Android Q：卸载后权限保持状态

Question

I am having an app which is targeting android 27 API. I am testing this app from playstore on device Android Q which work managed device. Steps i followed on device Android Q having build build 6 -

1. Installed app and allowed all the permissions(additional permission also which are custom permissions).
2. Uninstalled app from device.
3. Installed again app from playstore and found that app is asking custom permission only instead no permission.

Is it the expected behavior? Anyone know how this is?

Answer 1

This is something called Auto Backup .

Files that are backed up

By default, Auto Backup includes files in most of the directories that are assigned to your app by the system:

1. Shared preferences files.
2. Files saved to your app's internal storage, accessed by getFilesDir() or getDir(String, int).
3. Files in the directory returned by getDatabasePath(String), which also includes files created with the SQLiteOpenHelper class.
4. Files on external storage in the directory returned by getExternalFilesDir(String).

Auto Backup excludes files in directories returned by getCacheDir(), getCodeCacheDir(), or getNoBackupFilesDir(). The files saved in these locations are only needed temporarily, or are intentionally excluded from backup operations.

You can manage it by AndroidManifest.xml . See android:allowBackup

<manifest ... >
    ...
    <application android:allowBackup="true" ... >
        ...
    </application>
</manifest>

EDIT

android:fullBackupContent="false"
android:fullBackupOnly="false"

There are 2 more rules available to set.

EDIT 2

I just found more useful information at the android official website. see here

Note: Any permissions a user grants to your app are automatically backed up and restored by the system on devices running Android 7.0 (API 24) or newer. However, if a user uninstalls your app, then the system clears any granted permission and the user must grant them again.

My best guess is there should be some difference(like 24hours) until the user settings/permissions will be deleted from the system device/cloud.

Hopes this will answer your query in some way.

Answer 2

Regarding whether this is an expected behavior in Android Q: This issue does not reproduce on Android Q emulator. I guess it counts as a baseline.

More technical details :

Runtime permissions logic in Android is mostly located in PackageManagerService (mostly book keeping for each package) and ActivityManagerService (mostly request runtime permission logic)

When package gets deleted, the data cleanup method removePackageDataLIF gets called. It is responsible for cleaning up everything including the app permissions. This logic hasn't changed Android Q.

The permissions info is stored in system data directory, not the application's so the app data backup doesn't affect it either.

But the question remains : How could this happen?

One of the possible explanations could be the flag PackageManager.DELETE_KEEP_DATA

You can easily delete package while keeping its data directory after uninstall:

$ adb shell cmd package uninstall -k your.app.id

(-k is for keep data)

Now to check whether the permissions are kept in place along with the data directory:

$ adb root && adb shell cat /data/system/users/0/runtime-permissions.xml | grep your.app.id -A 10

(this command requires a debuggable phone firmware build)

Looking at the source of removePackageDataLIF and trying it on my Pixel with debuggable firmware the application permission is kept intact if you kept its data.

---

Another explanation

PackageManagerService has an another interesting method setKeepUninstalledPackages Which basically forces android to keep all the data for specified apps even if they were uninstalled.

As you said the device is work managed. Usually management is done with DevicePolicyManager . One of the available policies is setKeepUninstalledPackages , which calls the mentioned above PackageManagerService method.

Please check your Device admin app code to verify.