Pro version |
||
+ | * SuperSU always require the PIN to authorize an app |
||
+ | ** or be very careful which ones you authorize permanently |
||
+ | |||
+ | ====Rooting and OTA==== |
||
+ | By experience, it's always quite difficult to apply an OTA on a rooted phone, even after having attempted to unroot the phone. |
||
+ | <br>So I prefer to apply a full factory image (being careful not to overwrite the data) and root it again. |
||
+ | <br>If latest factory image isn't available yet, flash the latest available then apply the regular OTA before rooting. |
||
+ | |||
+ | ====Prevent OTA==== |
||
+ | Normally rooting is enough to prevent OTA but to be sure, one can touch build.prop (so its sha1sum won't match anymore) |
||
+ | adb shell |
||
+ | su |
||
+ | mount -o remount,rw /system |
||
+ | echo "# Remove me to allow OTA update" >> /system/build.prop |
||
+ | mount -o remount,ro /system |
||
+ | ====Attempt OTA==== |
||
+ | I don't recommend it as most attempts end in an infinite loop after the reboot. |
||
+ | |||
+ | When ready to really do OTA update: |
||
+ | |||
+ | 1. '''Unlock bootloader with BootUnlocker''', super critical step!!! |
||
+ | |||
+ | 2. Make a backup of the proposed OTA patch, just in case |
||
+ | adb shell |
||
+ | ls -l /cache |
||
+ | adb pull /cache/update.zip |
||
+ | |||
+ | 3. Restore build.prop: |
||
+ | adb shell |
||
+ | su |
||
+ | mount -o remount,rw /system |
||
+ | sed -i '/Remove me/d' /system/build.prop |
||
+ | # or if you don't have sed/busybox: |
||
+ | grep -v "Remove me" /system/build.prop > /sdcard/build.prop.tmp |
||
+ | cat /sdcard/build.prop.tmp > /system/build.prop |
||
+ | rm /sdcard/build.prop.tmp |
||
+ | mount -o remount,ro /system |
||
+ | |||
+ | 4. Restore /system/bin/install-recovery.sh |
||
+ | <br>SuperSU may have hijacked /system/bin/install-recovery.sh. If so, we need to restore it. Unfortunately using "full unroot" won't help, see [https://www.reddit.com/r/Nexus5/comments/2zdc8b/ here] (and you'll get stuck unrooted!) so we'll restore it manually. |
||
+ | adb shell |
||
+ | su |
||
+ | ls -l /system/bin/install-recovery* |
||
+ | # should be fixed or not? |
||
+ | mount -o remount,rw /system |
||
+ | mv /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh |
||
+ | mount -o remount,ro /system |
||
+ | |||
+ | 5. Install proposed OTA update from Android itself |
||
+ | |||
+ | 5b. Check recovery logs |
||
+ | <br>In case the automatic update failed, check the recovery logs: |
||
+ | <br>At this point you should be already in stock recovery, if not, go to recovery |
||
+ | <br>Keep power button pressed and press volume-up to get the menu |
||
+ | <br>Go to "view recovery logs" |
||
+ | |||
+ | 5c. Install proposed OTA update manually from a local copy on the PC |
||
+ | adb reboot recovery |
||
+ | Keep power button pressed and press volume-up to get the menu |
||
+ | <br>Go to "apply update from ADB" |
||
+ | adb sideload update.zip |
||
+ | |||
+ | 6. Reboot and let the system updating its apps |
||
+ | <br>If it seems to stand forever with the boot logo, you can have a look at the same time to the system logs: |
||
+ | adb logcat |
||
+ | Seeing looping logs with a repetition of |
||
+ | >>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<< |
||
+ | is a bad sign, time for a full ROM recovery! |
||
+ | |||
+ | 7. Root again, see [[#SuperSU]] |
||
+ | |||
+ | 8. Prevent OTA updates: |
||
+ | adb shell |
||
+ | su |
||
+ | mount -o remount,rw /system |
||
+ | echo "# Remove me to allow OTA update" >> /system/build.prop |
||
+ | mount -o remount,ro /system |
||
+ | |||
+ | 9. Lock bootloader with BootUnlocker |
||
+ | |||
+ | See also my [https://code.google.com/p/boot-unlocker-gnex/issues/detail?id=30 feature request] for BootUnlocker |
||
+ | |||
+ | ====Upgrade with factory image==== |
||
+ | That's my preferred method. |
||
+ | |||
+ | 1. '''Unlock bootloader with BootUnlocker''', super critical step!!! |
||
+ | |||
+ | 2. Flash a factory image |
||
+ | <br>Get latest image at https://developers.google.com/android/nexus/images |
||
+ | tar xzf ...tgz |
||
+ | cd ... |
||
+ | Or in one go: |
||
+ | wget -O - ... | tar xz |
||
+ | cd ... |
||
+ | Very important if you want to keep your data!!! Edit flash-all.sh and replace |
