1.3.1 二進制(可執行)分發來源

App Manager 通過以下渠道發布。 非官方來源可能分發 App Manager 的修改版本，後果自負。

1. F-Droid ¹
   Link: https://f-droid.org/packages/io.github.muntashirakon.AppManager

2. GitHub repository.
   Normal releases: https://github.com/MuntashirAkon/AppManager/releases
   Debug releases: https://github.com/MuntashirAkon/AppManager/actions

3. Telegram.
   Normal releases: https://t.me/AppManagerChannel
   Debug releases: https://t.me/AppManagerDebug

1.3.2 源碼鏈接

除了GitHub外其他都是鏡像鏈接。tags 應當始終是最新的，但 master 分支不保證是 最新的。如果計劃 clone master 分支，請使用 GitHub 鏈接而不是其他鏈接。

1. GitHub: https://github.com/MuntashirAkon/AppManager

2. GitLab: https://gitlab.com/muntashir/AppManager

3. Codeberg: https://codeberg.org/muntashir/AppManager

4. Riseup: https://0xacab.org/muntashir/AppManager

1.3.3 翻譯

App Manager 不接受直接通過PR/MR進行的翻譯。翻譯僅通過 Weblate 進行自動化管理。 要加入翻譯團隊，請訪問 https://hosted.weblate.org/engage/app-manager/。

1.4.1 構建說明

在位於源碼根目錄下的BUILDING文件中可以獲得編譯指導。

1.4.2 提交補丁

除GitHub之外的倉庫目前被視為鏡像，在這些網站提交的 PR/MR 將不被接受. ² 相反，patches (.patch 文件) 可以通過電子郵件附件提交。請務必對Commits簽名(Signing-off) 更多信息請參見位於源碼根目錄下的CONTRIBUTING文件.

2.1.1 批處理

批處理也可以在這個頁面內進行。 多選模式可以由點擊任何應用圖標或長按列表中的任何一項進入。 進入後，僅需單擊列表中的任何一項便可選中，而不是打開應用程序詳情頁。 該模式下，批處理操作位於位於頁面底部的多選菜單，包括包括：

• 將選中應用添加到 配置

• 備份、恢覆或刪除應用程序

• 阻止應用中的追蹤器

• 清除應用數據或緩存

• 啟用/停用/強制停止/卸載應用程序

• 導出屏蔽規則

• 阻止應用的後台操作 (Android 7 及更高版本)

• 導出APK文件到 AppManager/apks

• 設置聯網規則

2.1.2 顏色代碼含義

• 淺灰橙(日間模式下) / 深藍(夜間模式下) – 多選模式下被選中的應用

• 淺紅(日間模式下) / 深紅 (夜間模式下) – 停用的應用

• 黃色星標 – 可調試的應用

• 橙色 日期 – 應用可讀取日志

• 橙色 UID – 用戶 ID 在應用間被共享

• 橙色 SDK – 使用明文網絡通信(如 HTTP)

• 紅色 包名 – 應用禁止清除數據

• 紅色備份標識 – 已卸載的應用存在一個或多個備份

• 橙色備份標識 – 備份過期, 如基本備份中包含已安裝的應用的舊版本

• 深藍綠色 備份標識 – 備份在期, 如基本備份中包含已安裝應用的相同或更高版本

• 深藍綠色 包名 – 已強行停止運行的應用

• 深藍綠色 版本 – 不活躍的應用

• 紫紅 – 常駐應用(一直運行的應用)

2.1.3 應用類型

一個應用程序可以是 用戶 或 系統 應用，同時存在以下後綴:

• X – 支持多種架構

• 0 – 不含dex文件

• ° – 已暫停應用

• # – 應用程序請求系統分配一個大堆，即 大運行時內存

• ? – 應用程序請求虛擬機處於安全模式。

2.1.4 版本信息

版本名稱有以下前綴:

• _ – 沒有硬件加速（減慢應用中的過渡動畫）

• ~ – 僅測試模式

• debug – 可調試應用

2.1.5 選項菜單

選項菜單提供了幾個選項，可用以對列出的應用程序進行排序和過濾， 以及轉到 App Manager 內或外的不同頁面。

2.2.1 顏色代碼含義

本頁中使用的顏色列表及它們的含義：

• 正紅 (日間) / 深紅 (夜間) – 危險權限或, 被阻止的組件(使用App Manager操作)

• 亮紅 (日間) / 緋紅 (夜間) – 被阻止的組件(其他應用操作)

  注意.

  表示在 App Manager 之外禁用(阻止)的組件, 標記為禁用(阻止)的組件並不意味著它被用戶禁用,它也可能是被系統禁用的, 或者在其清單(Android-Manifest.xml)中被標記為禁用(阻止)。被停用的應用程序也會被系統（和App Manager）視為禁用(阻止)。

• 鮮橙 (日間) / 深橙 (夜間) – 追蹤器組件

• 亮紫 (日間) / 深紫 (夜間) – 正在運行的組件

2.2.2 應用信息

應用信息 選項卡包含關於一個應用程序的基本信息, 許多操作可以在此標簽中執行.

2.2.3 組件選項卡

活動(Activities)、服務(Services)、廣播接收器(Receivers)和 內容提供者(Providers) 統稱為應用程序組件. 它們共享在許多相似特征，如，它們都有一個 名稱、一個 標簽、一個 圖標 並且通過 意圖(Intent) 執行. 應用程序組件是應用的本構造，必須在應用程序清單中聲明. 應用程序清單是存儲應用程序特定元數據的文件，Android 通過讀取元數據來處理應用。

這些選項卡中使用的顏色在 §2.2.1 中進行了解釋。也可以在彈出菜單對列表進行排序.

