user1118764
Reputation: 9835
Where are Android device properties stored?
When I do a getprop in adb to get certain device properties, where are these device properties stored? Is it in some configuration file, the init file, or within the Android framework/kernel?
Upvotes: 1
Views: 3329
Answers (2)
Mai Ngọc Vinh
Reputation: 1
When I run the command
getprop | grep warranty
in terminal when booting into recovery. Output is
ro.boot.warranty_bit 1
When booting into the OS, there will be one more property that is
ro.warranty_bit 1
Here is how to fake knox status with sh file, I don't quite understand because I accidentally saw it somewhere, in a zip file with anykernel ...etc. You can consult
#!/sbin/sh
#
#. /tmp/anykernel/core.sh
# remove a knox file
rm_knox_changer() {
#cd /sbin;
delete sbin/knox_changer;
#cd ../;
}
# remove the knox lines which contain [1-9]
knox_lines_with_number() {
#file contexts
sed -i '\|^/data/\\.container|d' file_contexts;
sed -i '\|^/data/container2|d' file_contexts;
sed -i '\|^/data/knox_otp|d' file_contexts;
sed -i '\|^/data/knox/secure_fs|d' file_contexts;
sed -i '\|^/data/clipboard1|d' file_contexts;
sed -i '\|^/mnt/shell/emulated/|d' file_contexts;
sed -i '\|^/mnt/shell/knox-emulated/|d' file_contexts;
sed -i '\|^/data/knox/data/|d' file_contexts;
sed -i '\|^/data/knox/sdcard/|d' file_contexts;
sed -i '\|^/data/user/|d' file_contexts;
sed -i '\|^/storage/(emulated|d' file_contexts;
sed -i '\|^/mnt/knox/|d' file_contexts;
sed -i '\|^/mnt/shell/enc_|d' file_contexts;
sed -i '\|^#/mnt/user/|d' file_contexts;
sed -i '\|^/mnt/runtime/|d' file_contexts;
sed -i '\|^/storage/emulated/|d' file_contexts;
}
remove_knox() {
mount -o rw,remount -t auto /system;
mount -o rw,remount -t auto /data;
rm -f /system/bin/auditd;
delete_recursive /system/etc/secure_storage/com.sec.knox.store;
#rm -f drsd;
delete /system/bin/edmaudit /system/bin/epmlogd;
#/system/lib
delete /system/lib/libknoxdrawglfunction.so;
# /system/framework
delete /system/framework/fipstimakeystore.jar /system/framework/timakeystore.jar /system/framework/sec_edm.jar;
# /system
delete /system/tima_measurement_info /system/preloadedkiosk /system/preloadedsso;
delete_recursive /system/container /system/containers /system/preloadedmdm;
# /system/app
delete_recursive /system/app/BBCAgent /system/app/BCService /system/app/ELMAgent /system/app/KnoxAppsUpdateAgent /system/app/KnoxAttestationAgent /system/app/KnoxAttestationAgent /system/app/KnoxFolderContainer /system/app/KnoxSetupWizardClient /system/app/KnoxSwitcher /system/app/mcRegistry /system/app/MDMApp /system/app/MyKNOXSetupWizard /system/app/RCPComponents /system/app/SamsungDLPService /system/app/SecurityLogAgent /system/app/SilentLog /system/app/SysScope /system/app/UniversalMDMClient;
# /system/priv-app
delete_recursive /system/priv-app/DiagMonAgent /system/priv-app/Fmm /system/priv-app/FotaAgent /system/priv-app/KLMSAgent /system/priv-app/SKMSAgent /system/priv-app/SOAgent /system/priv-app/SPDClient /system/priv-app/wssyncmlnps2;
#rm -rf /system/priv-app/StatementService;
# Removing Knox from /data partition
delete_recursive /data/clipboard/knox /data/data/com.sec.enterprise.knox.attestation /data/data/com.sec.enterprise.knox.cloudmdm.smdms /data/data/com.sec.knox.seandroid /data/data/com.sec.knox.store /data/data/com.sec.knox.containeragent /data/data/com.sec.knox.app.container /data/data/com.sec.knox.eventsmanager /data/data/com.sec.knox.bridge /data/data/com.sec.knox.knoxsetupwizardclient /data/data/com.sec.knox.setupwizardstub /data/data/com.samsung.android.walletmanager /data/data/com.samsung.klmsagent /data/data/com.samsung.knox.rcp.components;
