Sentry
Sentry copied to clipboard
x13a
Protect a device: sentry or wasted?
Hi, I just found sentry and found out that it is written by the same developer as wasted. I have a device with lineage os 13 rooted with magisk and no google services, so I'm looking for a way to protect it in case of loss. On sentry safe boot, USB data signalling and controller are disabled and I can't access them.
adb kill-server
adb shell dpm set-device-owner me.lucky.sentry/.admin.DeviceAdminReceiver
* daemon not running; starting now at tcp:5037
* daemon started successfully
Exception occurred while executing 'set-device-owner':
java.lang.IllegalStateException: Not allowed to set the device owner because there are already several users on the device.
at com.android.server.devicepolicy.DevicePolicyManagerService.enforceCanSetDeviceOwnerLocked(DevicePolicyManagerService.java:9588)
at com.android.server.devicepolicy.DevicePolicyManagerService.setDeviceOwner(DevicePolicyManagerService.java:8421)
at com.android.server.devicepolicy.DevicePolicyManagerServiceShellCommand.runSetDeviceOwner(DevicePolicyManagerServiceShellCommand.java:259)
at com.android.server.devicepolicy.DevicePolicyManagerServiceShellCommand.onCommand(DevicePolicyManagerServiceShellCommand.java:89)
at com.android.modules.utils.BasicShellCommandHandler.exec(BasicShellCommandHandler.java:97)
at android.os.ShellCommand.exec(ShellCommand.java:38)
at com.android.server.devicepolicy.DevicePolicyManagerService.onShellCommand(DevicePolicyManagerService.java:9932)
at android.os.Binder.shellCommand(Binder.java:1049)
at android.os.Binder.onTransact(Binder.java:877)
at android.app.admin.IDevicePolicyManager$Stub.onTransact(IDevicePolicyManager.java:6063)
at android.os.Binder.execTransactInternal(Binder.java:1285)
at android.os.Binder.execTransact(Binder.java:1244)
Thank you
Edit: I already tried with this and by removing all admin apps.
adb shell dpm remove-active-admin me.lucky.sentry/.admin.DeviceAdminReceiver
Exception occurred while executing 'remove-active-admin':
java.lang.SecurityException: Attempt to remove non-test admin ComponentInfo{me.lucky.sentry/me.lucky.sentry.admin.DeviceAdminReceiver} 0
at com.android.server.devicepolicy.DevicePolicyManagerService.lambda$forceRemoveActiveAdmin$10$com-android-server-devicepolicy-DevicePolicyManagerService(DevicePolicyManagerService.java:3593)
at com.android.server.devicepolicy.DevicePolicyManagerService$$ExternalSyntheticLambda132.runOrThrow(Unknown Source:6)
at android.os.Binder.withCleanCallingIdentity(Binder.java:425)
at com.android.server.devicepolicy.DevicePolicyManagerService$Injector.binderWithCleanCallingIdentity(DevicePolicyManagerService.java:1581)
at com.android.server.devicepolicy.DevicePolicyManagerService.forceRemoveActiveAdmin(DevicePolicyManagerService.java:3589)
at com.android.server.devicepolicy.DevicePolicyManagerServiceShellCommand.runRemoveActiveAdmin(DevicePolicyManagerServiceShellCommand.java:280)
at com.android.server.devicepolicy.DevicePolicyManagerServiceShellCommand.onCommand(DevicePolicyManagerServiceShellCommand.java:93)
at com.android.modules.utils.BasicShellCommandHandler.exec(BasicShellCommandHandler.java:97)
at android.os.ShellCommand.exec(ShellCommand.java:38)
at com.android.server.devicepolicy.DevicePolicyManagerService.onShellCommand(DevicePolicyManagerService.java:9932)
at android.os.Binder.shellCommand(Binder.java:1049)
at android.os.Binder.onTransact(Binder.java:877)
at android.app.admin.IDevicePolicyManager$Stub.onTransact(IDevicePolicyManager.java:6063)
at android.os.Binder.execTransactInternal(Binder.java:1285)
at android.os.Binder.execTransact(Binder.java:1244)
I've played around with this and the only way to remove active admin that doesn't have the android:testOnly="true" in the manifest is to factory wipe the device.
You can try this deprecated API to see if it works on your device: https://developer.android.com/reference/android/app/admin/DevicePolicyManager#clearDeviceOwnerApp%28java.lang.String%29
Source: https://stackoverflow.com/questions/49128293/how-to-remove-set-device-owner-in-android-dpm
Thank you for your reply. Lineage os 20 aka android 13 uses API level 33. I unpacked the apk with apktool and can confirm that there is no android:testOnly="true" in the manifest. I have tried to add it and rebuild, but I cannot install the package. Can the maintainer provide a package with this flag? Or are there any contraindications? Thank you
dev should add a different app signed with the same keys and this android:testOnly="true" flag in the manifest, to make it removable
Thank you for your reply. Lineage os 20 aka android 13 uses API level 33. I unpacked the apk with apktool and can confirm that there is no android:testOnly="true" in the manifest. I have tried to add it and rebuild, but I cannot install the package. Can the maintainer provide a package with this flag? Or are there any contraindications? Thank you
The application needs to be installed with adb using "adb install -t sentry.apk". Also make sure that you signed the apk file.
Thank you for your reply. Lineage os 20 aka android 13 uses API level 33. I unpacked the apk with apktool and can confirm that there is no android:testOnly="true" in the manifest. I have tried to add it and rebuild, but I cannot install the package. Can the maintainer provide a package with this flag? Or are there any contraindications? Thank you
The application needs to be installed with adb using "adb install -t sentry.apk". Also make sure that you signed the apk file.
won't work because signing certificate will be different
@x13a can you provide a signed apk with android:testOnly="true" in the manifest so that users can uninstall the app without a factory reset ?
I incorrectly set sentry as profile owner and now i can't have a work profile.
Edit: backups and find my device also don't work now
@x13a Thanks for providing the build. Unfortunately, The update fails with error code INSTALL_FAILED_UPDATE_INCOMPATIBLE. It seems that you can't update a production build to debug. Factory reset is the only way to remove profile or device owners.