When PackageManagerService deals with external storage, always bind
to DefaultContainerService as USER_OWNER. This avoids binding to a
stopped user, which would fail.
Bug: 7203111
Change-Id: I8e303c7558e8b5cbe4fea0acc9a472b598df0caa
Issue #7209355: Intent on the secondary user results in an intent picker
in the Primary user.
Issue #7214271: Crash in system UI
Also fix a bug where I recently broke the removeTask() operation in the
activity manager where it would remove the wrong task.
Change-Id: I448c73a0e83a78d9d8d96b4629658c169888d275
Since SettingsProvider can call back into PMS, query the default
enforcement state before acquiring mPackages lock.
Bug: 7182437
Change-Id: Ie218aedfc7a943e5b221814af3e0356c7199b0e4
Create a setting "verifier_verify_adb_installs" to allow developers to control
package verification on ADB installs only. If package verification is enabled,
the setting will:
0, Do not perform package verification on apps installed through ADB/ADT/USB
and perform package verification on all other installs.
1, Use package verification on all installs. (Default)
Bug: 7183252
Change-Id: I9d3eb8abb5ba5e93f8634d3135794e92ff6273b6
Keep track of user creation and last logged-in time.
adb shell dumpsys users
User switcher shouldn't show users about to be removed.
No need to check for singleton for activities.
Bug: 7194894
Change-Id: Ic9a59ea5bd544920479e191d1a1e8a77f8b6ddcf
New APIs let you indicate what user(s) to monitor, and tell you
what user is changing when receiving a callback.
Fix package manager to only deliver package brpadcasts to the
running users. (This isn't really a change in behavior, since
the activity manager would not deliver to stopped users anyway).
Make sure all broadcasts that package monitor receives also include
user information for it to use.
Update wallpaper service to (hopefully) now Really Correctly
monitor package changes per user.
Change-Id: Idd952dd274abcaeab452277d9160d1ae62919aa0
Bug: 7136483
Store device policy information for each user and apply them when user switches.
Global proxy can only be controlled by owner.
Camera restriction applies to all users, if any one has an admin that disables it.
Storage encryption can only be controlled by owner, although other users can query the state.
Wipe data will only remove the user if non-zero, wipe the device, if zero.
Change-Id: I359be46c1bc3828fd13d4be3228f11495081c8f2
For forward-locked apps, we need to be able to read the optimized dex
file from a common place. Make it owned by the shared app GID as well.
Bug: 7178231
Change-Id: Ib36d79e8df69d58e8e1e0f167659df995dc84b84
Send package name, version code and the uid of the application requesting the
install to package verifiers.
Bug: 7164155
Change-Id: I2464dc5d4551f60b4f38f7982495a8920c83e1cd
When verification and encryption is used, the temporary file was deleted
prematurely.
Also, on next boot-up, scan the directory we use for temporary files to
clean them up if the user rebooted in the middle of installation.
Bug: 7132197
Change-Id: Ic9e8aab9a664ca00d9ac16f72e53fc43d78d21bc
For some reason .getParent() appears to be returning null for a data
directory. We don't need to use the parent; we can just use the path.
Bug: 7151733
Change-Id: I5e17cc14fe53669882329d67d8a7b4ec35b81104
Fixes a race condition where the system server might
try to access /data/user/0 before it was created. In so
doing, the system server could end up creating a directory
in that location with the wrong permissions and everything
would promptly crash.
Bug: 7151686
Change-Id: I349c12fd2b9685d2e7f6305e74f6bf7d5816b752
When building external storage paths, always include user in path
to enable cross-user paths and aid debugging.
Each Zygote process continues to only have access to the appropriate
user-specific emulated storage through bind mounts. A second set of
mounts continue supporting legacy /sdcard-style paths. For example,
a process running as owner has these mount points:
/storage/emulated_legacy
/storage/emulated_legacy/Android/obb
/storage/emulated/0
/storage/emulated/obb
Since Environment is created before Zygote forks, we need to update
its internal paths after each process launches.
Bug: 7131382
Change-Id: I6f8c6971f2a8edfb415c14cb4ed05ff97e587a21
Use a shared app gid for each app across different users which allows
forward-locked applications to share the same APK file.
Change-Id: Ifecf51ee7865547117746f83e9733083d3dd5111
unlinklib is no longer necessary since libraries are now either stored
in an ASEC container or in /data/app-lib
Replace lib directory with a symlink to the /data/app-lib directory even
if it's a dangling link. That way developers don't name something "lib"
in their directory which gets blown away during an update.
Change-Id: I142cf13dba9c13aafbaf0ff8d5e9872cbf1cc910
Instead of unpacking libraries into /data/data/<appname>/lib, unpack
them into /data/app-lib so that multi-user applications can use the same
libraries.
Change-Id: I636dafb5a9eea8cf5a41f1360698e7695455f385
Commit 5e03e2ca7d moved from
PacakgeParser.Package to PackageSetting which revealed that we weren't
updating the pkgFlags when replacing an existing application.
Add flags to PackageSetting so that deletion of the package later succeeds.
Change-Id: I2e0d4e07da31f48b68601f3f3240966b6e17dbdf
installd was not creating a compatibility symlink when
installing a forward locked application. Fix.
Bug: 7121527
Change-Id: Ied507ab2b759d8658af563e6ac8f0dbb0d286cce
- New (hidden) isUserRunning() API.
- Maintain LRU list of visited users.