if grep -q ro.config.low_ram "/system/build.prop"; then
echo " ";
else
sed -i '/ro.product.board/a ro.config.low_ram=true' /system/build.prop;
fi;
sed -i -e '/ro.securestorage.knox/c\ro.securestorage.knox=false' /system/build.prop;
#sed -i -e '/ro.securestorage.support/c\ro.securestorage.support=false' /system/build.prop;
sed -i -e '/ro.config.knox/c\ro.config.knox=0' /system/build.prop;
sed -i -e '/ro.config.tima/c\ro.config.tima=0' /system/build.prop;
mount -o ro,remount -t auto /system;
mount -o rw,remount -t auto /data;
}
rm_knox_changer;
# file_contexts
# remove_line file_contexts "/data/clipboard1[0-9][0-9](/.*)? u:object_r:knox_clipboard_file:s0"
# remove_line file_contexts "/data/.container_[1-9](/.*)? u:object_r:container_app_data_backend:s0"
# remove_line file_contexts "/mnt/shell/emulated/([1-9])?[0-9](/.*)? u:object_r:media_rw_data_file:s0"
# remove_line file_contexts "/mnt/shell/knox-emulated/1[0-8][0-9](/.*)? u:object_r:container_app_data_backend:s0"
# remove_line file_contexts "/mnt/shell/knox-emulated/19[0-4](/.*)? u:object_r:container_app_data_backend:s0"
# remove_line file_contexts "/data/knox/data/19[5-9](/.*)? u:object_r:bbccontainer_app_data_backend:s0"
# remove_line file_contexts "/data/knox/sdcard/19[5-9](/.*)? u:object_r:bbccontainer_app_data_backend:s0"
# remove_line file_contexts "/mnt/shell/knox-emulated/19[5-9](/.*)? u:object_r:bbccontainer_app_data_backend:s0"
remove_line file_contexts "# Device node of knox_common"
remove_line file_contexts "## Knox Sensitive data protection, DEK engine driver access"
remove_line file_contexts "/dev/dek_evt u:object_r:knox_dar_device:s0"
remove_line file_contexts "/dev/dek_kek u:object_r:knox_dar_device:s0"
remove_line file_contexts "/dev/dek_log u:object_r:knox_dar_device:s0"
remove_line file_contexts "/dev/dek_req u:object_r:knox_dar_shared_device:s0"
remove_line file_contexts "/dev/sdp_mm u:object_r:knox_dar_device:s0"
remove_line file_contexts "/dev/knox_kap u:object_r:knox_kap_device:s0"
remove_line file_contexts "/dev/sdp_dlp u:object_r:knox_dar_device:s0"
remove_line file_contexts "# System files of knox_common"
remove_line file_contexts "/system/bin/auditd u:object_r:auditd_exec:s0"
#remove_line file_contexts "/system/bin/drsd u:object_r:drsd_exec:s0"
remove_line file_contexts "/system/bin/edmaudit u:object_r:edmaudit_exec:s0"
remove_line file_contexts "/system/bin/epmd u:object_r:epmd_exec:s0"
remove_line file_contexts "/system/bin/epmlogd u:object_r:epmlogd_exec:s0"
remove_line file_contexts "# DATA file of knox_common"
remove_line file_contexts "/data/clipboard/knox(/.*)? u:object_r:knox_clipboard_file:s0"
remove_line file_contexts "/data/container(/.*)? u:object_r:container_app_data_backend:s0"
remove_line file_contexts "/data/knox(/.*)? u:object_r:container_app_data_backend:s0"
remove_line file_contexts "/data/security/aasa(/.*)? u:object_r:security_spota_file:s0"
remove_line file_contexts "/data/security/spota(/.*)? u:object_r:security_spota_file:s0"
remove_line file_contexts "/data/system/container(/.*)? u:object_r:container_system_file:s0"
remove_line file_contexts "# KNOX package root"
remove_line file_contexts "# /mnt/runtime/"
remove_line file_contexts "# /mnt/knox/"
remove_line file_contexts "# /storage/emulated/"
remove_line file_contexts "# AfW"
remove_line file_contexts "/data/knox_tima(/.*)? u:object_r:tima_keystore_file:s0"
remove_line file_contexts "/data/misc/tima_keystore(/.*)? u:object_r:tima_keystore_file:s0"
remove_line file_contexts "/data/misc/tz_esecomm(/.*)? u:object_r:tima_keystore_file:s0"
