I've been using LineageOS for a long time with MicroG for a select few apps. This has worked great, but sandboxed google play sounds even better if I can only expose it to apps that actually need it.
I read about the option to use work profiles, so I have installed Shelter, and installed all the google apps in the work profile.
This is working great, but I'm running into two challenges:
- My original plan was to use Google Play to install apps in the personal profile as well, but this doesn't seem to be possible.
- I have installed google contacts in the work environment but the personal environment can't see them
I solved the first problem by just using Aurora in the personal profile as I used to do. It's a bit unreliable, but good enough. In a pinch it's also possible to install them in the work profile and then use Shelter to clone them to the personal profile.
I'm not yet sure how to solve the contacts problem. I found some documentation that suggests the personal profile should be able to access contacts from the work profile, but that doesn't actually seem to be supported: https://developer.android.com/work/contacts Oddly enough if I make a call from the work profile it uses the personal dialer and shows the correct contact in the call history, what gives? It wouldn't be so bad to just use the work contacts app, but it also means WhatsApp etc. doesn't show any names.
I can think of a few ways to go about it.
- Just use sandboxed google play in the main profile. I guess that does mean google sees some stuff from any apps that use it. Would be nice if there was a permission "use google play services"
- Occasionally manually sync work and personal contacts
- Set up DAVx5 as I used to do on LineageOS (which was quite unreliable)
- Move from Google to Proton