I am trying to run a shell script through an android app. The script has a command which just runs a jar on the device. When I run this command directly on the shell using adb, everything works fine. But when I run it through the script using the android app, I get a permission denied exception (open failed: EACCES (Permission denied)) for the files created in /data/local/tmp folder. Can anyone guide in how to resolve this issue?
This is what my manifest looks like
<manifest ….>
<uses-sdk …>
<uses-permission… .>
…
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
…
<application …>
…
</application>
</manifest>
Thanks.
Update 8 years later
On modern versions of Android, there is no way to run downloaded or generated code (a.k.a. W^X violation). We can only embed prebuilt binaries in the APK (or bundle) (using jniLibs and other settings in gradle.build) and make sure it is extracted to the native file system (explicitly set android:extractNativeLibs = "true"). Then you can run the binary from getContext().getApplicationInfo().nativeLibraryDir.
If I understand the scenario correctly, you create the script on the fly, and use /data/local/tmp as an easy location that is both publicly writable and executable. Once, this was possible. But on recent versions of Android, security has been tightened.
Your app can execute files under /data/data/${your.package}. You can use getContext().getFilesDir() to reliably obtain the full path. Note that you still need to use chmod 500 to ensure that the file has executable permission.
If you have some fixed executables (binaries or scripts) that must be installed with your app, there is a clever trick to let the system package installer take care of all that for you: make sure the file has a name "libsomething.so" and put it in /libs/armeabi directory under the Eclipse project root. After installation, the files will be present in getContext().getApplicationInfo().nativeLibraryDir directory with executable permissions set.
PS You don't need the WRITE_EXTERNAL_STORAGE permission for this to work (maybe you need it for other things your app does).
PPS You can run a shell script from anywhere, including /sdcard, and you don't need executable permission for the script. Instead, use sh -c source full.path.to.script.
You can use the adb interface to copy and/or push files to the /data/local/tmp folder but if you want to use/see them in the terminal app you will need to (in adb interface) first
cd /data/local/tmp
then make a folder inside the folder. Example
mkdir folder
next change the permissions
chmod - R 777 folder
Now you have a folder you can read and write to.
A few things that I would like to know is how to make the system think that the su binary is in the /system/bin folder (without copying) because I can only get tmp... root access because even with root access, I can not remount the system directory as rw because the zte-paragon has its system partition formatted as a read-only file-system
I think the reason is that your Andorid is not been rooted.
the "/data" have the root Permission.
So root your phone first, and give your app the permission.
you can try command:"su" int the shell change to root.
Make sure the /data/local/tmp location is world-executable on your device:
adb shell ls -ld /data/ /data/local/ /data/local/tmp/
drwxrwx--x system system XXXX-XX-XX XX:XX
drwxr-x--x root root XXXX-XX-XX XX:XX
drwxrwx--x shell shell XXXX-XX-XX XX:XX
# ^ all x here == OK!
If it's not, there's nothing you can do, and you need to use the standard storage (internal /data/data/{package} or external /sdcard/).
Make sure you made the file world-readable.
adb shell chmod o+r /data/local/tmp/myfile.txt
You don't need any permissions.
Related
I develop plug-in that works under Ubuntu. The plug-in is required to install a third party software with which it works.
Installation directory is "user home" [System.getProperty("user.home")]
After installation, when I try to open the executable file from this third party software is throwing an exception -
java.io.IOException: Cannot run program >/home/mbaev/Tools/flasher/1.5.0/lua5.1.sh": error=13, Permission denied"
Where should be installed a third party software? Why this directory have permissions by default?
There are probably two reasons:
lua5.1.sh is not executable. You can make it executable by setting:
sudo chmod +x /home/mbaev/Tools/flasher/1.5.0/lua5.1.sh
And then run it:
./home/mbaev/Tools/flasher/1.5.0/lua5.1.sh
If lua5.1.sh is executable but still says error=13, Permission denied. Maybe in this shell some of operations need root permission. Try to run it by sudo:
sudo ./home/mbaev/Tools/flasher/1.5.0/lua5.1.sh
This might also belong to Ask Ubuntu.
