Welcome to Headwind MDM Q&A, where you can ask questions and receive answers from other members of the community.

IMPORTANT: Please notify the team about your question by filling in the form on the contact page. Otherwise, we may miss your question!

0 votes
We are developing a script on the android firmware after factory reset, which installs Headwind MDM and grants all required permissions.  So my plan is to:

1.      Install mdm APK

2.      if [ -e /data/data/com.hmdm.launcher ]; then; dpm set-device-owner com.hmdm.launcher/.AdminReceiver; fi

3.      add necessary permissions to Headwnid MDM

4.      generate /data/data/com.hmdm.launcher/shared_prefs/com.hmdm.launcher.helpers.PREFERENCES.xml, especially populate DEVICE_ID from some unique identifier like MAC addr.

Could you please advise what shell commands I need to set #3?
by

1 Answer

0 votes

Note that if you're signing the package by platform keys, all permissions and even device owner rights are granted automatically, so you don't need to write any additional scripts (except #4 where you're trying to populate the DEVICE_ID).

If the package is not signed by platform keys, you will need to perform steps 2 and 3.

The sensitive Android permissions are stored in /data/system/appops.xml. There should be the following record:

<pkg n="com.hmdm.launcher">

<uid n="10126" p="false">

<op n="24" m="0" />

<op n="66" m="0" />

<op n="73">

<st n="1503238553601" t="1597652409034" />

</op>

These lines contain the sensitive permissions:

<op n="24" m="0" /> Allow drawing over other apps

<op n="66" m="0" /> Request install packages

<op n="73"> Bind accessibility service

Non-sensitive Android permissions are stored in /data/system/packages.xml. The entry will be: <package name="com.hmdm.launcher"...>

by (8k points)
...