remove_line file_contexts "/data/KEqvTaYEYkuJr1Mn+t-SwFvbgYo_(/.*)? u:object_r:tima_keystore_file:s0"
remove_line file_contexts "/system/bin/tima_dump_log u:object_r:tima_dump_exec:s0"
knox_lines_with_number;
remove_section file_contexts "# DATA file of knox_common" "/data/system/container(/.*)? u:object_r:container_system_file:s0"
remove_line file_contexts "/data/misc/audit(/.*)? u:object_r:audit_log:s0"
remove_line file_contexts "/dev/socket/epm u:object_r:epm_socket:s0"
remove_line file_contexts "/dev/socket/ppm u:object_r:epm_socket:s0"
remove_line file_contexts "/system/bin/tima_dump_log u:object_r:tima_dump_exec:s0"
remove_line file_contexts "/data/KEqvTaYEYkuJr1Mn+t-SwFvbgYo_(/.*)? u:object_r:tima_keystore_file:s0"
remove_line file_contexts "/data/misc/tima(/.*)? u:object_r:tima_log:s0"
#== remove_line file_contexts "/dev/mobicore u:object_r:mobicore_device:s0"
#== remove_line file_contexts "/dev/mobicore-user u:object_r:mobicore-user_device:s0"
#== remove_line file_contexts "/system/bin/mcDriverDaemon u:object_r:mobicoredaemon_exec:s0"
#== remove_line file_contexts "/system/bin/mcDriverDaemonQC u:object_r:mobicoredaemon_exec:s0"
#remove_line file_contexts "/system/bin/mdm_helper u:object_r:mdm_helper_exec:s0"
#remove_line file_contexts "/system/bin/mdm_helper_proxy u:object_r:mdm_helper_exec:s0"
#remove_line file_contexts "/system/bin/ks u:object_r:mdm_helper_exec:s0"
#remove_line file_contexts "/dev/mdm u:object_r:radio_device:s0"
#remove_line file_contexts "/#####/dev/mdm u:object_r:mdm_device:s0"
#remove_line file_contexts "/dev/mdm u:object_r:radio_device:s0"
#remove_line file_contexts "/dev/mdm u:object_r:radio_device:s0"
# init.container.rc
remove_line init.container.rc " # create Container (KNOX 1.0) mountpoints for KNOX Migration"
remove_line init.container.rc " mkdir /knox_data 0775 root system"
remove_line init.container.rc " mkdir /knox_data/userdata 0775 system system"
remove_line init.container.rc " mkdir /knox_data/appdata 0775 system system"
remove_line init.container.rc " mkdir /mnt/shell 0750 shell shell"
remove_line init.container.rc " mkdir /mnt/shell/knox-emulated 0700 system system"
remove_line init.container.rc " symlink /mnt/shell/knox-emulated /storage/knox-emulated"
remove_line init.container.rc " mkdir /mnt/shell/private_default 0700 system system"
remove_line init.container.rc " mkdir /mnt/shell/private_read 0700 system system"
remove_line init.container.rc " mkdir /mnt/shell/private_write 0700 system system"
remove_line init.container.rc " # From M OS, FS for ext has been seperated"
remove_line init.container.rc " mkdir /mnt/knox 0700 root root"
remove_line init.container.rc " # SDP USER 0, SECURE FS"
remove_line init.container.rc " mkdir /mnt/shell/enc_emulated 0700 system system"
remove_line init.container.rc " mkdir /mnt/shell/enc_media 0700 system system"
remove_line init.container.rc " mkdir /mnt/runtime/default/enc_emulated 0755 system system"
remove_line init.container.rc " mkdir /mnt/runtime/read/enc_emulated 0755 system system"
remove_line init.container.rc " mkdir /mnt/runtime/write/enc_emulated 0755 system system"
#remove_line init.container.rc " chown system system /dev/dek_evt"
#remove_line init.container.rc " chmod 600 /dev/dek_evt"
#remove_line init.container.rc " chown system 8001 /dev/dek_req"
#remove_line init.container.rc " chmod 660 /dev/dek_req"
#remove_line init.container.rc " chown system 8001 /dev/dek_kek"
#remove_line init.container.rc " chmod 660 /dev/dek_kek"
#remove_line init.container.rc " chown system 8001 /dev/sdp_mm"