Anyway, in order to run a script on linux, you need to have access rights to the directory the script is in, and execute rights set on the script. Most likely you are missing the exec rights.
The command
chmod u+x <myscript.sh>
Will add execute rights for the current user. Try that first.
The OS MacOS X. Using the terminal, I tried following the steps of how to run a GAE application in a local data store. I dragged the file dev_appserver.sh, located in bin folder afterwards, dragged the war folder of my GAE project.
I get this error "Permission Denied" when I run it from the terminal.
/Eclipse-EE/plugins/com.google.appengine.eclipse.sdkbundle_1.9.15/appengine-java-sdk-1.9.15/bin/dev_appserver.sh
-deploy /Users/myUserName/Documents/workspace/project-name/GAE/war
What could be the problem
Change the Permission u+x to the appcfg.sh file
Note: If you are using Mac OS X or Linux, you must give the command files executable permission before you can run them. For example, to give appcfg.sh executable permission, enter the following command from the appengine-java-sdk/bin/ directory: chmod u+x appcfg.sh
Reference link - https://cloud.google.com/appengine/docs/java/tools/eclipse
I can get root access to phone using 'adb root' in my PC then change a file content under /data folder. Now I want to do it in a apk using Java code.
I tried blow code:
Runtime.getRuntime().exec(new String[]{"sh", "/sdcard/my.sh"});
This function works well when shell command do not need a root permission.
Now I change my.sh into
su root
chmod 777 /data/filetochange.xml
rm -r /data/filetochange.xml
But it didn't work. Can I do this in Java code?
I think your app need have root permission. You can try to add a line 'android:sharedUserId="android.uid.system"' to AndroidManifest.xml, which property can get system permission. But this is not enough, you need to do other steps and you can google it, there are many detailed tutorials online.
I am running a webservice using glassfish server on Ubuntu. The problem is - it is required to access a directory outside of its shared resource. Presently it is giving an error saying "Permission Denied". I set a permission into server.policy too.
grant codeBase "/home/glassfish/glassfish/test/-" {
permission java.security.AllPermission;
};
But it seems not working.
I tried <property name="alternatedocroot_1" value="from=*.* dir=/home/glassfish/glassfish/test"/> , but it seems it is giving only reading permission. I need write permission also. So my question is how can I set the write permission ?
Thanks.
This is not a JavaSecurity problem so you shouldn't need to tweak anything in that regard.
FWIW our web-apps deployed to GF on various flavors of Windows write to directories which are outside of the 'Application' directory using File APIs. alternatedocroot pertains to GF serving static content using the DefaultServlet not to writing outside of the Application deployment directory.
On windows when you run as Service you have to be careful that the 'Run As' user has proper permissions to write to the target directory, on Unix you need to make sure the user set by your rc (init.d) scripts that runs asadmin.sh has permissions to read/write to the target directory.
I would double check the the user that the java process GF is running under has rwx permissions on the directory your are trying to write to. Make sure that user can write to the target folder. To test this you can su to the user and use the 'touch' command like so: touch /tmp/test and verify write permissions that way. Verify read permissions similarly by running 'ls -l /tmp/test' to make sure you can read it.
See what 'ps -ef | grep java' shows to verify the user running the GF java process. Additionally in your code try specifying a full path to the test file, eg. File test = new File("/tmp/test");
Are you running GF from an rc script or are you starting it using asadmin.sh from a shell prompt? If you are running an rc script check that your rc script is really running it as the user you expect it to be.
I'm trying to test the behavior of my application when it cannot access some files due to missing permissions.
Is it possible to change file/folder permissions on an android emulator using FileExplorer in DDMS perspective?
To change permissions in the emulator you need to use the adb shell command from your adroid-sdk platform-tools. In the android shell you can enter the command su to get root access. Now you can see and change the permissions with the normal unix commands chmod
Note, that the system folder in Android is mounted read-only. You would have to remout it read-write after this tutorial:
http://android-tricks.blogspot.com/2009/01/mount-filesystem-read-write.html
Be careful in anyway to use only writable filesystems like /data or sdcardfor your application data since using restricted folders can have negative side effects in a productive environment!