headwind-mdm

  • 8 hours ago
  • Joined 24 days ago
  • In Error building aapt2: nonexisting wear-sdk

    @de0u answered correctly - that message is just an unrelated warning, and there's a silent out-of-memory error. Got the same issue on another server (Ubuntu 24.04, 32 Gb RAM), and adding the swap (extra 32 Gb) fixed the issue.

    • de0u replied to this.
    • In MDM on Grapheneos?

      NetRunner88 Headwind MDM doesn't support work profiles. You can try installing another MDM system supporting them, as the new SetupWizard2 code potentially allows provisioning the device with a work profile (I didn't test it, though).

      However, as far as I know, work profiles require strong integration with Google's Android Enterprise framework, which GrapheneOS doesn't have. So I doubt work profiles will work. Anyway, this is worth trying.

        • In MDM on Grapheneos?

          GrapheneOS I've submitted the pull request implementing QR code based MDM setup. Hope to finalize it and see it in the official GrapheneOS distribution soon.

          By the way, since this feature makes GrapheneOS capable to be used on corporate-owned devices, this could be a good chance to increase the popularity of the OS by proposing it to system administrators as a great and secure alternative to Google-powered Android ROMs. Once the feature becomes available, we can issue a press release about that. What do you think?

            • In Flash a development ROM to update the platform app

              de0u Thank you for the suggestion.

              The script script/finalize.sh uses the BUILD_NUMBER environment variable, which needs to be changed to generate a delta. How do I change this variable? Should I simply set it in the shell console, or it must be updated elsewhere?

              • de0u replied to this.
                • In Flash a development ROM to update the platform app

                  Thank you for your guide!

                  Once the development (eng) rom is installed on a device, is there an easy way to update a single system application?

                  I would like to update the application SetupWizard2 which is installed on a device in the /system_ext/priv-app/SetupWizard2/ directory. Can I do that without rebuilding and reflashing the whole ROM? Probably there's some workflow to prepare an OTA update from a single system application, which is installable by adb or fastboot?

                  • de0u replied to this.
                  • In Flash a development ROM to update the platform app

                    Hi,

                    In the build instruction, there's an option "Faster builds for development use only" which produces images signed with the default public keys, generated by the command

                    m

                    However it is unclear how to flash the resulting images to the device for development purposes.

                    My plan is to build the 'eng' ROM and flash it on the device. After that, I'm planning to update and debug the platform application by the following workflow:

                    1. Rebuild the application module by using the mmm command;
                    2. Copy the updated APK to /system/priv-app/ (as the eng variant is rooted and I presume the APK is signed with the same "default public keys").

                    Can you please advise how to flash the "faster development build" on the device, and is there any best practice for the platform app development?

                    Also, I found this sentence in the build manual: "For an emulator build, always use the development build approach below". Is it possible to install a developer variant of GrapheneOS on the emulator? If yes, is there an instruction?

                  • In Error building aapt2: nonexisting wear-sdk

                    Switching from a Windows-hosted virtual machine to the native Ubuntu Linux server (24.04 LTS, 32 Gb RAM) fixed the build issue.

                  • In Error building aapt2: nonexisting wear-sdk

                    Hi,

                    I'm following the build instruction https://grapheneos.org/build and build GrapheneOS 15 (Development branch) for shiba (Pixel 8).

                    Unfortunately I'm stuck at step "Extracting vendor files for Pixel devices", the command "m aapt2" fails.

                    # m aapt2
10:03:45 Build sandboxing disabled due to nsjail error.
10:03:47 ************************************************************
10:03:47 You are building on a machine with 12GB of RAM
10:03:47 
10:03:47 The minimum required amount of free memory is around 16GB,
10:03:47 and even with that, some configurations may not work.
10:03:47 
10:03:47 If you run into segfaults or other errors, try reducing your
10:03:47 -j value.
10:03:47 ************************************************************
============================================
PLATFORM_VERSION_CODENAME=REL
PLATFORM_VERSION=15
TARGET_PRODUCT=sdk_phone64_x86_64
TARGET_BUILD_VARIANT=user
TARGET_ARCH=x86_64
TARGET_ARCH_VARIANT=x86_64
TARGET_2ND_ARCH_VARIANT=x86_64
HOST_OS=linux
HOST_OS_EXTRA=Linux-6.11.0-17-generic-x86_64-Ubuntu-24.04.2-LTS
HOST_CROSS_OS=windows
BUILD_ID=AP4A.250205.002
PLATFORM_SECURITY_PATCH=2025-02-05
OUT_DIR=out
============================================
10:06:45 soong bootstrap failed with: exit status 1
[100% 1/1] analyzing Android.bp files and generating ninja file at out/soong/build.sdk_phone64_x86_64.ninja
FAILED: out/soong/build.sdk_phone64_x86_64.ninja
cd "$(dirname "out/host/linux-x86/bin/soong_build")" && BUILDER="$PWD/$(basename "out/host/linux-x86/bin/soong_build")"
 && cd / && env -i  "$BUILDER"     --top "$TOP"     --soong_out "out/soong"     --out "out"     --soong_variables out/s
oong/soong.sdk_phone64_x86_64.variables -o out/soong/build.sdk_phone64_x86_64.ninja -l out/.module_paths/Android.bp.lis
t --available_env out/soong/soong.environment.available --used_env out/soong/soong.environment.used.sdk_phone64_x86_64.
build Android.bp
Warning: Module 'androidx.wear_wear' depends on non-existing optional_uses_libs 'wear-sdk'
Warning: Module 'androidx.wear.compose_compose-foundation' depends on non-existing optional_uses_libs 'wear-sdk'
Killed
ninja: build stopped: subcommand failed.

                    In additional, there's a warning: Build sandboxing disabled due to nsjail error.

                    Please advise how to fix these build issues.

                    • de0u replied to this.
                    • In MDM on Grapheneos?

                      GrapheneOS Thank you for the explanation. We'll try to implement MDM provisioning in a custom build of GrapheneOS. If we succeed, is there any workflow to commit our update to the official GrapheneOS code?

                        • In MDM on Grapheneos?

                          de0u

                          We have a lot of users asking how to install MDM on GrapheneOS. Currently, I know the only way to use MDM on GrapheneOS - install the MDM agent and grant the Device Owner permissions by the ADB utility, which is difficult and not acceptable by most users.

                          In the link provided, it was written: "GrapheneOS does have all the AOSP stuff present for managed devices and managed profiles". But I was unable to start AOSP's ManagedProvisioning app by tapping 6 times on a welcome screen.

                          Is there a way to install MDM on GrapheneOS? If there isn't, can our team contribute to GrapheneOS and implement Managed Provisioning?

                          P.S. MDM on fully managed devices does not require Google Play services, so GrapheneOS-based devices CAN be managed by MDM. The only issue is the MDM installation.