||
+ | fastboot -w update image-....zip |
||
+ | by |
||
+ | fastboot update image-....zip |
||
+ | <br>Then reboot the phone to bootloader and launch that script: |
||
+ | adb reboot bootloader |
||
+ | ./flash-all.sh |
||
+ | Reboot |
||
+ | |||
+ | 2b. Apply OTA |
||
+ | If you didn't flash the latest version, apply OTA update |
||
+ | |||
+ | 3. Root again, see [[#SuperSU]] |
||
+ | |||
+ | 4. Prevent OTA updates: |
||
+ | adb shell |
||
+ | su |
||
+ | mount -o remount,rw /system |
||
+ | echo "# Remove me to allow OTA update" >> /system/build.prop |
||
+ | mount -o remount,ro /system |
||
+ | |||
+ | 5. Lock bootloader with BootUnlocker |
||
+ | |||
+ | ===On rooted devices=== |
||
+ | ====adbd insecure==== |
||
+ | As USB debugging is now pretty secure, let's enable immediate root access: |
||
+ | <br>Install [https://play.google.com/store/apps/details?id=eu.chainfire.adbd adbd insecure] |
||
+ | <br>Open app -> enable & enable at boot time |
||
+ | ====Busybox==== |
||
+ | From Google Play: https://play.google.com/store/apps/details?id=stericson.busybox&hl=en |
||
+ | <br>Local install: |
||
+ | adb install stericson.busybox-1.apk |
||
+ | => Run busybox -> install -> smart install |
||
+ | Consider buying Busybox Pro... |
||
+ | |||
+ | ===Modifying stuffs in system partition using su=== |
||
+ | adb push some_file /sdcard/ |
||
+ | adb shell su -c "mount -o remount,rw /system" |
||
+ | adb shell su -c "cat /sdcard/some_file > /etc/some_file" |
||
+ | sleep 1 |
||
+ | adb shell su -c "mount -o remount,ro /system" |
||
+ | ===Modifying stuffs in system partition with insecure adbd (=being root by default)=== |
||
+ | adb shell mount -o remount,rw /system |
||
+ | adb push some_file /etc/some_file |
||
+ | sleep 1 |
||
+ | adb shell mount -o remount,ro /system |
||
+ | |||
+ | ===Encrypt device=== |
||
+ | See [https://support.google.com/android/answer/1663755?hl=en official help] |
||
+ | <br>Some reports say they had to repeat the process several times on Nexus 4 before encryption started. I didn't have that problem. |
||
+ | |||
+ | One major caveat is that this is the same password for disk encryption and screen unlock, cf [https://code.google.com/p/android/issues/detail?id=29468 this longstanding bugreport]. |
||
+ | <br>On a rooted device this can be achieved thanks to [https://play.google.com/store/apps/details?id=org.nick.cryptfs.passwdmanager Cryptfs password] or simply by doing: |
||
+ | vdc cryptfs changepw <new_password> |
||
+ | Note that it will have to be done every time the screen PIN or pwd is changed. |
||
+ | <br>See also http://nelenkov.blogspot.jp/2012/08/changing-androids-disk-encryption.html |
||
+ | ==Phone-specific notes== |
||
+ | See [[Android phones]] |
||
==Applications== |
==Applications== |
||
+ | See [[Android Apps]] |
||
− | Here is a list of potentially useful applications |
||
+ | |||
− | ===To be sorted=== |
||
+ | ==Applications development== |
||
− | * Apps Organizer : To group apps |
||
+ | See [[Android SDK]] |
||
− | * Android Agenda Widget : See your agenda on your home screen |
||
+ | ==Using the embedded SE== |
||
− | * Bluetooth Switch : Activates BT when the phone is docked in the car |
||
+ | See [[Android SE]] |
||
− | * Bubble : Water level using the phone sensors |
||
+ | ==Using TrustZone== |
||
− | * Buienalarm : (NL) rain alarm, tells you if precipitations are expected at your current location |
||
+ | See [[Android TrustZone]] |
||
− | * Chrome to Phone : easy to send URL's or text from Google Chrome to the phone |
||
+ | |||
− | * Touch Calendar : calendar with easy scroll & zoom in/out |
||
+ | ==using Software Card Emulation== |
||
− | * Notes (developer: Yuli) : simple application for notes |
||
+ | See [[Android Software Card Emulation]] |
||
− | * ColorNote Notepad (Notes) |
||
+ | |||
− | * Droid48 (shagrath; HP48 emulator) |
||
+ | ==Misc== |
||
− | * My Tracks (My Tracks Team at Google; GPS tracking system) |
||
+ | ===Security=== |
||
− | * Skype (Skype) |
||
+ | http://wiki.secmobi.com/ |
||
− | * SMS Backup & Restore (Ritesh Sahu) |
||
+ | ===Wi-Fi & client certs=== |
||
− | * RealCalc Scientific Calculator (Brain Overspill) |
||
+ | To be able to authenticate to a Wi-Fi network using client certificates via TLS: |