2.2.4 權限選項卡

App Ops, 使用權限 and 權限 選項卡與權限相關。 安卓中，在不具有相同身份（稱為 shared ID）的應用或進程之間進行通信常常需要權限，其由權限控制器管理。 一些被視為普通 的權限，若它們出現在應用程序清單中，則會自動授予，但危險權限 和 開發 權限需要用戶確認。 選項卡中使用的顏色在 §[subsec:app-details-color-codes] 中有解釋。

2.2.5 簽名選項卡

Signatures are actually called signing information. An application is signed using one or more signing certificates by the application developers before publishing it. The integrity of an application i.e. whether the application is from the actual developer and isn’t modified by other people can be checked using the signing information; because when an application is modified by an unauthorised entity, the application cannot be signed using the original certificates again because the signing information are kept private by the actual developer. Signing information can be verified using checksums. Checksums are generated from the certificates themselves. If the developer supplies the checksums for the signing certificates, they can be matched against the checksums generated in the Signatures tab to verify the application. For example, if you have downloaded App Manager from GitHub or Telegram Channel, you can verify whether the application is actually released by me by simply matching the following SHA256 checksum with the one displayed in this tab:

320c0c0fe8cef873f2b554cb88c837f1512589dcced50c5b25c43c04596760ab

Several hashing algorithms are used to generate checksums in this tab. They include MD5, SHA1, SHA256 and SHA512.

2.2.6 共享庫選項卡

Shared libraries tab lists all the legacy JAR dependencies as well as JNI (Java native interface) libraries. For JNI libraries, it specifies platform (x86/x86_64/ARM/AArch64), architecture (32/64 bit), object type (shared object or executable), etc.

2.2.7 其他選項卡

Other tabs list android manifest components such as features and configurations. A complete description about these tabs may be available in the future.

2.3.1 Block/Unblock Trackers

This option can be used to block or unblock the ad/tracker components from the installed applications. On selecting this option, App Manager will ask if it should list trackers from all the applications or only from the user applications. Novice users should avoid blocking trackers from the system applications in order to avoid bad consequences. After that, a multi-choice dialog box will appear where it is possible to exclude one or more applications from this operation. The changes are applied immediately on pressing the block or unblock button.

2.3.2 Block Components…

This option can be used to block certain application components as specified by their signatures. A signature of a component is the full name or partial name of the component. For safety, it is recommended to add a . (dot) at the end of each partial signature, because the underlying algorithm searches and matches the components in a greedy manner. It is also possible to insert more than one signature in which case all the signatures have to be separated by white spaces. Similar to the option above, there is also an option to apply blocking to the system applications.

2.3.3 Set Mode for App Ops…

This option can be used to configure certain applcation operations of all or selected applications. There are two fields. The first field can be used to insert more than one app op constants (either names or values) separated by white spaces. It is not always possible to know in advance about all the app op constants as they vary from device to device and from OS to OS. Desired app op constant can be found in the App Ops tab located in the App Details page. The second field can be used to insert or select one of the modes that will be set against the specified app ops.

2.3.4 備份

1-Click options for back up. As a precaution, it lists the affected backups before performing any operation.

2.3.5 恢覆

1-Click options for restore. As a precaution, it lists the affected backups before performing any operation.

2.3.6 Trim Caches in All Apps

Delete caches from all applications, including Android system. During this operation, caches of all the running applications may not be cleared as expected.

2.4.1 選項菜單

There are two options menu in this page. The three dots menu in the top-right corner offers two options: presets and import.

• Presets. This option lists a number of built-in profiles that can be used as a starting point. The profiles are generated from the project Universal Android Debloater.
  

  See also: FAQ: What are bloatware and how to remove them?

• Import. This option can be used to import an existing profile that was previously exported from App Manager.

Long clicking on any profile item brings up another options-menu. It offers the following options:

• Apply now…. This option can be used to apply the profile directly. When clicked, a dialog will be displayed where it is possible to select a profile state. On selecting one of the options, the profile will be applied immediately.

• Delete. Clicking on delete will remove the profile immediately without any warning.

• Duplicate. This option can be used to duplicate the profile. When clicked, a dialog will be displayed where it is possible to set a name for the new profile. On clicking “OK”, profile page will be loaded by duplicating all the configurations that this profile have. However, the profile will not be saved until it is saved manually.

• Export. Export the profile to an external storage. Profile exported this way can be imported via the import option as mentioned above.

• Create shortcut. This option can be used to create a shortcut for the profile. When clicked, there will be two options: Simple and Advanced. When configured with the latter option, it prompts the user to select a profile state when the shortcut is invoked. The former option, on the other hand, always uses the default state that was configured when the profile was last saved.

2.5.1 選項菜單

The three dots menu in the top-right corner opens the options-menu. It contains several options such as–

• Apply. This option can be used to apply the profile. When clicked, a dialog will be displayed where you can select a profile state. On selecting one of the options, the profile will be applied immediately.

  Notice.

  When you apply a profile, if some packages do not match the criteria, they will simply be ignored.

• Save. Save changes to the profile.

  Notice.

  Changes are never saved automatically. You have to save them manually from here.

• Discard. Discard any modifications made since the last save operation.

• Delete. Clicking on delete will remove the profile immediately without any warning.

• Duplicate. This option can be used to duplicate the profile. When clicked, a dialog will be displayed where it is possible to set a name for the new profile. On clicking “OK”, this page will be reloaded by duplicating all the configurations that this profile have. However, the profile will not be saved until it is saved manually.

• Create shortcut. This option can be used to create a shortcut for the profile. When clicked, there will be two options: Simple and Advanced. When configured with the latter option, it prompts the user to select a profile state when the shortcut is invoked. The former option, on the other hand, always uses the default state that was configured when the profile was last saved.

2.5.2 應用程序選項卡

Apps tab lists the packages configured in this profile. Packages can be added or removed using the plus button located near the bottom of the screen. Packages can also be removed by long clicking on them (in which case, a popup will be displayed with the only option delete).

2.5.3 配置選項卡

Configurations tab can be used to configure the selected packages.

2.6.1 界面語言

配置應用內語言， App Manager 目前支持19種語言。

2.6.2 Appearance

2.6.3 Privacy

2.6.4 操作模式

Mode of operation defines how App Manager works as a whole. It has the following options:

• Auto. Let App Manager decide the suitable option. Although this is the default option, non-rooted users should use the no-root mode.

• Root. Operate App Manager in root mode. App Manager will fall back to no-root mode if root is not detected, or in rare cases when Binder communication through root is disabled (e.g. in Phh SuperUser).

• ADB over TCP. Operate App Manager in ADB mode via ADB over TCP. App Manager will fall back to no-root mode if ADB over TCP is not enabled.