#remove_line init.container.rc " chmod 660 /dev/sdp_mm"
#remove_line init.container.rc " chown system 8001 /dev/sdp_dlp"
#remove_line init.container.rc " chmod 660 /dev/sdp_dlp"
remove_line init.container.rc "on post-fs-data"
remove_line init.container.rc " # create knox filesystem structure"
remove_line init.container.rc " mkdir /data/knox 0771 system system"
remove_line init.container.rc " mkdir /data/knox/data 0771 system system"
remove_line init.container.rc " mkdir /data/knox/sdcard 0771 system system"
remove_line init.container.rc " mkdir /data/knox/ext_sdcard 0771 system system"
remove_line init.container.rc " mkdir /data/knox/app 0771 system system"
remove_line init.container.rc " mkdir /data/knox/tmp 0771 system system"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard 0700 system system"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/default 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/read 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/write 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/default/knox-emulated 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/read/knox-emulated 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/write/knox-emulated 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/default/emulated 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/read/emulated 0700 root root"
remove_line init.container.rc " mkdir /data/knox/tmp_sdcard/write/emulated 0700 root root"
remove_line init.container.rc " export KNOX_STORAGE /data/knox/ext_sdcard"
remove_line init.container.rc " # SDP USER 0, SECURE FS"
remove_line init.container.rc " mkdir /data/enc_user 0771 system system"
remove_line init.container.rc " mkdir /data/knox/secure_fs 0771 system system"
remove_line init.container.rc " mkdir /data/knox/secure_fs/enc_user 0771 system system"
remove_line init.container.rc " mkdir /data/knox/secure_fs/enc_media 0771 system system"
remove_line init.container.rc " export ENC_EMULATED_STORAGE_TARGET /storage/enc_emulated"
remove_line init.container.rc " restorecon /data/knox"
remove_line init.container.rc "#group system log shell"
remove_line init.container.rc "service epmlogd /system/bin/epmlogd"
remove_line init.container.rc " class main"
remove_line init.container.rc " user system"
remove_line init.container.rc " group system log shell"
remove_line init.container.rc " oneshot"
remove_line init.container.rc "# virtual sdcard daemon running as system (1000)"
remove_line init.container.rc "service knox /system/bin/sdcard /data/knox/sdcard /mnt/shell/knox-emulated 1000 1000"
remove_line init.container.rc " class late_start"
remove_line init.container.rc " oneshot"
remove_line init.container.rc " # virtual sdcard daemon running as system (1000)"
remove_line init.container.rc " #service secure_fs /system/bin/sdcard -r /data/knox/secure_fs/enc_media /mnt/shell/enc_media 1000 1000"
remove_line init.container.rc " # class late_start"
remove_line init.container.rc " # oneshot"
remove_line init.container.rc " start knox"
# init.environ.rc
replace_line init.environ.rc " export BOOTCLASSPATH /system/framework/core-libart.jar:/system/framework/conscrypt.jar:/system/framework/okhttp.jar:/system/framework/core-junit.