||
− | * Android Terminal Emulator (Jack Palevitch; Linux access through a terminal) |
||
+ | <br>If needed, export certificate from IE in Pkcs#12 PFX, *with* private key, *with* all certs, *without* strong enc, *without* deletion of private key. |
||
− | * Hears (bytesequencing.com) |
||
+ | <br>Rename .pfx file as .p12 |
||
− | * Text-To-Speech Extension (Eyes-Free Project) |
||
+ | <br>(source: http://www.google.com/support/mobile/bin/answer.py?answer=168466&topic=27214#1086573) |
||
− | * SilentMode OnOff (CurveFish) |
||
+ | <br>Copy pkcs#12 certificate to root of USB storage. |
||
− | * DailyStrip (FuseTree LLC) |
||
+ | <br>File must end with .p12, not .pfx! |
||
− | * Test de vitesse Speedtest (Ookla) |
||
+ | <br>One single file with key+cert+cacerts is ok |
||
− | * ASTRO Gestionnaire de fichiers (Metago) |
||
+ | <br>Wi-Fi params: 802.1x EAP / TLS / phase2: None / CA cert: cf previous import / user cert: idem / Identity: DOMAIN\user... / Anonymous id: empty / password:... |
||
− | * Wifi Connecter Library (farproc) |
||
+ | |||
− | * Advanced Task Killer (ReChild) |
||
+ | Note that after each reboot, you'll have to select manually one of the protected networks to unlock the secure storage of personal certificates or open manually the certificates storage: |
||
− | * APN Backup & Restore (Ritesh Sahu) |
||
+ | <br>Settings > Location & Security > Use secure credentials |
||
− | ===Google=== |
||
+ | <br>See also [https://market.android.com/details?id=ru.chunky.AutoKeystore Keystore Unlocker] |
||
− | * Google Goggles (Google) |
||
+ | |||
− | * Google Earth (Google) |
||
+ | ===Importing certs=== |
||
− | * Google Maps (Google) |
||
+ | Since Android 3.0, no need for rooting anymore |
||
− | * Google Search (Google) |
||
+ | <br>If troubles, use PEM format, with file extension .crt |
||
− | * Google Sky Map (Google) |
||
+ | * drop certs on /sdcard/ |
||
− | * Google Traduction (Google) |
||
+ | * go to settings / personal: security / credential storage: install from storage & select both certs |
||
− | * Gmail (Google) |
||
− | === |
+ | ===Test menu=== |
+ | Dial *#*#4636#*#* (== *#*#INFO#*#*) |
||
− | * Dialer One : Alternative dialer |
||
− | === |
+ | ===SMSC configuration=== |
+ | To configure the SMSC (SMS gateway) on Android is not straight forward. |
||
− | * Dictionnaire Littré (Alexis Robert) |
||
+ | <br>Access a hidden settings menu by dialing *#*#4636#*#* (*#*#INFO#*#*) -> phone settings -> SMSC -> Refresh (to get current value) |
||
− | * Van Dale French-Dutch (Paragon Software) |
||
+ | <br>To update that field, if it does not work in plain or between quotes, try [http://www.twit88.com/home/utility/sms-pdu-encode-decode encode it in PDU] |
||
− | * Van Dale English-Dutch (Paragon Software) |
||
+ | * First byte is length of SMSC info, so if it's e.g. +32475161616, it's 11 digits to code on 6 bytes, + 1 byte to code type of SMSC address => 7 bytes |
||
− | * Van Dale Dutch Pocket (Paragon Software) |
||
+ | * Second byte is the type of SMSC address, 91 for international format |
||
− | * Van Dale German-Dutch (Paragon Software) |
||
+ | * Next bytes are the SMSC digits, padded with "f" if odd, then nibble-swapped so in our example: 32475161616F => 2374151616F6 |
||
− | * QuickDic German Dictionary (Thad Hughes) |
||
+ | * Full PDU-encoded SMSC is then: 07912374151616F6 -> Update |
||
− | ===Games=== |
||
+ | |||
− | * Reversi (Bluesky Studio) |
||
+ | ===Screenshots=== |
||
− | * Angry Birds : game, now full version for free |
||
+ | Run ddms (from [[Android SDK]]) -> Tools / Device / Screen capture |
||
− | * Move it! Free (AI Factory Limited; logical game of moving blocks) |
||
+ | ===Screencast=== |
||
− | * National Flags Quiz (FractalGate; game) |
||
+ | [http://droid-at-screen.ribomation.com/ Droid@Screen]: |
||
− | ===Sensing=== |
||
+ | <br>You'll need [[Android SDK]] too. |
||
− | * Boussole (Catch.com ; compass) |
||
+ | <br>Make sure you're using the adb from SDK and not from e.g. Debian packages: |
||
− | * Shazam : Can identify music by listening to it for about 10s |
||
+ | <source lang=bash> |
||
− | * Barcode Scanner (ZXing Team) |
||
+ | adb kill-server |
||
− | * Wifi Analyzer (farproc) |
||
