Is there any way to install apps installed in the owner user into the private space?

I'm new to GrapheneOS so please forgive me if I'm wrong. I read multiple people here who want to put Google Play/spyware apps in the private space, but doesn't it make more sense to put that in the main profile and then use trusted / open source apps in the private space?

    GrapheneOS Is the stock OS ability to "Install app in Private Space" planned for GrapheneOS? I read this option was removed as it was not relevant for GrapheneOS implementation. Is there a best practice for installing the same app in both Owner and private Space to avoid versioning conflicts ?

      Killjoy not at all, no. The owner profile has the most insight into the other profiles, you can imagine it as an "admin lite". Play Services should exist in owner profile only when you need some app that needs to run 24/7 and relies on Play Services. Apart from that it's wiser to just cram Play Services into a work/secondary user/private space profile.

          Does anyone know if you can access the full settings in the Private Space? Specifically to set up a fingerprint unlock or custom keyboard in the Private Space. The reason I ask is I'd like to set up KeyPassDX and I typically use biometric unlock and Magikeyboard, but not sure I know how to do it.

          Happy to create another thread if that's better.

            d0ckR

            d0ckR
            I had a similar issue with a bank app inside the Private Space, but somehow the SMS app from the main profile would open instead. I've also had to install Fossify Phone and Fossify SMS just to make sure the relevant requirements are picked up by the bank app, but even with with this setup I'd send the SMS and the verification would fail. I think more than the Phone permission itself it also needed to read the phone number advertised by the SIM or something like that. After retrying the verification a few times, at some point it finished with success, which could maybe work for some as a workaround, but I wouldn't say it is reliable.

                My main issue of the Private Space is from the NFC payments. I have my main banking app on the owner profile which has its own NFC functionality, even if it needs Google installed for some reason. This app is set in the settings as the default for NFC payments and it works just fine.

                Once I unlock the Private Space, however, I can't pay with the banking app from the owner anymore, even after locking the Private Space or restarting NFC. It looks like NFC doesn't get the bank app anymore and it is only solved by a full reboot.

                I do have a bank app on the Private Space, as I said above, but it is not enabled and either way I've tried locking the private space too. Could it be some issue with the NFC management between the owner and the Private Space, one that doesn't get solved not even by closing the Private Space?

                  kopolee11 Does anyone know if you can access the full settings in the Private Space? Specifically to set up a fingerprint unlock or custom keyboard in the Private Space. The reason I ask is I'd like to set up KeyPassDX and I typically use biometric unlock and Magikeyboard, but not sure I know how to do it.

                  It is possible to use fingerprint unlock and magikeyboard with KeePassDX on the private space. I know it is possible to access the relevant settings through the KeePassDX settings. The settings are available on a private tab in the normal settings on the owner profile.

                      Killjoy I'm new to GrapheneOS so please forgive me if I'm wrong. I read multiple people here who want to put Google Play/spyware apps in the private space, but doesn't it make more sense to put that in the main profile and then use trusted / open source apps in the private space?

                      That is what I am going to do. I don't think it make more sense as such; regardless of what profile you put Google Play and their apps in, they cannot see or talk to apps in any other profile. Some prefer to put Google Play and their apps in the private space, because that way they can be shut down by simply locking the private space, so they cannot even track when you use your phone or not. But I prefer to have all privacy sensitive things in the private space, so I can keep that data and those files encrypted and locked away most of the time, in case my device is taken. And that is of course only trusted open source apps. It depends on your use case.

                      DeletedUser87 not at all, no. The owner profile has the most insight into the other profiles, you can imagine it as an "admin lite".

                      Apss running in owner profile should not have more permissions than apps running in any other profile. Especially no kind of admin like permissions. This includes Google Play and Google Play Services, which are just regular apps in GrapheneOS without any special permissions.

                          vagrantly321

                          By installing App Manager from F-Droid, searching for the Settings app and, under activities, lunching the Settings Homepage Activity, I was able to access the full Settings app of the Private Space. If anyone is interested to modify some options that are not currently inside the Private tab of the Owner's settings app, this is a simple workaround.

                          So at this point I've checked the NFC settings, and surprisingly the bank app that I set as the default for NFC payments in the Owner profile was listed here in the Private Space as the default too, even though it doesn't exist here at all. It is worth to mention that it even has the little icon indicating that it is part of the Private Space. I'm not sure if installing the same bank app also in the Private Space would provide a temporary solution to this, but I might give it a try and write here if it works until an official fix.

                              Hello,
                              Actually I have 2 user profiles at GOS: primary, without GSF and secondary, with my banking apps and GSF installed.
                              Is possible to migrate from this 2 user profiles to only a user profile (main) then install GSF and my banking apps at private spaces then no install GSF at main profile without lost privacy/security or is best to continue using 2 users?
                              Thanks

                                GrapheneOS You can have a single Private Space and a single work profile in the Owner user.

                                Would it be possible to implement not just one, but multiple private spaces for use on GrapheneOS? Would be a game changer, because you could have good usability while still being able to control which apps can talk to and see each other.

                                    4 days later

                                    vagrantly321
                                    turns out that after installing the same bank app also on the private space, in the NFC settings I still see this bank app with the private space little icon but now I see also the same bank app without this icon, which is the one from the Owner profile. So I picked this one without the icon as the default and now the Owner bank app gets picked every time for NFC payments, even with or without the Private Space open. This is great since it solves my problem and I can pay with the phone, I just hope that this workaround or anyway this double app thing (owner + private space) won't stop being visible inside the NFC settings without a proper NFC fix.
                                    Btw In the private space I didn't have to activate the same bank app, somehow it was enough that it is installed for me to see inside the NFC settings the Owner app.

