Write a script to automate Headwind MDM installation in the firmware

Question

We are developing a script on the android firmware after factory reset, which installs Headwind MDM and grants all required permissions.  So my plan is to:

1.      Install mdm APK

2.      if [ -e /data/data/com.hmdm.launcher ]; then; dpm set-device-owner com.hmdm.launcher/.AdminReceiver; fi

3.      add necessary permissions to Headwnid MDM

4.      generate /data/data/com.hmdm.launcher/shared_prefs/com.hmdm.launcher.helpers.PREFERENCES.xml, especially populate DEVICE_ID from some unique identifier like MAC addr.

Could you please advise what shell commands I need to set #3?

Answer 1

Note that if you're signing the package by platform keys, all permissions and even device owner rights are granted automatically, so you don't need to write any additional scripts (except #4 where you're trying to populate the DEVICE_ID).

If the package is not signed by platform keys, you will need to perform steps 2 and 3.

The sensitive Android permissions are stored in /data/system/appops.xml. There should be the following record:

<pkg n="com.hmdm.launcher">

<uid n="10126" p="false">

<op n="24" m="0" />

<op n="66" m="0" />

<op n="73">

<st n="1503238553601" t="1597652409034" />

</op>

These lines contain the sensitive permissions:

<op n="24" m="0" /> Allow drawing over other apps

<op n="66" m="0" /> Request install packages

<op n="73"> Access to usage history

The UID doesn't seem to be significant, seems like you can use any value (10000+x).

Non-sensitive Android permissions are stored in /data/system/packages.xml. The entry will be: <package name="com.hmdm.launcher"...>

The device owner rights are stored in separate files, see details here: https://qa.h-mdm.com/2042/