• Wireless debugging. Enable ADB via Wireless Debugging. It will try to connect to the configured port automatically at first. On failure, it will ask the user to either pair or connect to the ADB daemon manually. App Manager will fall back to no-root mode if it fails to connect to the ADB daemon this way.

  Info.

  This option is only displayed in devices running Android 11 or later as Wireless Debugging was introduced in Android 11.

• No-root. Operate App Manager in no-root mode. While App Manager performs better in this mode, all the root- or ADB-specific features will be disabled.

It also displays the currently inferred mode of operation. The actual mode of operations are root, ABD and no-root.

2.6.5 APK 簽名

2.6.6 安裝器

2.6.7 備份/恢覆

與 備份恢覆 相關的設置.

2.6.8 規則

2.6.9 Advanced

2.6.10 關於設備

Display Android version, security, CPU, GPU, battery, memory, screen, languages, user info, etc.

2.7.1 缺少簽名

At the bottom of the page, there is a special item denoting the number of missing signatures (i.e. missing classes). The missing signatures are the ones that AM has failed to match against any known libraries. The number itself has no particular meaning as many libraries contain hundreds of classes, but clicking on the item will bring up a dialog containing the signatures which is helpful in inspecting the missing signatures. This feature is only intended for people who know what a missing signature is and what to do with it, other users should ignore it.

2.8.1 意圖(Intent)過濾器

Intent filters are used by the applications to specify the tasks they are able to perform or the tasks they are going to perform using other applications. For example, when you’re opening a PDF file using a file manager, the file manager will try to find the applications to open the PDF with. To find the right applications, the file manager will create an Intent with filters such as the MIME type and ask the system to retrieve the applications capable of opening this filter. The system will search through the Manifest of the installed applications to match the filter and list the application components that are able to open this filter (in our case the PDF). At this, either the file manager will open the desired application component all by itself or use a system provided option to open it. If multiple application components are able to open it and no default is set, you may get a prompt where you have to choose the right application component.

http://search.disroot.org/?q=URI%20in%20Android%20scheme&categories=general&language=en-US
https://developer.android.com/reference/android/net/Uri
file:///sdcard/AppManager.apk
mailto:email@example.com
content://io.github.muntashirakon.AppManager.provider/23485af89b08d87e898a90c7e/AppManager.apk

2.8.2 匹配的活動(Activity)

List all the activity components that matches the Intent. This is internally determined by the system (rather than App Manager). The launch button next to each component can be used to launch them directly from App Manager.

2.8.3 重置為默認

Reset the Intent to its initial state.

2.8.4 發送編輯過的意圖(Intent)

Resend the edited Intent to the destination application. This may open a list of applications where the desired application is needed to be selected. The result received from the target application will be sent to the source application. As a result, the source application will not know if there was a man-in-the-middle.

3.1.1 啟用開發者選項

3.1.2 啟用USB調試

After locating the developer options, enable Developer option (if not already). After that, scroll down a bit until you will find the option USB debugging. Use the toggle button on the right-hand side to enable it. At this point, you may get an alert prompt where you may have to click OK to actually enable it. You may also have to enable some other options depending on device vendor and ROM. Here are some examples:

3.1.3 在PC或Mac上配置ADB

In order to enable ADB over TCP, you have to set up ADB in your PC or Mac. Lineage OS users can skip to §3.1.4.1.

cd ~/Downloads && curl -o platform-tools.zip -L \
https://dl.google.com/android/repository/platform-tools-latest-darwin.zip && \
unzip platform-tools.zip && rm platform-tools.zip && cd platform-tools

3.1.4 配置經由TCP的ADB

3.1.5 參考

1. How to Install ADB on Windows, macOS, and Linux

2. Android Debug Bridge (adb)

3. How to fix USB debugging greyed out?

3.2.1 Enable developer options and USB Debugging

See §3.1.1 and §3.1.2.

3.2.2 Enable Wireless Debugging

In the Developer options page, find Wireless debugging and click to open it. In the new page, turn on Use wireless debugging. Depending on your configuration, you might see a dialog prompt asking you to verify your decision. If that is the case, click Allow.

3.2.3 Pair ADB with App Manager

Keeping the Wireless debugging page open, go to the Recents page either by swiping up or by using the dedicated navigation button, and click on the Settings logo to enable Split screen. It will wait for you to select or launch another application: Launch or select App Manager.

Now, in App Manager and navigate to Settings and then enable Wireless debugging in Mode of operation. After a few moments, App Manager will ask you to either connect or pair ADB. Select pair.

In the Wireless debugging page (now should be on top among the splits), select Pair device with pairing code. At this, a dialog prompt will be displayed. Note down the pairing code but DO NOT close the dialog prompt or the window.

Finally, in App Manager, insert the pairing code and click pair. The port number should be detected automatically. If it cannot, you have to insert the port number as well.

If the pairing is successful, it will display a successful message at the bottom, and the dialog prompt in the Wireless debugging page will be dismissed automatically, and you will be able to see App Manager listed as an ADB client.

3.2.4 Connect App Manager to ADB

App Manager should be able to connect to ADB automatically if the mode of operation is set to auto, ADB over TCP or Wireless debugging. If that is not the case, select Wireless debugging in the settings page. If App Manager fails to detect or connect to ADB, it will display a dialog prompt to connect or pair ADB. Select connect.

Now, navigate to the Wireless debugging page in Android settings, and note down the port number displayed in the page. In App Manager’s dialog prompt, replace the port number with the one that you have noted earlier, and click connect.

Once a connection has been established, you can safely disable Wireless debugging in Android settings.

3.3.1 位置

Back up/restore is a part of batch operations. It is also located inside the options menu in the App Info tab. Clicking on Backup/Restore opens the Backup Options. Backups are located at /storage/emulated/0/AppManager by default. You can configure custom backup location in the settings page in which case the backups will be located at the AppManager folder in the selected volume.

3.3.2 備份選項

Backup options (internally known as backup flags) let you customise the backups on the fly. However, the customisations will not be remembered for the future backups. If you want to customise this dialog, use Backup Options in the Settings page.