                                        vagrantly321 this! Is super helpful! Hopefully Gos can just surface the settings link in the future so we don't need the extra app but good find!

                                          cdflasdkesalkjfkdfkjsdajfd
                                          Yes this is a very good use case that is making using GrapheneOS with good isolation of Google Play Services dependent apps much much more convenient. I can recommend this setup if it fits your threat model. I personally haven't seen any drawbacks from this setup if compared as my previous setup of using a secondary profile. Only huge increase in usability, especially for those ude cases where you have messenger apps with dependency of GSF for notifications. Now you can actually see the notification and not just a generic notification forwarded from the second profile, as before (with the "send notification to current user" setting toggled). No need to constantly switch profiles and authenticate.

                                          I have not tested but this maybe also partly mitigate the annoying AOSP fingerprint bug that in reality only let you have two fingerprints stored. Since you don't need to switch profiles as often it doesn't matter if fingerprint auth doesn't work when switching profiles.

                                              cdflasdkesalkjfkdfkjsdajfd I do not see the issue. You do have a screen lock with a reasonable timeout duration, right? If you do not have a very high threat model then AFU protection is most likely enough. The reboot timer makes sure your phone will be in BFU state long time before Cellebrite and the likes can brute-force your PIN. Especially if you have the timer on something low.
                                              The same scenario you describe can happen if you have your secondary profile active when your phone gets lost. It is practically no difference here.

                                                @GrapheneOS
                                                Would it be possible to add functionality to install apps to Private Space from the Owner? Like currently possible with secondary users?
                                                That way you could install sandboxed Google play in the owner profile and install apps from the Play store inside the PS, without having install sandboxed Google play in the PS.

                                                cdflasdkesalkjfkdfkjsdajfd
                                                No, see: https://discuss.grapheneos.org/d/16670-private-space-on-android-15-grapheneos/62

                                                    Can apps be installed via adb in private space or via copying it from the main profile, like to other users, or the only way to do it is via a store, like Play Store or Aurora?

                                                      cdflasdkesalkjfkdfkjsdajfd Yes, you can adb install to the private space.

                                                      $ adb shell dumpsys user | grep "Private space"
  UserInfo{##:Private space: ......

                                                      ## is the userid of your private space.

                                                      Then $ adb install --user ## file.apk

                                                        Is there a way to do not unlock private space using the fingerprint but configure fingerprint to unlock some apps in private space? I have set private space to be unlocked by password and fingerprint settings to do not be used to unlock the device but when I unlock private space the fingerprint unlock is displayed instead of the keyboard.
                                                        Thanks

                                                        Will the settings on the Private Space be extended like those on the other profiles?

                                                        Is data unrecoverable when deleting Private Space as when deleting profiles?

                                                        Edit : It seems to be the same with the deletion of data :

                                                        All forms of profiles have separate encryption keys. You can keep a Private Space at rest while the Owner user is logged in just as you can with a secondary user.

                                                          Hat

                                                          Is data unrecoverable when deleting Private Space as when deleting profiles?

                                                          Yes, it's similar to a user profile especially if you set a dedicated lock method but can be reliably deleted even when sharing the lock method with the Owner user, since it still has separate encryption keys and protection. It shouldn't be possible to get the data when Owner is unlocked but the Private Space is not even when the lock method is the same. Reboot is still best to get data back at rest instead of relying on things being zeroed as they should be.

                                                            We strongly recommend it as a replacement for a work profile managed by a local profile admin app. It has better OS integration and isolation.

                                                            I am really struggling to understand the messaging here. I generally think of "integration" and "isolation" as generally diametrically opposed. I like how existing profiles are completely separate. I don't want any possibility of data leakage between/across them. Are you using "work profile" as a general term for any secondary profile (meaning one connected to a dayjob, etc) or is that something else?

                                                            @GrapheneOS What exactly would be the benefit of deleting my secondary profiles and recreating them as Private Spaces within the Owner Profile? What are the precise differences between these two feature sets?I'm sure I'm not the only one wondering this. A simple page in the docs would be greatly appreciated once this feature has matured a bit more.

                                                            Thanks for all you do.

                                                              strict-marsh Work profiles are exactly what it sounds like - a separate profile that runs side by side with the owner. Usually these will be created by an app like Shelter or Insular. They offer the least isolation compared to Private Space and secondary user profiles, but are probably the most convenient due to the amount of integration in the settings.

                                                                strict-marsh What exactly would be the benefit of deleting my secondary profiles and recreating them as Private Spaces within the Owner Profile?

                                                                Note that at present there is only one Private Space, associated with the sole owner profile. Secondary profiles are not the same thing as work profiles, so if you are using secondary profiles at present the recommendation to switch from a work profile to Private Space is not applicable.

                                                                  missing-root how to disable the system clipboard if I use Florisboard clipboard? Thank you.

                                                                    strict-marsh What exactly would be the benefit of deleting my secondary profiles and recreating them as Private Spaces within the Owner Profile?

                                                                    The advantage of "private space" over a secondary profile is the fact that the two profiles can be used simultaneously rather than needing to go through the cumbersome process of switching between them.

                                                                        secrec yes, but for now, I think privacy will be compromised due to the PS cannot be locked with password if you configure fingerprint to access some apps in the PS.

                                                                            cdflasdkesalkjfkdfkjsdajfd Private Space is fingerprint-locked if you have configured fingerprint locking, the PIN code is requested on first start-up. Even if you use the same PIN/fingerprint for the owner profile and Private Space, these are still two isolated profiles with separate encryption/decryption keys, so should be fairly secure, of course you can use a different locking method from the main profile.