+ | export ANDROID_HOME=/path_to_your/android-sdk-linux_x86 |
||
− | * GPS Status (EclipSim) |
||
+ | java -jar droidAtScreen-1.0.2.jar |
||
− | ===[https://secure.wikimedia.org/wikipedia/en/wiki/List_of_Open_Source_Android_Applications Open Source applications]=== |
||
+ | </source> |
||
− | ==GPS with offline maps== |
||
+ | |||
− | ===Commercial=== |
||
+ | androidscreencast: |
||
− | * Copilot Live (59€ for Europe) |
||
+ | <br>Get jnlp file from [https://code.google.com/p/androidscreencast/ project page] |
||
− | ===Free=== |
||
+ | <source lang=bash> |
||
− | From [http://www.taranfx.com/android-offline-google-maps this post]: |
||
+ | adb kill-server |
||
− | <br>Create your own maps with [http://mobac.dnsalias.org/ Mobile Atlas Creator] (Java-based) & use them e.g. with RMaps, AndNav, Maverick, TrekBuddy,... (bitmaps so ok only for small areas such as cities) |
||
+ | export ANDROID_HOME=/path_to_your/android-sdk-linux_x86 |
||
− | * Get e.g. RMaps from Android Market |
||
+ | $ANDROID_HOME/platform-tools/adb start-server |
||
− | * Get [http://sourceforge.net/projects/trekbuddyatlasc/files/ latest release] of Mobile Atlas Creator & unzip it |
||
+ | javaws androidscreencast.jnlp |
||
− | * Get latest [http://www.zentus.com/sqlitejdbc/ SqliteJDBC] library and copy it inside th eMobile Atlas Creator directory |
||
+ | </source> |
||
− | * Run it (start.sh) |
||
+ | ===USB tethering=== |
||
− | * Choose your source, e.g. OpenStreetMaps, Google Maps,... |
||
+ | Plug phone & PC via USB |
||
− | * Select area: Right click to Drag, Scroll to zoom In/Out, Left click to select downloadable area |
||
+ | <br>Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering) |
||
− | * Select one or more zoom levels, e.g. from 12 to 18 for all levels of details of a city |
||
+ | <br>It works OOB on Debian, nothing to do |
||
− | * Do “add selection” with a name of your choice |
||
+ | ===Mounting USB as MTP or PTP=== |
||
− | * Select “BigPlanet SQLite” from “Atlas Settings” (for RMaps, otherwise Maverick Atlas Format for Maverick etc) |
||
+ | New Nexus devices don't use USB mass storage anymore but MTP or PTP, mainly to be able to access data both from Android & PC at the same time. |
||
− | * "Create Atlas" |
||
+ | <br>There are two methods using fuse so make sure your user is member of fuse group: |
||
− | * Download the .sqlitedb map into the phone SDcard/rmaps/maps |
||
+ | sudo adduser <your_user> fuse |
||
− | * Disconnect the phone |
||
+ | and make sure your user can access the USB device (cf above: /etc/udev/rules.d/...) |
||
− | * Open RMaps and Menu > More > Settings > User defined maps > BigPlanet_maps.sqlitedb > Enabled Maps |
||
+ | ====Using mtpfs==== |
||
− | * Return to main maps screen and then Menu > Maps > BigPlanet_maps.sqlitedb. |
||
+ | See [http://www.omgubuntu.co.uk/2011/12/how-to-connect-your-android-ice-cream-sandwich-phone-to-ubuntu-for-file-access/ this article] |
||
+ | sudo apt-get install mtpfs mtp-tools |
||
+ | mkdir ~/MyAndroid |
||
+ | |||
+ | mtpfs ~/MyAndroid |
||
+ | ... |
||
+ | fusermount -u ~/MyAndroid |
||
+ | Problem is that it's very slow to mount |
||
+ | |||
+ | ====Using go-mtpfs==== |
||
+ | See [http://blog.itsbilal.com/2012/12/connect-an-android-4-0-phonetablet-to-ubuntu-the-reliable-way/ this article] |
||
+ | sudo apt-get install golang fuse git-core libmtp-dev libfuse-dev |
||
+ | mkdir /tmp/go |
||
+ | GOPATH=/tmp/go go get github.com/hanwen/go-mtpfs |
||
+ | sudo mv /tmp/go/bin/go-mtpfs /usr/local/bin/ |
||
+ | mkdir ~/MyAndroid |
||
+ | |||
+ | go-mtpfs ~/MyAndroid & |
||
+ | ... |
||
+ | fusermount -u ~/MyAndroid |
||
+ | ====Using gphotofs==== |
||
+ | This method requires the phone to share files over USB as Camera (PTP), *not* MTP. |
||
+ | |||
+ | sudo apt-get install gphotofs |
||
+ | mkdir ~/MyAndroid |
||
+ | |||
+ | gphotofs ~/MyAndroid |
||
+ | ... |
||
+ | fusermount -u ~/MyAndroid |
||
+ | Problem is that it only shows DCIM & Pictures |
||
+ | <br>Not sure if it's a limitation of Android or Gphoto... |
||
+ | |||
+ | ===Backuping via BackupPC=== |
||
+ | I'm a big fan of [[BackupPc]] and [http://www.tolaris.com/2011/06/13/backing-up-your-android-device-with-backuppc/ this guy] managed to link android & backuppc so let's give it a try. |
