Oct 29, 2012

In Depth : Android Package Manager and Package Installer

We are installing and uninstalling APK(s) every day, might be many time in a day, but have you try to get answer of following questions ?

1. What is Package Manager and Package Installer ?
2. Where APK files stores in Android ?
3. What is APK installation process in detail ?
4. How Package Manager store data ?
5. Where I can find source code of Package Manager and Package Installer ?


1. What is Package Manager and Package Installer ?

PackageInstaller is the default application for Android to install interactively normal package. PackateInstaller provide user interface to manage applications/package. PackageInstaller calls InstallAppProgress activity to receives an instruction from the user. InstallAppProgress will ask Package Manager Service to install package via indalld. Source code is available at  <Android Source>/packages/apps/PackageInstaller.


Installd  daemon's primary role is to receive request from Package Manager Service via Linux domain socket / dev/ socket/ installed. installd execute series of steps to install APK with root permission
[Ref: https://github.com/android/platform_frameworks_base/blob/master/cmds/installd/commands.c]


Package Manage is API which actually manage application install, uninstall, upgrade.When we install APK file, Package Manager parse the package(APK) file and display confirmation, When user press OK button, Package Manager call method named "installPackage" with these four parameters namely uri, installFlags, observer, installPackageName. Package Manager start one service named "package", now all fuzzy things happen in this service. you can check "PackageInstallerActivity.java" and "InstallAppProgress.java" in PackageInstaller source code. Package Manager Service running in system_service process and  install daemon (installd) that runs as a native process both start at system boot time.


2. Where APK files stores in Android ?

1. Pre-Install (i.e. Camera, Calendar, Browser,etc.) APK stored in /system/app/
2. User Install (ApiDemo, Any.do, etc.) APK stored in /data/app/
3. Package Manager create data directory /data/data/<package name>/  to store database, shared preference, native library and cache data

You might see apk file and *.odex file for same APK, ODEX file is totally different discussion and purpose.

3. What is APK installation process in detail ?

Following process execute in Package Manager Service.

- Waiting 
- Add a package to the queue for the installation process 
- Determine the appropriate location of the package installation 
- Determine installation Install / Update new 
- A copy of the apk file to a given directory 
- Determine the UID of the app 
- Request to installd daemon process 
- Create the application directory and set permissions 
- Extraction of dex code to the cache directory 
- To reflect and packages.list / system / data / packages.xml the latest status 
- Broadcast to the system along with the name of the effect of the installation is complete package 
Intent.ACTION_PACKAGE_ADDED: If the new ( Intent.ACTION_PACKAGE_REPLACED): the case of an update



4. How Package Manager store data ?

Package Manager store application information in three files, located in  /data/system. Following sample is extracted from Android 4 ICS emulator image.

1. packages.xml :This file contain list of permissions and Packages/Applications. 






.
.
.
. 







.
.
.
.








.
.
.
.
.

This xml file stores two things 1. permissions 2. package (application), permission are store under <permissions> tag. Each Permission has three attributes namely name, package and protection. Name attribute has permission name which we are using in AndroidManifest.xml, package attribute indicate permission belong to package, In majority cases "android" is values because <permission> tag contain default permissions and protection indicate level of security.

package tag contain 10 attributes and few sub tags.

Sr Attribute Name Description
1 name package name
2 codePath APK file installation location (/system/app/ or /data/app/)
3 nativeLibraryPath native library (*.so file) default path is /data/data/<package name>/lib/
4 flag Store ApplicationInfo Flags [http://developer.android.com/reference/android/content/pm/ApplicationInfo.html]
5 ft timestamp in hex format
6 lt timestamp in hex format of first time installation
7 ut timestamp in hex format of last update
8 version Version Code from AndroidManifest.xml file []http://developer.android.com/guide/topics/manifest/manifest-element.html#vcode]
9 sharedUserId The name of Linux user ID that will be shared with other applications, It is same parameter which we define in AndroidManifest.xml [http://developer.android.com/guide/topics/manifest/manifest-element.html#uid]
10 userId The name of a Linux user ID

Sub Tags
1. sigs signature information, count attribute represent number of cert tag.
2. cert  contain certification key , index attribute represent global index of certificate, I observer that it increment when new certificate install with application.
3. perms contain permission which developer has set in AndroidManifest.xml

2. packages.list : It is simple text file contain package name, user id ,flag and data directory, I can't find any perfect description but I assume it that packages.list file may provide faster lookup of installed package because it file keep important information only.

com.android.launcher 10013 0 /data/data/com.android.launcher
com.android.quicksearchbox 10033 0 /data/data/com.android.quicksearchbox
com.android.contacts 10001 0 /data/data/com.android.contacts
com.android.inputmethod.latin 10006 0 /data/data/com.android.inputmethod.latin

3. packages-stoped.xml : This file contain package list which has stopped state, Stope stated applications can not receive any broadcast. Refer this link for more information about stopped state application http://yuki312.blogspot.in/2012/03/androidbroadcaststop.html 







4. Where I can find the source code of Package Manager and Package Installer ?

Package Manager

Package Installer
packages/apps/PackageInstaller/src/com/android/packageinstaller/InstallAppProgress.java 

12 comments:

  1. get to know many things,which i didnt know...Thanks for the article

    ReplyDelete
  2. Great. I never knew this much process is happening at the time of installing and uninstalling the apk.

    Worth to read.

    ReplyDelete
  3. It was a great article KP. looking forward for the .odex article......

    ReplyDelete
  4. LOL, SP reads Ketan's Blog!!!

    ReplyDelete
  5. Wonderful Explanation

    Is it possible to make some changes in the Install class.In case how to make it in my own application....??
    Any help would be appreciated...

    ReplyDelete
  6. timbuktu11:21 PM

    I accidentally enabled package installer to install apk without scan by lookout security. How can I revert it back to scan with lookout before installing an apk? Using galaxy s3 mini with a Droid 4.1.1 I am a very simple user

    ReplyDelete
  7. Am I missing something and I also new, there is no such thing as PackageInstallerActivity.java, PackageUtil.java, and also no installPackage method is found in PackageManager.java. I am using API 1.7

    ReplyDelete
  8. Sergio Baldacchino4:39 PM

    Great read but I need some clarification. I am developing a System App, therefore I have access to InstallPackage() through reflection with the permissions granted in the Manifest file. If I need to update the version of my own application, therefore invoking InstallPackage() from the same application that needs to be updated.. what would be the behavior if installation fails? Assuming I'm setting the INSTALL_REPLACE_EXISTING flag. All I know is that PackageManager would uninstall the package and re-install it (from logs), but any Observers wouldn't work since they are within the same application, which would be killed upon un-installation.

    Do I need to invoke update from a helper application?

    ReplyDelete
  9. John Lehr12:10 AM

    Thank you for the post. I'm hoping to use packages.xml to determine installation dates for applications. Where did you obtain your meaning for the package date attributes ft, it, and ut?

    ReplyDelete
  10. Dany Poplawec8:44 PM

    Very usefull ! thanks

    ReplyDelete
  11. Wasim Memon3:10 PM

    Thanks kp for clarification about package manager.
    but i want to hide other app icon and that's why i have to change flag of that app so can you tell me how i can do this ? please .

    ReplyDelete
  12. Felipe Roche10:38 PM

    So good thanx!!!

    ReplyDelete