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/telephony-common.jar:/system/framework/voip-common.jar:/system/framework/ims-common.jar:/system/framework/apache-xml.jar:/system/framework/org.apache.http.legacy.boot.jar:/system/framework/sec_edm.jar:/system/framework/sagearpolicymanager.jar:/system/framework/timakeystore.jar:/system/framework/commonimsinterface.jar:/system/framework/imsmanager.jar:/system/framework/sprengine.jar:/system/framework/smartbondingservice.jar:/system/framework/secEmailBC.jar:/system/framework/com.broadcom.bt.jar:/system/framework/secocsp.jar:/system/framework/knoxvpnuidtag.jar:/system/framework/simageis.jar:/system/framework/sec_sdp_sdk.jar:/system/framework/sec_sdp_hidden_sdk.jar:/system/framework/seccamera.jar:/system/framework/qcom.fmradio.jar:/system/framework/tcmiface.jar:/system/framework/qcmediaplayer.jar:/system/framework/com.qti.dpmframework.jar:/system/framework/dpmapi.jar" " export BOOTCLASSPATH /system/framework/core-libart.jar:/system/framework/conscrypt.jar:/system/framework/okhttp.jar:/system/framework/core-junit.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/telephony-common.jar:/system/framework/voip-common.jar:/system/framework/ims-common.jar:/system/framework/apache-xml.jar:/system/framework/org.apache.http.legacy.boot.jar:/system/framework/sagearpolicymanager.jar:/system/framework/commonimsinterface.jar:/system/framework/imsmanager.jar:/system/framework/sprengine.jar:/system/framework/smartbondingservice.jar:/system/framework/secEmailBC.jar:/system/framework/com.broadcom.bt.jar:/system/framework/secocsp.jar:/system/framework/knoxvpnuidtag.jar:/system/framework/simageis.jar:/system/framework/sec_sdp_sdk.jar:/system/framework/sec_sdp_hidden_sdk.jar:/system/framework/seccamera.jar:/system/framework/qcom.fmradio.jar:/system/framework/tcmiface.jar:/system/framework/qcmediaplayer.jar:/system/framework/com.qti.dpmframework.jar:/system/framework/dpmapi.jar"
# init.rc
remove_line init.rc "# KNOX KAP"
remove_line init.rc " chown system system /dev/knox_kap"
remove_line init.rc " chmod 0660 /dev/knox_kap"
remove_line init.rc "# AFW mode"
remove_line init.rc "service afw_enable /sbin/knox_changer -f"
remove_line init.rc " class main"
remove_line init.rc " seclabel u:r:kapd:s0"
remove_line init.rc " disabled"
remove_line init.rc " oneshot"
remove_line init.rc "service afw_disable /sbin/knox_changer -s"
remove_line init.rc " class main"
remove_line init.rc " seclabel u:r:kapd:s0"
remove_line init.rc " disabled"
remove_line init.rc " oneshot"
remove_line init.rc "on property:security.knox_afw_mode=true"
remove_line init.rc " start afw_enable"
remove_line init.rc "on property:security.knox_afw_mode=false"
remove_line init.rc " start afw_disable"
#== remove_line init.rc "# Mobicore"
#== remove_line init.rc " mkdir /data/app/mcRegistry 0775 system system"
#== remove_line init.rc " mkdir /data/app/mcRegistry/TbStorage 0700 system system"
remove_line init.rc "service kap_enable /sbin/knox_changer -e"
remove_line init.rc " class main"
remove_line init.rc " disabled"
remove_line init.rc " oneshot"
remove_line init.rc "service kap_disable /sbin/knox_changer -d"
remove_line init.rc " class main"
remove_line init.rc " disabled"
remove_line init.rc " oneshot"
remove_line init.rc "on property:security.knox_kap_mode=true"
remove_line init.rc " start kap_enable"
remove_line init.rc "on property:security.knox_kap_mode=false"
remove_line init.rc " start kap_disable"
remove_line init.rc "## Knox"
remove_line init.rc " socket epm stream 0660 system system"
remove_line init.rc " socket ppm stream 0660 system system"
remove_line init.rc "## audit"
remove_line init.rc " # for audit message"
remove_line init.rc " chown system system /proc/avc_msg"
remove_line init.rc " chmod 0660 /proc/avc_msg"
remove_line init.rc " mkdir /data/misc/audit 02775 audit system"
remove_line init.rc "## EDM AuditLog"
remove_line init.rc "service edmaudit /system/bin/edmaudit"