||
+ | <br>Check the mentioned link but his setup is a bit different, running CyanogenMod while I'm using a stock fw. |
||
+ | <br>Instructions here suppose your phone is rooted. |
||
+ | ====IP==== |
||
+ | Backuppc server needs to reach the phone so your phone needs a static (or DHCP statically attributed) IP or whatever dyndns system. |
||
+ | ====SSH==== |
||
+ | I'm using [http://wiki.yobi.be/wiki/Android_Apps#With_root_support SshDroidPro] |
||
+ | <br>Make sure backuppc key is properly installed in /data/data/berserker.android.apps.sshdroidpro/home/.ssh/authorized_keys |
||
+ | <br>Then test it as user backuppc, trying to access the phone and accept the server key fingerprint. |
||
+ | ====rsync==== |
||
+ | To get rsync binary, I found [https://market.android.com/details?id=eu.kowalczuk.rsync4android rsync backup for Android] which downloads a rsync binary during install (a weird way to deal with a GPL program IMHO). |
||
+ | <br>The actual binary it downloads is available [https://sites.google.com/a/kowalczuk.eu/android/rsync here]. |
||
+ | <br>But Android wget doesn't support https so you've to transfer it to your phone by another mean. |
||
+ | <br>One way is to install the application I mentioned and let it download that binary. |
||
+ | <br>Then, to install it at a more rooted-Android standard place: |
||
+ | <source lang=bash> |
||
+ | cd /system/xbin |
||
+ | busybox mount -o remount,rw /system |
||
+ | cp /data/data/eu.kowalczuk.rsync4android/files/rsync /system/xbin/ |
||
+ | chmod 755 /system/xbin/rsync |
||
+ | chown root.shell /system/xbin/rsync |
||
+ | busybox mount -o remount,ro /system |
||
+ | </source> |
||
+ | |||
+ | ====Wi-Fi==== |
||
+ | Make sure Wi-Fi will stay on! |
||
+ | <br>Menu > Settings > Wireless & networks > Wi-Fi settings > Menu > Advanced > Wi-Fi sleep policy > Never (or never when powered) |
||
+ | |||
+ | ====BackupPC config==== |
||
+ | My config: create new host in backuppc web interface with: |
||
+ | XferMethod = rsync |
||
+ | RsyncShareName = [/data/, /efs/ (useful??), /system/, /mnt/asec/, /mnt/sdcard/] |
||
+ | RsyncClientPath = /system/xbin/rsync |
||
+ | BackupFilesExclude = /mnt/sdcard/ => [/oruxmaps/mapfiles, /clockworkmod/backup, /radio_dump_*, /videos] |
||
+ | Note that in the mentioned link he's using RsyncShareName = / and playing with BackupFilesOnly but for me it looks like BackupFilesOnly was not respected, so I preferred to have separate RsyncShareName |
||
+ | <br>Some info on APP2SD [http://android.modaco.com/topic/331205-guide-how-to-get-more-free-space-for-your-apps/ here] and [http://ydal.de/android-2-2-froyo-apps-to-sd/ here] |
||
+ | <br>I had errors "Ping too slow" so I increased |
||
+ | PingMaxMsec = 400 |
||
+ | as anyway it's on local network |
||
+ | ====Non-rooted device==== |
||
+ | For non-rooted devices the setup is a bit different: |
||
+ | * SSH server will run on a non-privilegied port, e.g. port 2222 |
||
+ | * login will be done with sshdroid permissions, not root, so it cannot access rsync binary neither /data content |
||
+ | * rsync needs to be available so we'll transfer it again, as sshdroid user: |
||
+ | scp -P2222 rsync galaxy:/data/data/berserker.android.apps.sshdroid/home/bin/ |
||
+ | then make it executable |
||
+ | * BackupPC config is e.g.: |
||
+ | XferMethod = rsync |
||
+ | RsyncShareName = [/mnt/sdcard/] |
||
+ | RsyncClientPath = /data/data/berserker.android.apps.sshdroid/home/bin/rsync |
||
+ | BackupFilesExclude = /mnt/sdcard/ => [/Movies] |
||
+ | RsyncClientCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+" |
||
+ | RsyncClientRestoreCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+" |
||
+ | Because we cannot directly backup /data content, what can be done is to use e.g. MyBackupPro to backup most of the data to the SD card, in a scheduled way. |
Latest revision as of 15:00, 26 April 2016
Links
App stores
Alternate views on the official market:
Alternate markets:
- AppsLib
- AndSpot (beta)
- GetJar
- Handmark
- Mobango
- Handango
- explorePDA
- MiKandi
- MobiHand
- Mobspot
- Smartphone.net
- AndroidGear
- SlideME
User manuals
Short notes
ADB
To reveal developer menu, tap 10x on "settings/about/build nr"
Then enable usb debug.
