Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

READ_GSERVICES permission #1366

Closed
imacks opened this issue Jan 16, 2021 · 10 comments · Fixed by #2035
Closed

READ_GSERVICES permission #1366

imacks opened this issue Jan 16, 2021 · 10 comments · Fixed by #2035
Labels
enhancement

Comments

@imacks
Copy link

imacks commented Jan 16, 2021

I am using microG on android 9. Trying to install Google VR today and com.google.vr.apps.ornament refuses to run without permission com.google.
android.providers.gsf.permission.READ_GSERVICES

Should gsf permissions be defined by in microg?
@ale5000-git
Copy link
Member

@mar-v-in

I have seen many apps that declare <uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES"/>: http://androidpermissions.com/permission/com.google.android.providers.gsf.permission.READ_GSERVICES

I think it may make sense declaring it even without add additional code for now, at least apps will get it granted.

@mar-v-in
Copy link
Member

Can you point to apps that get fixed by declaring this permission?
Also the permission originally is declared in com.google.android.gsf package, so maybe we should also declare it there.

@ale5000-git
Copy link
Member

ale5000-git commented Sep 17, 2023
edited
Loading

My phone couldn't run VR apps so I can't test but this permission is a "normal" permission so usually always granted and it doesn't seems to cause problems.

microG does have a lot of permissions declared in GmsCore that were originally in com.google.android.gsf.
I don't think apps care what package declare them and declaring in both could cause issues if they have different signatures, if we want to follow Google implementation then maybe it is better declaring them ONLY in com.google.android.gsf.

PS: I think this permission is mainly used by old apps.

@mar-v-in
Copy link
Member

Declaring in both would not work at all (you shouldn't be able to install both then). And yes, it is granted automatically when declared, but apps also typically shouldn't care if it is declared, except if they do weird other stuff with the permission - and when they do that, they might also care where the permission is declared.

That's why I was wondering about the apps affected. The com.google.vr.apps.ornament app is no longer available in Play Store, so it isn't really relevant anymore. And I doubt a lot of other apps require this permission.

@ale5000-git
Copy link
Member

I see many apps using it but now I can't remember exactly; I will look at it when I have some time.
There is also another use: apps that use old Google maps library also require this permission.

@ale5000-git
Copy link
Member

ale5000-git commented Sep 19, 2023
edited
Loading

@mar-v-in
Apps where the permission is requested:

ru.andr7e.deviceinfohw
com.liuzh.deviceinfo
com.shazam.android
com.teamsoa.gardenanswers
com.google.ar.core
com.latuabancaperandroid
com.kajda.fuelio
flar2.devcheck
com.google.android.projection.gearhead
com.google.android.apps.googlevoice
com.google.android.apps.wallpaper
com.google.android.keep
com.google.android.gm
com.google.android.ims
com.google.android.play.games
com.android.vending
com.google.android.apps.maps
com.google.android.syncadapters.contacts
com.google.android.syncadapters.calendar
com.google.android.backuptransport

This was referenced Sep 19, 2023
Merged
Closed
@fynngodau
Copy link
Contributor

For an app that expects the permission com.google.android.providers.gsf.permission.READ_GSERVICES to be declared, see https://gitlab.e.foundation/e/backlog/-/issues/5978#note_442894.

@ale5000-git
Copy link
Member

ale5000-git commented Sep 20, 2023
edited
Loading

@fynngodau
These two problems are already fixed on github code:

- Set version of fakestore (com.android.vending) to 80711100 to pass check of GMS library included in intune.
- Provide com.google.android.providers.gsf.permission.READ_GSERVICES permission

@ale5000-git
Copy link
Member

@fynngodau
PS: Why do you have maxSdkVersion="22" in the Work Account Service skeleton?

    <uses-permission
        android:name="android.permission.GET_ACCOUNTS"
        android:maxSdkVersion="22" />

android.permission.GET_ACCOUNTS is also needed on Marshmallow and Nougat if the signature of the authenticator isn't the same signature of the app.
To be on the safe side I think puttting android:maxSdkVersion="25" is safer.

@fynngodau
Copy link
Contributor

@ale5000-git

Why do you have maxSdkVersion="22" in the Work Account Service skeleton?

To answer the question: because autofix generated this snippet. I didn't give any further thought to it, and the part that uses the permission is likely to be removed or changed, if further implementation work is to be done there. (Per the issue, it is not usable as is anyhow.) Thanks for the feedback, I will consider the permission more closely as the code approaches a usable state.

These two problems are already fixed on github code:

  • Set version of fakestore (com.android.vending) to 80711100 to pass check of GMS library included in intune.

I see. Thanks for notifying me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
4 participants
@mar-v-in @ale5000-git @fynngodau @imacks