Fix permissions

fix_permissions is a script included in many Android ROMs and recovery images that ensures sure apps and data match each other. The script can fix some Force Close issues on certain applications after upgrading your ROM.

Contents 1 When To Run 2 Execution 2.1 From a running ROM 2.1.1 Terminal 2.1.2 ADB 2.2 From Recovery 3 Technical details 4 Android permissions

When To Run

• If you get multiple FC (Force Close) messages after trying to run apps after installing a new ROM.
• After removing packages.xml to fix other issues.
• While Troubleshooting

Execution

From a running ROM

Terminal

To execute the fix_permissions script from the device:

• Open the "Terminal" app from the application drawer.
• Type

  su

  fix_permissions

ADB

adb shell fix_permissions

From Recovery

• In Amon_Ra's recovery, the fix_permissions script is run by selecting the 'other' menu then selecting 'Fix apk UID mismatch' .
• In CM-1.4 recovery, it must be run manually from console (alt+x on G1) or adb shell, as above from terminal except 'su' is not needed.

Technical details

In Android, each app runs as its own UID (user ID) just like multiple people would have their own UID on a big UNIX system. The reasoning is the same, to prevent apps (people) from messing with each other's data. The data for each app has to be 'owned' by the UID the app runs as, and additionally the app itself (.apk file) has to be that same UID. Unlike big UNIX systems, these IDs are stored in the packages.xml file in /data/system. This file, in addition to storing UIDs, stores the android permissions of each program as described in its manifest (permissions like writing to the sdcard, monitoring phone state, turning wifi on and off, accessing bluetooth, etc). If the file is damaged, deleted, or otherwise unreadable, it is regenerated. The app UIDs are assigned initially in the order you install them (10001, 10002, etc.). When the packages.xml regenerates, it grabs the Android permissions from the .apks but doesn't know what the old UIDs were. That's where fix_permissions comes in.

Whether run from recovery or a booted system, fix_permissions reads through the packages.xml file and performs a chown/chmod command (which changes owner/change read-write-execute permissions) on each .apk and the data directory for it. It doesn't fix Android permissions (e.g. if phone.apk lost the ability to make calls, fix_permissions wouldn't help -- see below). While CyanogenMod udpates the version of fix_permissions in the ROM on a semi-regular basis, the version in any given recovery is probably older (and recoveries aren't upgraded on devices as often, either). So if fix_permissions in recovery doesn't work, the one in the booted rom might (or vice versa).

Android permissions

Quite independent of the filesystem permissions operated on by fix_permissions, Android has its own concept of permissions, which apply to applications (rather than files). These can also be lost or damaged.

If you're looking at a logcat and see that UID 10xxx doesn't have permission SOMETHING (in all caps), it's probably a packages.xml issue, and the app should be reinstalled. If the logcat shows data directories/files as being unreadable, then fix_permissions might help.