-
Notifications
You must be signed in to change notification settings - Fork 10
packages.txt
steadfasterX edited this page Sep 26, 2023
·
11 revisions
(this is 1-line but splitted here for better readability)
<filename-for-download-uri>|
<download-uri-without-filename>|
<install-path>|
<target-filename>;<PRESIGNED or path to certs>|
<true|false> to verify GPG signature or not| --> [1]
LOCAL_OVERRIDES_PACKAGES delimited by ";"|
LOCAL_REQUIRED_MODULES delimited by ";"
[1] note: verifying GPG signatures requires that a filename with .asc extension is on the specified repo available
set the above in 1 line like this:
<filename-for-download-uri>|<download-uri-without-filename>|<install-path>|<target-filename>;<PRESIGNED or path to certs>|<true|false>|LOCAL_OVERRIDES_PACKAGES|LOCAL_REQUIRED_MODULES
-
FDROIDREPO(download-uri): will use the f-droid repo (or mirror) specified invendor/extendrom/er.sh -
LATEST(filename. replacing a version number of an APK): instead of a specific version fetch the latest version (works for FDROID only) e.g.org.fdroid.fdroid_1012003.apkbecomesorg.fdroid.fdroid_LATEST.apk
You can control how APKs get signed / or not. If you want to sign APKs you should know that if you do not set PRODUCT_DEFAULT_DEV_CERTIFICATE in your config all APKs which are not set to PRESIGNED or PRESIGNED-extractlibs will be signed by the android testkey. If you do not care about signing /security at all then no need to do anything. Otherwise ensure you set that flag and create your own keys.
Details about how APK signing works can be found also here.
The following keywords can be used for signing:
| value | meaning |
|---|---|
<leave-empty> |
the apk will be signed with the DEFAULT_SYSTEM_DEV_CERTIFICATE
|
PRESIGNED |
the apk is already signed and so won't get signed during build |
PRESIGNED-extractlibs |
like PRESIGNED but additionally if libraries found within the apk they will be extracted and added, too. Some apps like Bromite/Chromium/Cromite will need this to work. |
<path to certs> |
the apk should be signed with this specific key stored in this path. note: that path must be available in your android sources root directory and the key must be set without an extension (e.g. user-keys/shared for the full filename and path <android-sources-dir>/user-keys/shared.x509.pem) |
testkey or platform or shared or media or networkstack
|
special AOSP keyword. ensure you are using the one matching your needs and beware of platform as this gives system wide permissions |
Replace "Launcher" and "Home" modules and sign with own generated key
itsme_LATEST.apk|FDROIDREPO|app|itsme.apk;user-keys/shared|true|Launcher;Home|libfoo;libmaa|
using a pre-signed apk
Magisk-v25.2.apk|https://github.com/topjohnwu/Magisk/releases/download/v25.2|app|Magisk.zip;PRESIGNED|false
allowing platform wide access and make it a privileged app
itsme.apk|http://dlurl.local|priv-app|itsme.apk;platform|false|MySystemApp;Home|false
using DEFAULT_SYSTEM_DEV_CERTIFICATE key (i.e. simply empty here)
itsme.apk|http://dlurl.local|app|itsme.apk;|false|Camera;Camera2|permission.xml|