remove_line init.rc " class main"
remove_line init.rc " user root"
remove_line init.rc "service auditd /system/bin/auditd -k"
remove_line init.rc " class main"
remove_line init.rc " seclabel u:r:auditd:s0"
remove_line init.rc " disabled"
remove_line init.rc " oneshot"
remove_line init.rc "on property:init.svc.bootanim=stopped"
remove_line init.rc " start auditd"
remove_line init.rc "#start SEC_PRODUCT_FEATURE_COMMON_SUPPORT_SE_FOR_ANDROID"
remove_line init.rc "# Reload SE Android Policy for MDM"
remove_line init.rc "on property:persist.security.mdm.policy=1"
remove_line init.rc " setprop selinux.reload_policy 1"
remove_line init.rc "#end SEC_PRODUCT_FEATURE_COMMON_SUPPORT_SE_FOR_ANDROID"
# set ZEN scheduler default
line_old='write /sys/block/mmcblk0/queue/scheduler cfq'
line_new='write /sys/block/mmcblk0/queue/scheduler zen'
#sed -i "s%$line_old%$line_new%g" init.rc
# init.target.rc
remove_line init.target.rc "on property:ro.securestorage.knox=true"
remove_line init.target.rc " mkdir /dev/.secure_storage"
remove_line init.target.rc " chmod 0711 /dev/.secure_storage"
remove_line init.target.rc " chown system system /dev/.secure_storage"
remove_line init.target.rc " restorecon -R /dev/.secure_storage"
remove_line init.target.rc " start secure_storage"
# property_contexts
remove_line property_contexts "audit.ondenial u:object_r:denial_prop:s0"
remove_line property_contexts "persist.security.ams. u:object_r:container_mgmt_prop:s0"
remove_line property_contexts "persist.security.good. u:object_r:good_mgmt_prop:s0"
remove_line property_contexts "persist.security.tlc. u:object_r:tlc_mgmt_prop:s0"
remove_line property_contexts "persist.security.mdm. u:object_r:policy_mgmt_prop:s0"
remove_line property_contexts "persist.sys.drs.date u:object_r:drs_date_prop:s0"
remove_line property_contexts "security.knox_kap_mode u:object_r:knox_kap_prop:s0"
remove_line property_contexts "persist.sys.kap.status u:object_r:knox_kap_prop:s0"
remove_line property_contexts "persist.sys.kap.date u:object_r:knox_kap_prop:s0"
#== remove_line property_contexts "sys.mobicoredaemon.enable u:object_r:mobicore_prop:s0"
# seapp_contexts
remove_line seapp_contexts "user=system seinfo=platform name=com.sec.knox.containeragent domain=knox_system_app type=system_app_data_file"
remove_line seapp_contexts "user=_app seinfo=platform name=com.sec.knox.store domain=store_app type=store_app_data_file"
remove_line seapp_contexts "user=_app seinfo=knox_untrusted name=com.centrify.mdm.samsung domain=knox_untrusted_app type=app_data_file"
remove_line seapp_contexts "user=_app seinfo=knox_untrusted name=com.samsung.knoxemm.mdm domain=knox_untrusted_app type=app_data_file"
# service_contexts
remove_line service_contexts "kioskmode u:object_r:system_service:s0"
remove_line service_contexts "knoxcustom u:object_r:system_service:s0"
remove_line service_contexts "knox_ccm_policy u:object_r:system_service:s0"
remove_line service_contexts "knox_ucm_policy u:object_r:system_service:s0"
remove_line service_contexts "knox_secm_policy u:object_r:system_service:s0"
remove_line service_contexts "knox_pinpad_service u:object_r:system_service:s0"
remove_line service_contexts "knox_scep_policy u:object_r:system_service:s0"
remove_line service_contexts "knox_vpn_policy u:object_r:system_service:s0"
remove_line service_contexts "mdm.remotedesktop u:object_r:system_service:s0"
remove_line service_contexts "auditlog u:object_r:system_service:s0"
remove_line service_contexts "edmnativehelper u:object_r:system_service:s0"
