[IDEA] OAndBackupX without root

Question

[IDEA] OAndBackupX without root

cryptomilk opened this issue 4 years ago · 13 comments

Hi,

would it be possible to run OAndBackupX without root as a system app (priv-app)? If it would have enough permissions given that sepolicy has rules for?

Answer 1 · 2020-06-19T09:08:50.000Z

It might be possible, depending whether we can get the permission to modify an app's data directory.

I guess it would be an idea to look how Google is doing it on their device backup/restore and get inspired from it.

Answer 2 · 2020-06-19T11:23:35.000Z

Related to #39

Answer 3 · 2020-06-19T16:09:06.000Z

Not really @Atrate, this is suggesting alternative to su through system permissions, the #39 is more of an adding the feature to handle apps which are saved on the sd card(which generally doesn't need root).

Answer 4 · 2020-06-21T15:06:17.000Z

Using Shizuku?
https://github.com/RikkaApps/Shizuku

Answer 5 · 2020-06-21T17:09:48.000Z

@Cyberavater thanks for the suggestion. This could work fine.

Answer 6 · 2020-10-05T12:01:35.000Z

I already have some apps using Shizuku.

While I don't really like to have more dependencies, I think it could be a good way to allow both ways.

ShellCommands already offers an abstract interface.
So, I think it can be done without much effort.

Answer 7 · 2021-05-19T17:32:12.000Z

I'd also like to voice my support for this feature. For those of us who only really use root for TitaniumBackup, it would finally mean we can stop using root, and include a suitable replacement for TitaniumBackup in our AOSP builds.

To keep things constructive, does anyone have any documentation on the full list of privapp-permissions, as well as their scopes and limitations? I can't seem to find any.

The best I could find is the list of permissions in AOSP. But they don't come with descriptions or explanations, and this might only be the list of used permissions, and not available permissions:

https://android.googlesource.com/platform/frameworks/base/+/master/data/etc/privapp-permissions-platform.xml

There is also some brief documentation on how to use these in general, but it's not particularly helpful:

https://source.android.com/devices/tech/config/perms-allowlist

I'm not an OAndBackupX developer and I'm far from an expert on Android's inner workings, but for the sake of speculation: how would using privapp-permissions work for apps that have backups disabled in their AndroidManifest? The same goes for system apps.

I'm not really sure what "Device Protected Data" is in OAndBackupX, but that also sounds like something that may be problematic without explicit root access.

For backing up system apps at least, I believe Google themselves must be using privapp-permissions in order to support their own app backup solution via Google Drive + Google Play Services, so surely it's possible from a technical standpoint.

I'm not very familiar with Shizuku, but looking at their example API, it seems to only be a frontend for adb on the device? I think this means it has the same limitations as adb, suggesting it probably wouldn't be able to back up system apps, apps with backups disabled, or anything "special."

Answer 8 · 2021-05-20T10:03:32.000Z

Thatcs true, Shizuku is more or less an ADB frontend that can provide more access, but still this won't be fully functional compared to the SU solution. That's one of the reasons am putting this on the long bank.

Half solution is no solution in this concern I'd say.

Answer 9 · 2021-05-20T14:45:39.000Z

Is Shizuku the only way forward with this, you think?

I'm curious to see how possible this is with privapp-permissions. I would still like to see some documentation on all of these permissions, just to get an idea of their functionality and limitations. Does anyone know where to find this?

Unless I'm mistaken, privapp-permissions gives Google's own backup solution access to almost all of the APIs you would need to support this (same goes for Seedvault), minus perhaps apps that have backups disabled. Honestly I'm fine with that last limitation if it means a rootless backup app. But the fact that these two apps work at all suggests that privapp-permissions does grant access to ~80% of the system APIs you'd need for this.

Answer 10 · 2021-06-28T08:44:01.000Z

tl;dr: +1

Please consider investigating a rootless option. More & more apps won't run on a rooted system and SafetyNet is making it harder to use AOSP + "good" tools on a daily basis.

I've had severe data loss trying to recover from a failed LOS install because I relied purely on LOS inbuilt Seedvault backup - an experience that brought me to OAndBackupX.

Since then, even local train transport apps have begun denying service on rooted devices (not to mention banking or health insurance). There's rootless alternatives for most apps (adblocking, firewall etc) but not for a reliable backup solution. I'd love to see OAndBackupX become that for all of us AOSP users. Thank you!

Answer 11 · 2021-06-28T17:59:26.000Z

@technopagan the way root is being squeezed out is the same way non-root permissions are being restricted. As it stands now, there's no access to such functionalities without, this won't change anytime soon. Also root can come in the coming years to an end, so yeah...

Answer 12 · 2021-09-01T18:46:57.000Z

btw. from Shizuku app:

"for devices without root, you need to use adb to start Shizuku (requires computer connection). This process needs to be repeated everytime the device is restarted."

Answer 13 · 2021-09-03T09:21:58.000Z

I think this one is a dead end. If in the future a solution pops up, I'll re-open this.