A complete description of the backup options is given below:

• APK files. Whether to back up the APK files. This includes the base APK file along with the split APK files if they exist.

• Internal data. Whether to back up the internal data directories. These directories are located at /data/user/<user_id> and (for Android N or later) /data/user_de/<user_id>.

• External data. Whether to back up data directories located in the internal memory as well as SD Card (if exists). External data directories often contain non-essential app data or media files (instead of using the dedicated media folder) and may increase the backup size. However, it might be essential for some apps. Although it isn’t checked by default (as it might dramatically increase the size of the backups), you may have to check it in order to ensure a smooth restore of your backups.

  Caution.

  Internal data folders should always be backed up if you are going to back up the external data folders. However, it could be useful to back up only the external folders if the app in question downloads a lot of assets from the Internet.

• OBB and media. Whether to back up or restore the OBB and the media directories located in the external storage or the SD Card. This is useful for games and the graphical software which actually use these folders.

• Cache. Android apps have multiple cache directories located at every data directories (both internal and external). There are two types of cache: cache and code cache. Enabling this option excludes both cache directories from all the data directories. It is generally advised to exclude cache directories since most apps do not clear the cache regularly (for some reason, the only way an app can clear its cache is by deleting the entire cache directory) and usually handled by the OS itself. Apps such as Telegram may use a very large cache (depending on the storage space) which may dramatically increase the backup size. When it is disabled, AM also ignores the no_backup directories.

• Extras. Backup/restore app permissions, net policy, battery optimization, SSAID, etc., enabled by default. Note that, blocking rules are applied after applying the extras. So, if an item is present in both places, it will be overwritten (i.e., the one from the blocking rules will be used).

• Rules. This option lets you back up blocking rules configured within App Manager. This might come in handy if you have customised permissions or block some components using App Manager as they will also be backed up or restored when you enable this option.

• Backup Multiple. Whether this is a multiple backup. By default, backups are saved using their user ID. Enabling this option allows you to create additional backups. These backups use the current date-time as the default backup name, but you can also specify custom backup name using the input field displayed when you click on the Backup button.

• Custom users. Backup or restore for the selected users instead of only the current user. This option is only displayed if the system has more than one user.

• Skip signature checks. When taking a backup, checksum of every file (as well as the signing certificate(s) of the base APK file) is generated and stored in the checksums.txt file. When you restore the backup, the checksums are generated again and are matched with the checksums stored in the said file. Enabling this option will disable the signature checks. This option is applied only when you restore a backup. During backup, the checksums are generated regardless of this option.

  Caution.

  You should always disable this option to ensure that your backups are not modified by any third-party applications. However, this would only work if you enabled encryption.

3.3.3 備份

Backup respects all the backup options except Skip signature checks. If base backups (i.e., backups that don’t have the Backup Multiple option) already exist, you will get a warning as the backups will be overwritten. If Backup Multiple is set, you have an option to input the backup name, or you can leave it blank to use the current date-time.

3.3.4 恢覆

Restore respects all the backup options and will fail if APK files option is set, but the backup doesn’t contain such backups or in other cases, if the app isn’t installed. When restoring backups for multiple packages, you can only restore the base backups (see backup section for an explanation). However, when restoring backups for a single package, you have the option to select which backup to restore. If All users option is set, AM will restore the selected backup for all users in the latter case but in the former case, it will restore base backups for the respective users.

3.3.5 刪除備份

Delete backup only respects All users option and when it is selected, only the base backups for all users will be deleted with a prompt. When deleting backups for a single package, another dialog will be displayed where you can select the backups to delete.

3.4.1 Generating authorization key

In order to ensure proper security, an authorization key is required. To generate a authorization key, go to Settings page and then click Authorization Manager at the bottom. If an authorization key has not been generated, it will be generated automatically. The key can be regenerated as required.

3.4.2 Configuring tasks

The activity io.github.muntashirakon.AppManager.crypto.auth.AuthFeatureDemultiplexer is responsible for handling all the automations. Sending an intent to the activity lets App Manager perform the designated operation by redirecting the Intent to the designated activity or service.

3.4.3 Features

App Manager current support a single feature, namely profile.

3.4.4 Triggering a profile

In order to trigger a profile, feature must have the value profile. In addition, the following extras can be included:

1. prof. (String value – required) The name of the profile as displayed in the Profiles page.

2. state. (String value – optional) State of the profile – currently on or off – as specified in the documentation. If this extra is not set, App Manager will display a prompt where a state must be selected. Therefore, for complete automation, this option should be set.

4.1.1 什麽是應用組件？

Activities, services, broadcast receivers (or only receivers) and content providers (or only providers) are jointly called application components. More technically, they all inherit the ComponentInfo class and can be launched via Intent.

4.1.2 追蹤器或其他組件在App Manager中是如何被禁用的？其局限性是什麽？

App Manager typically blocks application components (or tracker components) using a method called Intent Firewall (IFW), it is superior to other methods such as pm (PackageManager), Shizuku or any other method that uses the package manager to enable or disable the components. If a component is disabled by the latter methods, the application itself can detect that the component is being blocked and can re-enable it as it has full access to its own components. (Many deceptive applications actually do this in order to keep the tracker components unblocked.) On the other hand, IFW is a true firewall and the application cannot detect if its components are being blocked. App Manager uses the term block rather than disable for this reason.

Even IFW has some limitations which are primarily applicable for the system applications:

• The application in question is whitelisted by the system i.e. the system cannot function properly without these applications and may cause random crashes. These applications include but not limited to Android System, System UI, Phone Services. They will continue to work even if they are disabled or blocked.

• Another system application or system process has activated a specific component of the application in question via interprocess communication (IPC). In this case, the component will be activated regardless of blocking status or even if the entire application is disabled. If there is such a system application that is not needed, the only way to prevent it from running is by getting rid of it.

4.1.3 被其他工具禁用的應用程序組件是否保留在App Manager中？

No. But the application components blocked by the system or any other tools are displayed in the component tabs. These rules can be imported from Settings. However, it is not possible for App Manager to distinguish the components blocked by the third-party tools and components blocked by the system. Therefore, the applications listed in the import page should be selected with care.

