在设备上辞职system.img [英] Resigning system.img on a device

问题描述

我的工作对设备的自动更新应用程序解决方案（LG P509 - 擎天柱1）我们部署到我们的客户。我们对这些设备进行控制，目前在其上安装一个定制内核（但不是完整的定制ROM）。由于我们正在尝试做自动更新我们的应用程序的设备上，我们需要系统由我们控制，所以我们可以登录我们的应用程序使用相同的密钥（以获取INSTALL_PACKAGES许可）的关键签署。
我一直有几个问题，运行的AOSP建立在设备上（使用LG发布源设备），和我想退一步并评估我们的选择。我有几个问题：

I am working on an automatic app updating solution for devices (LG p509 - Optimus 1) which we deploy to our customers. We have control of these devices and currently install a custom kernel on them (but not a full custom ROM). Since we are trying to do auto-updating of our app on the device, we need the system to be signed by a key which we control so we can sign our apps with the same key (to get the INSTALL_PACKAGES permission).
I have been having a few issues running AOSP builds on the device (using the LG released source for the device), and am trying to take a step back and evaluate our options. I have a few questions:

1. 是否可行，只是拉system.img关闭手机，并辞职的内容？如果是的话，哪里是系统的apk位于何处？我捅通过PackageManager来源，它采用了systempackage（貌似叫机器人）进行比较的应用程序一起看看他们是否被允许具有系统权限。
2. 有没有人在这里创建一个自定义ROM的设备可以提供有关如何只得到我们的签名是系统的签名？
一些建议

任何有识之士将AP preciated。

Any insight would be appreciated.

推荐答案

好了，我们理解了它。我不打算进入全部细节（太多写），但这里的基本精神的人谁绊倒在此：

Ok, so we figured it out. I am not going to go into full detail (too much writing), but here is the basic gist for anyone who stumbles on this:

如果您想更改该系统与签约的关键，你需要做以下步骤：

If you want change the key which the system is signed with, you need to do the following steps:

• 提取 /系统/ 从运行的电话目录
• 检查 .apk文件文件（从 /系统/应用程序和 /系统/框架）来找出哪些是由相同的密钥框架res.apk 签署。我使用的脚本的修改版本<一href="http://android.modaco.com/topic/329285-signing-roms-with-the-aosp-platform-cert-for-flibblesan/"相对=nofollow>在这里挂，以找出哪些APKS签署。
• 如果它们共享签名密钥与框架res.apk 的odexed在 /系统/应用程序的的APK ，你需要脱ODEX他们。
• 辞职的APK和框架res.apk 和包装他们在一个 update.zip （谷歌如何要做到这一点）。

• Extract /system/ dir from the running phone
• Inspect the .apk files (from /system/app and /system/framework) to figure out which ones are signed by the same key as the framework-res.apk. I used a modified version of the script linked here to figure out which APKs to sign.
• If the APKs in /system/app which share the signing key with framework-res.apk are odexed, you need to de-odex them.
• resign the APKs and the framework-res.apk and pack them in an update.zip (google how to do that).

在我的特定设备，我不得不辞职，这两个 /system/framework/framework-res.apk 和 /系统/框架/ LGE-RES apk文件从 /系统/框架，也不得不去ODEX并签署20 .apks 从 /系统/应用程序文件夹，以使一切顺利运行。

On my specific device I had to resign both /system/framework/framework-res.apk and /system/framework/lge-res.apk from /system/framework and also had to de-odex and sign 20 .apks from the /system/app folder in order to get everything running smoothly.

这篇关于在设备上辞职system.img的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！