USB debugging is pretty secured since Jelly Bean but beware for older versions!
Since Android 5.0.1, it's required to use at least adb v1.0.32.
apt-get install android-tools-adb
Note that from recovery, you can also use adb:
- adb shell
- adb sideload update.zip
- adb push
etc
Fastboot
apt-get install android-tools-fastboot
USB permissions on the host
Create /etc/udev/rules.d/99-android.rules for Nexus phones:
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", MODE="0666", OWNER="<your_account>" # all Nexus
Then execute /etc/init.d/udev reload
To enter Fastboot mode
- Power off phone
- Depends on the phone, e.g.:
- Nexus S: keep volume-up pressed while pressing power on for 5 secs
- Nexus 4: keep volume-down pressed while pressing power on for 5 secs
- Nexus 5: keep volume-down pressed while pressing power on for 5 secs
- You've entered fastboot
See https://source.android.com/source/running.html for other models
Alternatively, fastboot can be triggererd from adb: adb reboot bootloader
OEM unlock
Necessary step before being able to flash partitions or boot on alternative recovery.
This will wipe ALL DATA!!!
fastboot oem unlock
OEM unlock for rooted devices
Once the device has been unlocked and rooted, it can be locked/unlocked again without wiping all the data, at least on some phone models.
Install BootUnlocker
Factory images for Nexus phones
Typical usage: (requires OEM unlock)
tar xzf CODENAME-VERSION-factory-CHECKSUM.tgz cd CODENAME-VERSION ./flash-all.sh
To avoid erasing user data:
Very important if you want to keep your data!!! Edit flash-all.sh and replace
fastboot -w update image-....zip
by
fastboot update image-....zip
Recovery
TWRP
ClockworkMod
Usage
Flashing an alternative recovery (requires OEM unlock):
fastboot flash recovery recovery-clockwork-VERSION-CODENAME.img
Booting (without flashing) an alternative recovery (requires OEM unlock):
fastboot boot recovery-clockwork-VERSION-CODENAME.img
Stock recovery
To show menu with Nexus stock recovery, it depends on the phone, e.g.:
- Nexus 4: hold "power" and press "volume-up"
- Nexus 5: press & release quickly volume-up & power a few times
Rooting
SuperSU
Requires OEM unlock, see above fastboot oem unlock (! erase all) and see below BootUnlocker (for already rooted)
Requires e.g. TWRP recovery
Requires e.g. ChainFire SuperSU (you can check forum for beta releases)
adb reboot bootloader fastboot boot recovery-xxx.img # In recovery, choose Advanced / Install zip / from sideload adb sideload UPDATE-SuperSU-v2.xx.zip # Reboot (and decline erasing recovery updater install-recovery.sh)
Rooting Android M
Rooting method has changed quite a bit and is still uncertain as those lines are written, see e.g. http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344
Rooting securely
Rooting can be done securely if:
- bootloader is locked again
- problem is that unlocking would erase again the data
- see below BootUnlocker which allows on rooted Nexus to toggle bootloader without deleting data
- keep stock recovery
- SuperSU is locked with a PIN
- this requires the Pro version
- SuperSU always require the PIN to authorize an app
- or be very careful which ones you authorize permanently
Rooting and OTA
By experience, it's always quite difficult to apply an OTA on a rooted phone, even after having attempted to unroot the phone.
So I prefer to apply a full factory image (being careful not to overwrite the data) and root it again.
If latest factory image isn't available yet, flash the latest available then apply the regular OTA before rooting.
Prevent OTA
Normally rooting is enough to prevent OTA but to be sure, one can touch build.prop (so its sha1sum won't match anymore)
adb shell su mount -o remount,rw /system echo "# Remove me to allow OTA update" >> /system/build.prop mount -o remount,ro /system
Attempt OTA
I don't recommend it as most attempts end in an infinite loop after the reboot.
When ready to really do OTA update:
1. Unlock bootloader with BootUnlocker, super critical step!!!
2. Make a backup of the proposed OTA patch, just in case
adb shell ls -l /cache adb pull /cache/update.zip
3. Restore build.prop:
adb shell su mount -o remount,rw /system sed -i '/Remove me/d' /system/build.prop # or if you don't have sed/busybox: grep -v "Remove me" /system/build.prop > /sdcard/build.prop.tmp cat /sdcard/build.prop.tmp > /system/build.prop rm /sdcard/build.prop.tmp mount -o remount,ro /system
4. Restore /system/bin/install-recovery.sh
SuperSU may have hijacked /system/bin/install-recovery.sh. If so, we need to restore it. Unfortunately using "full unroot" won't help, see here (and you'll get stuck unrooted!) so we'll restore it manually.
adb shell su ls -l /system/bin/install-recovery* # should be fixed or not? mount -o remount,rw /system mv /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh mount -o remount,ro /system
5. Install proposed OTA update from Android itself
5b. Check recovery logs
In case the automatic update failed, check the recovery logs:
At this point you should be already in stock recovery, if not, go to recovery
Keep power button pressed and press volume-up to get the menu
Go to "view recovery logs"
5c. Install proposed OTA update manually from a local copy on the PC
adb reboot recovery
Keep power button pressed and press volume-up to get the menu
Go to "apply update from ADB"
adb sideload update.zip
6. Reboot and let the system updating its apps
If it seems to stand forever with the boot logo, you can have a look at the same time to the system logs:
adb logcat
Seeing looping logs with a repetition of
>>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<<
is a bad sign, time for a full ROM recovery!
