Hi, so after looking around in this forum I've come to know of a good way to install apps across user profiles. I want to confirm my understanding and also have an additional question.

So what i'm doing just now is:

  1. use obtanium to install those apps whose apk is directly available on github/gitlab etc. into the owner profile
  2. as soon as i install the app, i head over to settings -> app -> choose app -> disable
  3. to actually use those apps i install them into the secondary profiles using the owner profile. In secondary profile(s) they are available as normal apps, enabled by default.
  4. for updates i only need to let obtanium update these apps in the owner profile and it automatically reflects in all other profile where the app was "shared" with.

Firstly does this all sound good/correct? How does (4) work? Is it that there is only one copy of the app ever and it's just that it's shared with other profiles under the hood? Because I assume if it was a separate installation in each profile then they would separately need to be updated in each.

Lastly, do yous recommend the same with apps from aurora store? So should I:

  1. Install aurora store in the owner profile (say via obtainium) and then install apps via it -> disable them -> install them via this owner profile in other secondary profile(s) where i actually need them?
    OR
  2. Install aurora store as a normal app in the owner profile -> disable it -> share it with the other other profiles and activate and install apps there with it instead.

(5) above looked fine except that i notice 2 things: (a) The apps which are disabled are not even listed in aurora store even though it was the one that installed it, so i think it won't be monitoring them for updates unless they lie in an enabled state. Did anyone notice this? (b) Aurora says that it send the list of installed apps to google. It doesn't explicitly say that it only sends the apps installed by it. I suppose in matters of privacy, these should be fully elaborated. It in-fact has a separate filter in the settings which when enabled will only display the apps installed by aurora on that machine. This is by default turned off and aurora shows some apps not even installed by it (as long as they are enabled). This makes me even more unclear if it actually reports all installed apps to google (or to itself ect). Does anyone know?

    rtosguffalo for updates i only need to let obtanium update these apps in the owner profile and it automatically reflects in all other profile where the app was "shared" with

    Yes. It is well visually explained here - https://www.youtube.com/watch?v=E3erRhXPPNY
    Aurora and Obtainium can update disabled apps.

      Wow, that is almost exactly the same approach I take! However, I've run into a weirdness that I don't quite understand. I figured tacking on to your topic would be the best place to discuss :)

      I have the same approach to the owner profile. I have Aurora and K9Mail in the owner. In profile P2 I've installed the apps from the owner profile. After a few days, P2's Aurora is alerting me that their is a new version of K9 mail available but my owner profile's Aurora store shows no updates available!

      Any ideas on why that may be happening?

        GOSExplorer
        If I had to guess, I think it might be the way that Google Play rolls out updates gradually. Maybe the Aurora client of one profile is in an earlier part of the rollout than the other?

          Good guess, but it has been many days and I'm in the same situation.

          I'm wondering if it has something to do with app signing or something. I just installed Neo Store in the owner profile to try it out and it shows the new version of K9 mail but when I try to update it says that I can't because it is signed by a different cert than the current one and that I must uninstall the current one before installing the new one. Neo Store says this for other apps too. I don't want to uninstall the current K9 because I've already installed it in more than one profile.

          Maybe all this is happening because I installed K9 using Aurora Store (IIRC) and am now trying to update it with Neo Store (which is pulling from F-Droid repo).

            GOSExplorer
            Yes, most apps in the fdroid repo are built and signed by fdroid. Apps from Play Store are built by the developer. Older apps may also be signed by the developer, newer apps by Google.

            Different builds of an app with the same package name can not be installed on a device, even if in different user profiles. Can only update an app with the same package name and signature.

              When the possibility to install apps into other user profile was introduced, it was possible to grab apps from one profile and copy them to another by the owner. This was changed due to safety and privacy concerns. As of today, only apps from owner user can be copied to another user. This is basically what is discussed here.

              So it is not possible to have one user who acts as an app manager and either deploy apps directly from there to other users or at least do the copy by the owner.

              By this approach all other users would not need any permission to install apps. This might reduce some attack vectors.

              Also the owner user could remain as empty as possible.

              Are there any plans to make something like this become reality?

                ReadOnlyUser Thanks. The certificate issue I ran into was in the owner profile, and the app was only installed / updated in the owner profile. It looks like I got the error because I installed the app via Aurora Store (which has one signing key) and then tried to update it with Neo Store from the F-Droid repository (which has a different signing key).

                  5 days later
                  25 days later

                  rtosguffalo So what i'm doing just now is:
                  use obtanium to install those apps whose apk is directly available on github/gitlab etc. into the owner profile
                  as soon as i install the app, i head over to settings -> app -> choose app -> disable
                  to actually use those apps i install them into the secondary profiles using the owner profile. In secondary profile(s) they are available as normal apps, enabled by default.
                  for updates i only need to let obtanium update these apps in the owner profile and it automatically reflects in all other profile where the app was "shared" with.

                  When you disable the apps installed via Obtainium, do they get updated even if they are disabled? My disabled apps on non GOS phone does not get updated when disabled.

                  What do you gain by disabling the apps in the Owner Profile?

                      9 days later

                      PMUSR rtosguffalo So what i'm doing just now is:
                      use obtanium to install those apps whose apk is directly available on github/gitlab etc. into the owner profile
                      as soon as i install the app, i head over to settings -> app -> choose app -> disable
                      to actually use those apps i install them into the secondary profiles using the owner profile. In secondary profile(s) they are available as normal apps, enabled by default.
                      for updates i only need to let obtanium update these apps in the owner profile and it automatically reflects in all other profile where the app was "shared" with.

                      PMUSR When you disable the apps installed via Obtainium, do they get updated even if they are disabled? My disabled apps on non GOS phone does not get updated when disabled.

                      What do you gain by disabling the apps in the Owner Profile?

                      Could someone please answer this question above as I really interested to know? :)