4.1.4 被 App Manager 禁用但同時也被其他工具禁用的組件會發生什麽？

App Manager blocks the components again if requested. In case of unblocking, they will be reverted to the default state as specified in the manifest of the application. But if the components were blocked by MyAndroidTools (MAT) with IFW method, they will not be unblocked by App Manager as it uses a different format. To fix this issue, the rules have to be imported from Settings at first, in which case MAT’s configurations will be permanently removed.

4.1.5 什麽是即時組件禁用？

When you block a component in the App Details page, the blocking is not applied by default. It is only applied when you apply blocking using the Apply rules option in the top-right menu. If you enable instant component blocking, blocking will be applied as soon as you block a component. If you choose to block tracker components, however, blocking is applied automatically regardless of this setting. You can also remove blocking for an application by simply clicking on Remove rules in the same menu in the App Details page. Since the default behaviour gives you more control over applications, it is better to keep instant component blocking option disabled.

4.1.6 跟蹤器類與跟蹤器組件

All application components are classes but not all classes are components. In fact, only a few of the classes are components. That being said, scanner page displays a list of trackers along with the number of classes, not just the components. In all other pages, trackers and tracker components are used synonymously to denote tracker components, i.e. blocking tracker means blocking tracker components, not tracker classes.

4.2.1 我必須在每次重啟後啟用ADB over TCP嗎？

Unfortunately, yes. This is because the ADB daemon, the process responsible for ADB connection, is also restarted after a reboot, and it does not re-enable ADB over TCP.

4.2.2 無法啟用 USB 調試，怎麽辦？

See §3.1.2 in Chapter 3.

4.2.3 我可以使用 ADB over TCP 來禁用跟蹤器或任何其他應用程序組件嗎？

ADB has limited number of permissions and controlling application components is not one of them. However, the components of a test-only app can be controlled via ADB. If App Manager detects such an application, it enables the blocking options automatically.

4.2.4 哪些功能可以在ADB模式下使用？

Supported features are enabled automatically in the ADB mode. Supported features include disabling, force-stopping, clearing application data, granting or revoking app ops and permissions, and so on. It is also possible to install or uninstall applications without any prompt from the system.

4.3.1 我不使用root/ADB，是否完全安全？

Yes. AM cannot modify any system settings without root or ADB.

4.3.2 跟蹤器和庫是如何更新的？

Trackers and libraries are updated manually before making a new release.

4.3.3 Are APKs deleted after installed?

No, APKs aren’t deleted by App Manager after they are installed.

4.3.4 對於 Shizuku 有何計劃？

App Manager’s use of hidden API and privileged code execution is now much more complex and cannot be integrated with other third party apps such as Shizuku. Here are some reasons for not considering Shizuku (which now has Apache 2.0 license) for App Manager:

1. Shizuku was initially non-free which led me to use a similar approach for App Manager to support both root and ADB

2. App Manager already supports both ADB and root which in some cases is more capable than Shizuku

3. Relying on a third-party app for the major functionalities is not a good design choice

4. Integration of Shizuku will increase the complexity of App Manager.

4.3.5 什麽是預裝(bloatware)軟件以及如何刪除？

Bloatware are the unnecessary apps supplied by the vendor or OEM and are usually system apps. These apps are often used to track users and collect user data which they might sell for profits. System apps do not need to request any permission in order to access device info, contacts and messaging data, and other usage info such as your phone usage habits and everything you store on your shared storage(s).

The bloatware may also include Google apps (such as Google Play Services, Google Play Store, Gmail, Google, Messages, Dialer, Contacts), Facebook apps (the Facebook app consists of four or five apps), Facebook Messenger, Instagram, Twitter and many other apps which can also track users and/or collect user data without consent given that they all are system apps. You can disable a few permissions from the Android settings but be aware that Android settings hides almost every permission any security specialist would call potentially dangerous.

If the bloatware were user apps, you could easily uninstall them either from Android settings or AM. Uninstalling system apps is not possible without root permission. You can also uninstall system apps using ADB, but it may not work for all apps. AM can uninstall system apps with root or ADB (the latter with certain limitations, of course), but these methods cannot remove the system apps completely as they are located in the system partition which is a read-only partition. If you have root, you can remount this partition to manually purge these apps but this will break Over the Air (OTA) updates since data in the system partition has been modified. There are two kind of updates, delta (small-size, consisting of only the changes between two versions) and full updates. You can still apply full updates, but the bloatware will be installed again, and consequently, you have to delete them all over again. Besides, not all vendors provide full updates.

Another solution is to disable these apps either from Android settings (no-root) or AM, but certain services can still run in the background as they can be started by other system apps using Inter-process Communication (IPC). One possible solution is to disable all bloatware until the service has finally stopped (after a restart). However, due to heavy modifications of the Android frameworks by the vendors, removing or disabling certain bloatware may cause the System UI to crash or even cause bootloop, thus, (soft) bricking your device. You may search the web or consult the fellow users to find out more about how to debloat your device.

From v2.5.19, AM has a new feature called profiles. The profiles page has an option to create new profiles from one of the presets. The presets consist of debloating profiles which can be used as a starting point to monitor, disable, and remove the bloatware from a proprietary Android operating system.

5.1.1 背景介紹

AM currently supports blocking activities, broadcast receivers, content providers, services, app ops and permissions, and in future I may add more blocking options. In order to add more portability, it is necessary to import/export all these data.

Maintaining a database should be the best choice when it comes to storing data. For now, several tsv files with each file having the name of the package and a .tsv extension. The file/database will be queried/processed by the RulesStorageManager class. Due to this abstraction, it should be easier to switch to database or encrypted database systems in future without changing the design of the entire project. Currently, All configuration files are stored at /data/data/io.github.muntashirakon.AppManager/Files/conf.

5.1.2 規則文件格式

    <name> <type> <mode>|<component_status>|<is_granted>

 <package_name> <component_name> <type> <mode>|<component_status>|<is_granted>

6.1.1 Android 13 support

App Manager now targets Android 13 which means most issues in Android 12 and 13 has been addressed, including SSAID and SAF issues as well as monochrome icons and other theming issues.