7. Root again, see #SuperSU
8. Prevent OTA updates:
adb shell su mount -o remount,rw /system echo "# Remove me to allow OTA update" >> /system/build.prop mount -o remount,ro /system
9. Lock bootloader with BootUnlocker
See also my feature request for BootUnlocker
Upgrade with factory image
That's my preferred method.
1. Unlock bootloader with BootUnlocker, super critical step!!!
2. Flash a factory image
Get latest image at https://developers.google.com/android/nexus/images
tar xzf ...tgz cd ...
Or in one go:
wget -O - ... | tar xz cd ...
Very important if you want to keep your data!!! Edit flash-all.sh and replace
fastboot -w update image-....zip
by
fastboot update image-....zip
Then reboot the phone to bootloader and launch that script:
adb reboot bootloader ./flash-all.sh
Reboot
2b. Apply OTA If you didn't flash the latest version, apply OTA update
3. Root again, see #SuperSU
4. Prevent OTA updates:
adb shell su mount -o remount,rw /system echo "# Remove me to allow OTA update" >> /system/build.prop mount -o remount,ro /system
5. Lock bootloader with BootUnlocker
On rooted devices
adbd insecure
As USB debugging is now pretty secure, let's enable immediate root access:
Install adbd insecure
Open app -> enable & enable at boot time
Busybox
From Google Play: https://play.google.com/store/apps/details?id=stericson.busybox&hl=en
Local install:
adb install stericson.busybox-1.apk => Run busybox -> install -> smart install
Consider buying Busybox Pro...
Modifying stuffs in system partition using su
adb push some_file /sdcard/ adb shell su -c "mount -o remount,rw /system" adb shell su -c "cat /sdcard/some_file > /etc/some_file" sleep 1 adb shell su -c "mount -o remount,ro /system"
Modifying stuffs in system partition with insecure adbd (=being root by default)
adb shell mount -o remount,rw /system adb push some_file /etc/some_file sleep 1 adb shell mount -o remount,ro /system
Encrypt device
See official help
Some reports say they had to repeat the process several times on Nexus 4 before encryption started. I didn't have that problem.
One major caveat is that this is the same password for disk encryption and screen unlock, cf this longstanding bugreport.
On a rooted device this can be achieved thanks to Cryptfs password or simply by doing:
vdc cryptfs changepw <new_password>
Note that it will have to be done every time the screen PIN or pwd is changed.
See also http://nelenkov.blogspot.jp/2012/08/changing-androids-disk-encryption.html
Phone-specific notes
See Android phones
Applications
See Android Apps
Applications development
See Android SDK
Using the embedded SE
See Android SE
Using TrustZone
using Software Card Emulation
See Android Software Card Emulation
Misc
Security
Wi-Fi & client certs
To be able to authenticate to a Wi-Fi network using client certificates via TLS:
If needed, export certificate from IE in Pkcs#12 PFX, *with* private key, *with* all certs, *without* strong enc, *without* deletion of private key.
Rename .pfx file as .p12
(source: http://www.google.com/support/mobile/bin/answer.py?answer=168466&topic=27214#1086573)
Copy pkcs#12 certificate to root of USB storage.
File must end with .p12, not .pfx!
One single file with key+cert+cacerts is ok
Wi-Fi params: 802.1x EAP / TLS / phase2: None / CA cert: cf previous import / user cert: idem / Identity: DOMAIN\user... / Anonymous id: empty / password:...
Note that after each reboot, you'll have to select manually one of the protected networks to unlock the secure storage of personal certificates or open manually the certificates storage:
Settings > Location & Security > Use secure credentials
See also Keystore Unlocker
Importing certs
Since Android 3.0, no need for rooting anymore
If troubles, use PEM format, with file extension .crt
- drop certs on /sdcard/
- go to settings / personal: security / credential storage: install from storage & select both certs
Dial *#*#4636#*#* (== *#*#INFO#*#*)
SMSC configuration
To configure the SMSC (SMS gateway) on Android is not straight forward.
Access a hidden settings menu by dialing *#*#4636#*#* (*#*#INFO#*#*) -> phone settings -> SMSC -> Refresh (to get current value)
To update that field, if it does not work in plain or between quotes, try encode it in PDU
- First byte is length of SMSC info, so if it's e.g. +32475161616, it's 11 digits to code on 6 bytes, + 1 byte to code type of SMSC address => 7 bytes
- Second byte is the type of SMSC address, 91 for international format
- Next bytes are the SMSC digits, padded with "f" if odd, then nibble-swapped so in our example: 32475161616F => 2374151616F6
- Full PDU-encoded SMSC is then: 07912374151616F6 -> Update
Screenshots
Run ddms (from Android SDK) -> Tools / Device / Screen capture
Screencast
Droid@Screen:
You'll need Android SDK too.