- New FLAG_IS_DATA_ONLY for ApplicationInfo.
- Clean up pending intent records when force-stopping a user (or package).
(Also fixes bug #6880627: PendingIntent.getService() returns stale
intent of force stopped app)
- Fix force-stopping when installing an app to do the force-stop across
all users for that app.
- When selecting which processes to kill during a force stop, do this
based on the actual packages loaded in the process, not just process
name matching.
- You can now use --user option in am when starting activities, services,
and instrumentation.
- The am --user option accepts "current" and "all" as arguments.
- The pm uninstall command now uninstalls for all users, so it matches
the semantics of the install command.
- PhoneWindowManager now explicitly says to start home in the current
user.
- Activity manager call to retrieve the MIME type from a content provider
now takes a user argument, so it will direct this to the proper user.
- The package manager uninstall paths are now implemented around
PackageSetting, not PackageParser.Package. This allows them to work
even if the application's apk has been removed (in which case it only
exists as a PackageSetting, not the PackageParser.Package parsed from
the apk).
Change-Id: I3522f6fcf32603090bd6e01cc90ce70b6c5aae40
New API to register as an explicit user, which allows you to
also select ALL to see broadcasts for all users.
New BroadcastReceiver API to find out which user the broadcast
was sent to.
Use this in app widget service to handle per-user package broadcasts
and boot completed broadcasts correctly.
Change-Id: Ibbe28993bd4aa93900c79e412026c27863019eb8
Send the Intent.ACTION_PACKAGE_VERIFIED to all verifiers when
verification is complete (either one verifier verified the package or a
timeout occurred). Details of what occurred is in a new extra,
PackageManager.EXTRA_VERIFICATION_RESULT.
Bug: 7048930
Change-Id: I4f9855a29b0eb6d77f469891402c69e2e8922945
Ensure that only applications with
android.Manifest.permission.PACKAGE_VERIFICATION_AGENT can call application
verification APIs, like PackageManager.verifyPendingInstall and
PackageManager.extendVerificationTimeout
Bug: 7049083
Change-Id: I5fc28b37e864d67cd319a1ed9d03a90dd15ad052
We also now send the correct broadcasts to each user.
You no longer need to be running the shell as root
to be able to create/remove users.
Also added some more man page material to the pm command, and
got rid of a bunch of showUsage() calls that now make error
messages completely buried because of how large the usage info
has become.
And the package manager now shows the user each historical broadcast
was sent to.
Change-Id: Iab42498e1352a0c023069139c80fc04d2d69ab4b
Was not properly handling creating DefContainerService when the installation was
for USER_ALL. Not a problem for Market installs.
Bug: 7061571
Change-Id: I4528b4c56e38effa137da56460e78c55b242ba45
UserManagerService is now closely tied to PackageManagerService,
sharing the same locks. There is no longer direct access of
Installer by UserManagerService, instead the package manager is
back to solely owning it.
Creating a new user now correctly only installs system apps for
that user.
Fixed some misc bugs, where we were getting nulls when
querying content providers and instrumentation in uninstalled
users, incorrect locking, etc.
Change-Id: Ife69b6e373d0cf7c5cfc03fc588e36b43ad5d8b0
queryIntentReceivers() needs the resolvedType string to be non-null
in order to find the receiver.
Change-Id: If473d7e08e79940c3e495bc7a9d136e4130599a1
This add a new per-user state for an app, indicating whether
it is installed for that user.
All system apps are always installed for all users (we still
use disable to "uninstall" them).
Now when you call into the package manager to install an app,
it will only install the app for that user unless you supply
a flag saying to install for all users. Only being installed
for the user is just the normal install state, but all other
users have marked in their state for that app that it is not
installed.
When you call the package manager APIs for information about
apps, uninstalled apps are treated as really being not visible
(somewhat more-so than disabled apps), unless you use the
GET_UNINSTALLED_PACKAGES flag.
If another user calls to install an app that is already installed,
just not for them, then the normal install process takes place
but in addition that user's installed state is toggled on.
The package manager will not send PACKAGE_ADDED, PACKAGE_REMOVED,
PACKAGE_REPLACED etc broadcasts to users who don't have a package
installed or not being involved in a change in the install state.
There are a few things that are not quite right with this -- for
example if you go through a full install (with a new apk) of an
app for one user who doesn't have it already installed, you will
still get the PACKAGED_REPLACED messages even though this is
technically the first install for your user. I'm not sure how
much of an issue this is.
When you call the existing API to uninstall an app, this toggles
the installed state of the app for that user to be off. Only if
that is the last user user that has the app uinstalled will it
actually be removed from the device. Again there is a new flag
you can pass in to force the app to be uninstalled for all users.
Also fixed issues with cleaning external storage of apps, which
was not dealing with multiple users. We now keep track of cleaning
each user for each package.
Change-Id: I00e66452b149defc08c5e0183fa673f532465ed5
Create a new verifier API to extend the timeout for a giving package,
including the resulting action (allow or deny) upon the timeout occuring.
Bug: 6901038
Change-Id: I351f7944327f863aff1d7dd1227be74652fa1511
Introduce API to get per-user storage information, keep track
of services associated with users, and various small cleanup.
Change-Id: I5d4e784e7ff3cccfed627d66a090d2f464202634
This change passes the originating URL and accompanied referrer to
package verifiers, when available.
Bug: 6544677
Change-Id: I9ebc71bc13f549bd88267e444816151a99bda000