6.1.2 Introducing freeze/unfreeze

Enable/disable is replaced with freeze/unfreeze to allow greater control on the behaviours of an app. It supports suspend, disable and hide functionalities which can be controlled at Settings > Rules > Default freezing method. In order to make it easy to freeze or unfreeze an app, shortcuts can also be created from the App Info tab by long clicking on the freeze or unfreeze button.

6.1.3 Export app list

In the Main page, it is now possible to export the list of apps in either XML or Markdown format using batch operations. In the future, the XML file may also be imported to App Manager.

6.1.4 Elliptic Curve Crypography (ECC)

App Manager now fully supports encrypting backups using ECC in addition to offering AES, RSA and OpenPGP.

6.1.5 New languages

Two new languages are added: Korean and Romanian.

6.1.6 More list options

In the main page, more sorting and filtering options are added. Sorting options include sorting the apps by total size, total data usage, launch count, screen time and last usage time. Filtering options include filtering the apps having at least one item in the Android KeyStore, filtering apps with URIs granted via SAF, and filtering apps with SSAID.

6.1.7 Improved handling of mode of operation

Fixed various issues with ADB pairing, handled incomplete USB debugging. Some rooting methods cannot allow interprocess communication via Binder. In those cases, ADB mode is used as a fallback method by enabling it automatically if possible.

6.1.8 Handling multiple users

When possible, App Manager will be able to display apps from work profile in no-root mode in addition to allowing basic operations such as launching the app or navigating to the system settings. For backups, it is now possible to restore backups for other users, but for work profile, some apps may only work properly after re-enabling the work profile. In the installer page, selecting All users will now install the app for all users instead of only the current user. Finally, in the app info tab, current app can be installed in another profile using the Install for… option available in the three-dots menu. This is analogous to the pm install-existing command, thereby, making the installation process a lot faster.

6.1.9 Explorer enhancements

Explorer can now open DEX and JAR files in addition to APK files. Several sorting options as well as folder options are also added as the list options.

6.1.10 New tag: WX

In app info tab, a new tag called WX is added. It is displayed in Android 10 and later if the application targets Android 9 or earlier. It indicates W^X violation which allows the app to execute arbitrary executable files either by the modification of executables embedded within the app or by downloading them from the Internet.

6.1.11 App ops management

App ops are now managed automatically to avoid various app ops related crashes in various platforms. This will also lessen the amount of crashes in an unsupported operating system.

6.1.12 Batch uninstallation

In the Main page, enabled batch uninstallation in no-root mode.

6.1.13 Running apps

Enabled advanced searching. Searching now matches not only app labels but also package names.

6.1.14 Interceptor

Copy the intercepted Intent as am command which can be run from either an ADB shell or a terminal using root with the same effectiveness.

6.1.15 Device-specific changes

6.1.16 Others

• Improved Java-Smali conversion by including all the subclasses during conversion

• Improved scanning performance in the Scanner page

• Improved updating the list of apps in the Main page

• Scan all the available paths to detect systemless-ly installed system apps

• vacuum SQLite database before opening it for viewing or editing.

6.2.1 Material 3 and More

Material 3, somewhat similar to Material You, is a significant improvement over Material Design 2 with support for dynamic colours in Android 12 and later. In addition, many design changes have been made in App Manager without any significant changes in the overall user experience.

6.2.2 Wireless Debugging

Wireless debugging support has been fully implemented. Head over to §3.2 for instructions on how to configure wireless debugging.

6.2.3 Languages

App Manager is fully translated into Indonesian and Italian languages and can be enabled in settings. Bengali is removed due to lack of translators.

6.2.4 Introducing App Explorer

App Explorer can be used to browse the contents of an application. This includes binary XML files, DEX contents or any other media files. DEX contents can only be explored in Android Oreo (Android 8) and later. It’s also possible to convert an .smali file into .java for a better understanding of the reversed code. This feature, if not needed, can be disabled in Settings > Enable/disable features.

6.2.5 Import Backups from Other Applications

It is possible to import backups from discontinued or obsolete applications such as Titanium Backup, OAndBackup and Swift Backup (version 3.0 to 3.2). Go to Setting > Backup/restore to find this option.

6.2.6 VirusTotal

VirusTotal is a widely used tool to scan files and URLs for viruses. In the scanner page and in the running apps page, an option to scan files with VirusTotal has been added. But the option is hidden by default. To enable the option, it is necessary to obtain an API key from VirusTotal. Go to Settings > VirusTotal API Key for more information.

6.2.7 Trigger Profiles from the Automation Software

As the implementation of routine operations is being delayed, an option to trigger profiles from the external automation software is added. See §3.4 for instructions on how to configure profile automation.

6.2.8 Improved Application Installer

Application installer includes several improvements including the ability to downgrade applications in no-root mode, installing multiple applications at once and blocking trackers after installation. In Android 12 and later, no-root users can update applications without any user interactions.

6.2.9 Component Blocking

It is now possible to configure how App Manager should block a component. Visit Settings > Rules > Default blocking method for more information. In the components tab, long clicking the block/unblock button opens a context menu which allows per-component blocking in a similar manner. ADB users can also block the components of a Test only app.

6.2.10 Advanced Searching

In some pages, the search bar supports additional searching which includes searching via prefix, suffix or even regular expressions. In the main page, it is also possible to search for applications using the first letters of each word, e.g. App Manager can be listed by searching for am.

6.2.11 Shared Libraries

Shared libraries tab has received a significant improvements. It can display three types of libraries, such as native, jar and APK files.

6.2.12 Make the Best Use of Interceptor

Activity interceptor can be opened directly from the activities tab by long clicking on the launch button, and similarly, activities can be launched from the activity interceptor page with or without root, for any users.

6.2.13 Widget: Screen Time

Screen time widget is quite similar to Digital Wellbeing’s widget by the same name. It displays the total screen time for the day along with the top three apps from all users.

6.2.14 Widget: Clear Cache

Clear cache widget can be to clear cache from all the applications directly from the home screen.

6.3.1 Introducing Backups

Back up/restore feature is now finally out of beta! Read the corresponding guide to understand how it works.

6.3.2 Introducing Log Viewer

Log viewer is essentially a front-end for logcat. It can be used to filter logs by tag or pid (process ID), or even by custom filters. Log levels AKA verbosity can also be configured. You can also save, share and manage logs.