Make sure you're using the adb from SDK and not from e.g. Debian packages:
adb kill-server
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
java -jar droidAtScreen-1.0.2.jar
androidscreencast:
Get jnlp file from project page
adb kill-server
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
$ANDROID_HOME/platform-tools/adb start-server
javaws androidscreencast.jnlp
USB tethering
Plug phone & PC via USB
Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering)
It works OOB on Debian, nothing to do
Mounting USB as MTP or PTP
New Nexus devices don't use USB mass storage anymore but MTP or PTP, mainly to be able to access data both from Android & PC at the same time.
There are two methods using fuse so make sure your user is member of fuse group:
sudo adduser <your_user> fuse
and make sure your user can access the USB device (cf above: /etc/udev/rules.d/...)
Using mtpfs
See this article
sudo apt-get install mtpfs mtp-tools mkdir ~/MyAndroid
mtpfs ~/MyAndroid ... fusermount -u ~/MyAndroid
Problem is that it's very slow to mount
Using go-mtpfs
See this article
sudo apt-get install golang fuse git-core libmtp-dev libfuse-dev mkdir /tmp/go GOPATH=/tmp/go go get github.com/hanwen/go-mtpfs sudo mv /tmp/go/bin/go-mtpfs /usr/local/bin/ mkdir ~/MyAndroid
go-mtpfs ~/MyAndroid & ... fusermount -u ~/MyAndroid
Using gphotofs
This method requires the phone to share files over USB as Camera (PTP), *not* MTP.
sudo apt-get install gphotofs mkdir ~/MyAndroid
gphotofs ~/MyAndroid ... fusermount -u ~/MyAndroid
Problem is that it only shows DCIM & Pictures
Not sure if it's a limitation of Android or Gphoto...
Backuping via BackupPC
I'm a big fan of BackupPc and this guy managed to link android & backuppc so let's give it a try.
Check the mentioned link but his setup is a bit different, running CyanogenMod while I'm using a stock fw.
Instructions here suppose your phone is rooted.
IP
Backuppc server needs to reach the phone so your phone needs a static (or DHCP statically attributed) IP or whatever dyndns system.
SSH
I'm using SshDroidPro
Make sure backuppc key is properly installed in /data/data/berserker.android.apps.sshdroidpro/home/.ssh/authorized_keys
Then test it as user backuppc, trying to access the phone and accept the server key fingerprint.
rsync
To get rsync binary, I found rsync backup for Android which downloads a rsync binary during install (a weird way to deal with a GPL program IMHO).
The actual binary it downloads is available here.
But Android wget doesn't support https so you've to transfer it to your phone by another mean.
One way is to install the application I mentioned and let it download that binary.
Then, to install it at a more rooted-Android standard place:
cd /system/xbin
busybox mount -o remount,rw /system
cp /data/data/eu.kowalczuk.rsync4android/files/rsync /system/xbin/
chmod 755 /system/xbin/rsync
chown root.shell /system/xbin/rsync
busybox mount -o remount,ro /system
Wi-Fi
Make sure Wi-Fi will stay on!
Menu > Settings > Wireless & networks > Wi-Fi settings > Menu > Advanced > Wi-Fi sleep policy > Never (or never when powered)
BackupPC config
My config: create new host in backuppc web interface with:
XferMethod = rsync RsyncShareName = [/data/, /efs/ (useful??), /system/, /mnt/asec/, /mnt/sdcard/] RsyncClientPath = /system/xbin/rsync BackupFilesExclude = /mnt/sdcard/ => [/oruxmaps/mapfiles, /clockworkmod/backup, /radio_dump_*, /videos]
Note that in the mentioned link he's using RsyncShareName = / and playing with BackupFilesOnly but for me it looks like BackupFilesOnly was not respected, so I preferred to have separate RsyncShareName
Some info on APP2SD here and here
I had errors "Ping too slow" so I increased
PingMaxMsec = 400
as anyway it's on local network
Non-rooted device
For non-rooted devices the setup is a bit different:
- SSH server will run on a non-privilegied port, e.g. port 2222
- login will be done with sshdroid permissions, not root, so it cannot access rsync binary neither /data content
- rsync needs to be available so we'll transfer it again, as sshdroid user:
scp -P2222 rsync galaxy:/data/data/berserker.android.apps.sshdroid/home/bin/
then make it executable
- BackupPC config is e.g.:
XferMethod = rsync RsyncShareName = [/mnt/sdcard/] RsyncClientPath = /data/data/berserker.android.apps.sshdroid/home/bin/rsync BackupFilesExclude = /mnt/sdcard/ => [/Movies] RsyncClientCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+" RsyncClientRestoreCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+"
Because we cannot directly backup /data content, what can be done is to use e.g. MyBackupPro to backup most of the data to the SD card, in a scheduled way.