remove_line service_contexts "edm_proxy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_container_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_billing_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_isl_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_license_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_premium_vpn_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_shared_device_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_sso_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_user_space_sso_policy u:object_r:system_service:s0"
remove_line service_contexts "enterprise_vpn_policy u:object_r:system_service:s0"
remove_line service_contexts "ESEMDMService u:object_r:ese_service:s0"
remove_line service_contexts "knox_timakeystore_policy u:object_r:system_service:s0"
remove_line service_contexts "tima u:object_r:system_service:s0"
## Remove Knox apks
remove_knox;
# ============================================================
#
# EDIT DEFAULT.PROP
#
# ============================================================
replace_line $ramdisk/default.prop "persist.security.ams.enforcing=3" "persist.security.ams.enforcing=0"
replace_line $ramdisk/default.prop "ro.secure=1" "ro.secure=0"
replace_line $ramdisk/default.prop "ro.debuggable=0" "ro.debuggable=1"
replace_line $ramdisk/default.prop "ro.adb.secure=1" "ro.adb.secure=0"
replace_line $ramdisk/default.prop "persist.sys.usb.config=mtp" "persist.sys.usb.config=mtp,adb"
insert_line $ramdisk/default.prop "# SELinux & Knox related" after "persist.sys.usb.config=mtp,adb" "###";
insert_line $ramdisk/default.prop "# SELinux & Knox related" after "###" "# SELinux & Knox related";
insert_line $ramdisk/default.prop "androidboot.selinux=0" after "# SELinux & Knox related" "androidboot.selinux=0";
insert_line $ramdisk/default.prop "ro.securestorage.knox=false" after "androidboot.selinux=0" "ro.securestorage.knox=false";
insert_line $ramdisk/default.prop "ro.securestorage.support=false" after "ro.securestorage.knox=false" "ro.securestorage.support=false";
insert_line $ramdisk/default.prop "ro.security.mdpp.ux=Disabled" after "ro.securestorage.support=false" "ro.security.mdpp.ux=Disabled";
insert_line $ramdisk/default.prop "ro.config.tima=0" after "ro.security.mdpp.ux=Disabled" "ro.config.tima=0";
insert_line $ramdisk/default.prop "ro.config.timaversion=0" after "ro.config.tima=0" "ro.config.timaversion=0";
insert_line $ramdisk/default.prop "ro.config.dmverity=false" after "ro.config.timaversion=0" "ro.config.dmverity=false";
insert_line $ramdisk/default.prop "ro.config.rkp=false" after "ro.config.dmverity=false" "ro.config.rkp=false";
insert_line $ramdisk/default.prop "ro.config.kap_default_on=false" after "ro.config.rkp=false" "ro.config.kap_default_on=false";
insert_line $ramdisk/default.prop "ro.config.kap=false" after "ro.config.kap_default_on=false" "ro.config.kap=false";
insert_line $ramdisk/default.prop "ro.config.knox=0" after "ro.config.kap=false" "ro.config.knox=0";
Upvotes: 0
Programming4life
Reputation: 350
Its a simple plain text file located at:
/system/build.prop
Note: This file can be modified if the device is rooted.
Upvotes: 1
Related Questions
- where does ansroid.os.SystemProperties store its key/values?
- Get device configuration of android mobile
- Where does Android save properties
- Where is the database saved in a device?
- Retrieving configuration of my android device programmatically
- How to programmatically find device configurations?
- Accessing the "Settings" of device in android
- What device information can be accessed in android
- Android Device Database
- How to get android device properties