6.3.3 Lock App Manager

Lock App Manager with the screen lock configured for your device.

6.3.4 Extended Modes for App Ops

You can set any mode for any app ops that your device supports, either from the 1-click ops page or from the app ops tab.

6.3.5 New Batch Ops: Add to Profile

You can now easily add selected apps to an existing profile using the batch operations.

6.3.6 App Info: Improved

App info tab now has many options, including the ability to change SSAID, network policy (i.e. background network usage), battery optimization, etc. Most of the tags used in this tab are also clickable, and if you click on them, you will be able to look at the current state or configure them right away.

6.3.7 Advanced Sort and Filtering Options in the Main Page

Sort and filter options are now replaced by List Options which is highly configurable, including the ability to filter using profiles.

6.3.8 About This Device

Interested in knowing about your device in just one page? Go to the bottom of the settings page.

6.3.9 Enable/disable Features

Not interested in all the features that AM offers? You can disable some features in settings.

6.3.10 New Languages

AM now has more than 19 languages! New languages include Farsi, Japanese and Traditional Chinese.

6.3.11 Signing the APK Files

You can now import external signing keys in AM! For security, App Manager has its own encrypted KeyStore which can also be imported or exported.

6.3.12 New Extension: UnAPKM

Since APKMirror has removed encryption from their APKM files, it’s no longer necessary to decrypt them. As a result, the option to decrypt APKM files has been removed. Instead, this option is now provided by the UnAPKM extension which you can grab from F-Droid. So, if you have an encrypted APKM file and have this extension installed, you can open the file directly in AM.

6.4.1 Introducing Profiles

Profiles finally closes the related issue. Profiles can be used to execute certain tasks repeatedly without doing everything manually. A profile can be applied (or invoked) either from the Profiles page or from the home screen by creating shortcuts. There are also some presets which consist of debloating profiles taken from Universal Android Debloater.

6.4.2 The Interceptor

Intent Intercept works as a man-in-the-middle between source and destination, that is, when you open a file or URL with another app, you can see what is being shared by opening it with Interceptor first. You can also add or modify the intents before sending them to the destination. Additionally, you can double-click on any exportable activities in the Activities tab in the App Details page to open them in the Interceptor to add more configurations.

6.4.3 UnAPKM: DeDRM the APKM files

When I released a small tool called UnAPKM, I promised that similar feature will be available in App Manager. I am proud to announce that you can open APKM files directly in the App Info page or convert them to APKS or install them directly.

6.4.4 Multiple user

App manager now supports multiple users! For now, this requires root or ADB. But no-root support is also being considered. If you have multiple users enabled and click on an app installed in multiple profiles, an alert prompt will be displayed where you can select the user.

6.4.5 Vive la France!

Thanks to the contributors, we have one more addition to the language club: French. You can add more languages or improve existing translations at Weblate.

6.4.6 Report crashes

If App Manager crashes, you can now easily report the crash from the notifications which opens the share options. Crashes are not reported by App Manager, it only redirects you to your favourite Email client.

6.4.7 Android 11

Added support for Android 11. Not everything may work as expected though.

6.4.8 App Installer Improvements

6.5.1 App Installer

As promised, it is now possible to select splits. AM also provides recommendations based on device configurations. If the app is already installed, recommendations are provided based on the installed app. It is also possible to downgrade to a lower version without data loss if the device has root or ADB. But it should be noted that not all app can be downgraded. Installer is also improved to speed up the installation process, especially, for root users. If the app has already been installed and the new (x)apk(s) is newer or older or the same version with a different signature, AM will display a list of changes similar to What’s New before prompting the user to install the app. This is useful if the app has introduced tracker components, new permissions, etc.

6.5.2 Scanner: Replacement for Exodus Page

Exodus page is now replaced with scanner page. Scanner page contains not only a list of trackers but also a list of used libraries. This is just a start. In the future, this page will contain more in depth analysis of the app.

6.5.3 Introducing System Config

System Config lists various system configurations and whitelists/blacklists included in Android by either OEM/vendor, AOSP or even some Magisk modules. Root users can access this option from the overflow menu in the main page. There isn’t any official documentation for these options therefore it’s difficult to write a complete documentation for this page. I will gradually add documentations using my own knowledge. However, some functions should be understandable by their name.

6.5.4 More Languages

Thanks to the contributors, AM now has more than 12 languages. New languages include Bengali, Hindi, Norwegian, Polish, Russian, Simplified Chinese, Turkish and Ukrainian.

6.5.5 App Info Tab

More tags are added in the app info tab such as KeyStore (apps with KeyStore items), Systemless app (apps installed via Magisk), Running (apps that are running). For external apk, two more options are added namely Reinstall and Downgrade. Now it is possible to share an apk via Bluetooth. For system apps, it is possible to uninstall updates for root/ADB users. But like the similar option in the system settings, this operation will clear all app data. As stated above, exodus has been replaced with scanner.

6.5.6 Navigation Improvements

It’s now relatively easy to navigate to various UI components using keyboard. You can use up/down button to navigate between list items and tab button to navigate to UI components inside an item.

6.5.7 Running Apps Page

It is now possible to sort and filter processes in this tab. Also, the three big buttons are replaced with an easy-to-use three dot menu. Previously the memory usage was wrong which is fixed in this version.

6.5.8 Built-in Toybox

Toybox (an alternative to busybox) is bundled with AM. Although Android has this utility built-in from API 23, toybox is bundled in order to prevent buggy implementations and to support API < 23.

6.5.9 Component Blocker Improvements

Component blocker seemed to be problematic in the previous version, especially when global component blocking is enabled. The issues are mostly fixed now.

6.5.10 Improvements in the App Details Page

Value of various app ops depend on their parent app ops. Therefore, when you allow/deny an app op, the parent of the app op gets modified. This fixes the issues some users have been complaining regarding some app ops that couldn’t be changed.

If an app has the target API 23 or less, its permissions cannot be modified using the pm grant … command. Therefore, for such apps, option to toggle permission has been disabled.

The signature tab is improved to support localization. It also displays multiple checksums for a signature.

6.5.11 App Manifest

Manifest no longer crashes if the size of the manifest is too long. Generated manifest are now more accurate than before.

6.6.1 Bundled App (Split APK)

Bundled app formats such as apks and xapk are now supported. You can install these apps using the regular installation buttons. For root and adb users, apps are installed using shell, and for non-root users, the platform default method is used.

6.6.2 Direct Install Support

You can now install APK, APKS or XAPK directly from your favourite browser or file manager. For apps that need updates, a What’s New dialog is displayed showing the changes in the new version.

6.6.3 Remove All Blocking Rules

In the Settings page, a new option is added which can be used to remove all blocking rules configured within App Manager.

6.6.4 App Ops

• App Ops are now generated using a technique similar to AppOpsX. This should decrease the loading time significantly in the App Ops tab.

• In the App Ops tab, a menu item is added which can be used to list only active app ops without including the default app ops. The preference is saved in the shared preferences.

6.6.5 Enhanced ADB Support

ADB shell commands are now executed using a technique similar to AppOpsX (This is the free alternative of AppOps by Rikka.). This should dramatically increase the execution time.

6.6.6 Filtering in Main Page

Add an option to filter apps that has at least one activity.

6.6.7 Apk Backup/Sharing

Apk files are now saved as app name_version.extension instead of package.name.extension.

6.6.8 Batch Ops

• Added a foreground service to run batch operations. The result of the operation is displayed in a notification. If an operation has failed for some packages, clicking on the notification will open a dialog box listing the failed packages. There is also a Try Again button on the bottom which can be used to perform the operation again for the failed packages.

• Replaced Linux kill with force-stop.

6.6.9 Translations

Added German and Portuguese (Brazilian) translations.

6.6.10 App Data Backup

Install app only for the current user at the time of restoring backups. Support for split apks is also added.

Data backup feature is now considered unstable. If you encounter any problem, please report to me without hesitation.

7.3.1 OP_* Constants

OP_* are the integer constants starting from 0. OP_NONE implies that no operations are specified whereas _NUM_OP denotes the number of operations defined in OP_* prefix. While they denote each operation, the operations are not necessarily unique. In fact, there are many operations that are actually a single operation denoted by multiple OP_* constant (possibly for future use). Vendors may define their own op based on their requirements. MIUI is one of the vendors who are known to do that.

public static final int OP_NONE = -1;
public static final int OP_COARSE_LOCATION = 0;
public static final int OP_FINE_LOCATION = 1;
public static final int OP_GPS = 2;
public static final int OP_VIBRATE = 3;
...
public static final int OP_READ_DEVICE_IDENTIFIERS = 89;
public static final int OP_ACCESS_MEDIA_LOCATION = 90;
public static final int OP_ACTIVATE_PLATFORM_VPN = 91;
public static final int _NUM_OP = 92;

Whether an operation is unique is defined by sOpToSwitch. It maps each operation to another operation or to itself (if it’s a unique operation). For instance, OP_FINE_LOCATION and OP_GPS are mapped to OP_COARSE_LOCATION.

Each operation has a private name which are described by sOpNames. These names are usually the same names as the constants without the OP_ prefix. Some operations have public names as well which are described by sOpToString. For instance, OP_COARSE_LOCATION has the public name android:coarse_location.

As a gradual process of moving permissions to app ops, there are already many permissions that are defined under some operations. These permissions are mapped in sOpPerms. For example, the permission android.Manifest.permission.ACCESS_COARSE_LOCATION is mapped to OP_COARSE_LOCATION. Some operations may not have any associated permissions which have null values.

As described in the previous section, operations that are configured for an app are stored at /data/system/appops.xml. If an operation is not configured, then whether system will allow that operation is determined from sOpDefaultMode. It lists the default mode for each operation.

7.3.2 MODE_* Constants

MODE_* constants also integer constants starting from 0. These constants are assigned to each operation describing whether an app is authorised to perform that operation. These modes usually have associated names such as allow for MODE_ALLOWED, ignore for MODE_IGNORED, deny for MODE_ERRORED (a rather misnomer), default for MODE_DEFAULT and foreground for MODE_FOREGROUND.

1. MODE_ALLOWED. The app is allowed to perform the given operation

2. MODE_IGNORED. The app is not allowed to perform the given operation, and any attempt to perform the operation should silently fail, i.e. it should not cause the app to crash

3. MODE_ERRORED. The app is not allowed to perform the given operation, and this attempt should cause it to have a fatal error, typically a SecurityException

4. MODE_DEFAULT. The app should use its default security check, specified in AppOpsManager

5. MODE_FOREGROUND. Special mode that means “allow only when app is in foreground.” This mode was added in Android 10

6. MODE_ASK. This is a custom mode used by MIUI whose uses are unknown.

7.3.3 PackageOps

AppOpsManager.PackageOps is a data structure to store all the OpEntry for a package. In simple terms, it stores all the customised operations for a package.

public static class PackageOps implements Parcelable {
    private final String mPackageName;
    private final int mUid;
    private final List<OpEntry> mEntries;
    ...
}

As can be seen in Listing 2, it stores all OpEntry for a package as well as the corresponding package name and its kernel user ID.

7.3.4 OpEntry

AppOpsManager.OpEntry is a data structure that stores a single operation for any package.

public static final class OpEntry implements Parcelable {
    private final int mOp;
    private final boolean mRunning;
    private final @Mode int mMode;
    private final @Nullable LongSparseLongArray mAccessTimes;
    private final @Nullable LongSparseLongArray mRejectTimes;
    private final @Nullable LongSparseLongArray mDurations;
    private final @Nullable LongSparseLongArray mProxyUids;
    private final @Nullable LongSparseArray<String> mProxyPackageNames;
    ...
}

Here:

• mOp: Denotes one of the OP_* constants

• mRunning: Whether the operation is in progress (i.e. the operation has started but not finished yet). Not all operations can be started or finished this way

• mMOde: One of the MODE_* constants

• mAccessTimes: Stores all the available access times

• mRejectTimes: Stores all the available reject times

• mDurations: All available access durations, checking this with mRunning will tell you for how long the app is performing a certain app operation

• mProxyUids: No documentation found

• mProxyPackageNames: No documentation found

7.3.5 Usage

TODO