Android permission.INTERACT_ACROSS_USERS_FULL

Question

I have a large app in android.

From time to time the application crashes with an error not clear. I do not know exactly when and why this happens.

java.lang.SecurityException: Permission Denial: get/set setting for user asks
to run as user -2 but is calling from user 0; this requires 
android.permission.INTERACT_ACROSS_USERS_FULL

Any help?

@offset Did you ever get this to work? – not2qubit Dec 02 '16 at 14:14 — not2qubit, Dec 02 '16 at 14:14
@user1147688 I don't remember... – offset Dec 04 '16 at 07:07 — offset, Dec 04 '16 at 07:07

score 19 · Answer 1 · edited May 23 '17 at 11:47

19

To summarize from this answer, and looking at the sources of UserHandle.java we see the meaning of the framework user id's.

# | @UserIdInt            | Value  | Status     | Description |
# | --------------------- | ------ | ---------- | ------------| 
# | USER_OWNER            | 0      | deprecated | "owner" user of the device
# | USER_SYSTEM           | 0      | ok         | "system" user of the device
# | USER_ALL              | -1     | ok         | ALL users on the device
  | USER_CURRENT          | -2     | ok         | the currently active user
# | USER_CURRENT_OR_SELF  | -3     | ok         | id from which we would like to send to the current user
# | USER_NULL             | -10000 | ok         | An undefined user id

Then to understand what android:protectionLevel="signature" means, you'll have to read the page about permission-element. Which is summarized in the table:

So what you need to do in your AndroidManifest.xml depend a lot on what API's you need to support, as higher > 23 API's also require a android:permissionGroup= definition, for non-normal ("dangerous") permissions...

Also good to know (by @CommonsWare)

To be able to hold INTERACT_ACROSS_USERS, your app has to be signed by the firmware's signing key or it has to be installed on the system partition.

To be able to hold INTERACT_ACROSS_USERS_FULL, your app has to be signed by the firmware's signing key.

edited May 23 '17 at 11:47

Community

1
1

answered Dec 02 '16 at 08:02

not2qubit

14,531
8
95
135

3

i keep reading about the CAUSE of the problem, but not the SOLUTION. What is the solution? – sudocoder Nov 07 '18 at 13:32
1

@sudocoder The solution is (as already shown in the 2 sentences above) to sign your app with the device manufacturers (or OS providers) OEM key! Please post a new SO question if this is not enough, or perhaps look at the [Android specific SE](https://raspberrypi.stackexchange.com/). – not2qubit Nov 07 '18 at 22:05
2

fair, those two sentences make a solution. but how is this solution scalable? eg: if i sign this with a Samsung key, wouldn't a Huawei user who downloaded my app have this same problem? – sudocoder Nov 08 '18 at 23:20
2

when I try to add `` I get "Permissions with the protection level signature, privileged or signatureOrSystem are only granted to system apps. If an app is a regular non-system app, it will never be able to use these permissions." – sudocoder Nov 18 '18 at 05:06
2

Is there a way to detect whether the app is running on the real user's account, and not a secondary? – android developer Dec 24 '18 at 08:05

IntelliJ Amiya · Accepted Answer · 2018-01-15T14:00:37.140

16

java.lang.SecurityException: Permission Denial: get/set setting for user asks to run as user -2 but is calling from user 0; this requires android.permission.INTERACT_ACROSS_USERS_FULL

Add this android:protectionLevel="signature" in your manifest .

For more details, you can check Permission-Element

Like:

<permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" android:protectionLevel="signature"/>

edited Jan 15 '18 at 14:00

answered Jan 25 '15 at 08:05

IntelliJ Amiya

74,896
15
165
198

1

No, unfortunately the bug happened again... Where to add this line? – offset Jan 25 '15 at 11:08
android:protectionLevel is a valid attribute for . You have it on and on From @Commonsware Sir – IntelliJ Amiya Jan 25 '15 at 11:16
2

Like that? `` – offset Jan 25 '15 at 12:47
No, The bug keeps happening – offset Jan 25 '15 at 13:12
1

– sonida Jul 27 '15 at 18:04
3

signature is not something you can get just by adding it. It's SIGNATURED by OEM – Felix.D Jan 15 '18 at 13:43
i keep reading about the CAUSE of the problem, but no solution. What is the solution? – sudocoder Nov 07 '18 at 13:31
Android Studio confirms what @Felix.D just said, "Permissions with the protection level signature, privileged or signatureOrSystem are only granted to system apps. If an app is a regular non-system app, it will never be able to use these permissions." – sudocoder Nov 18 '18 at 05:05
For some reason I have this exception on Xiaomi Mi A1 with what seems to be some custom rom (LineageSettings class, so probably LineageOs) . Any idea why? – android developer Mar 04 '19 at 21:35

score 3 · Answer 3 · answered Jul 12 '17 at 12:02

Same issue i was getting when i use billingProcessor.subscribe() or billingProcessor.purchase() with two parameter as Activity and product_id of product. There was i pass the value of product_id is empty.

Please once make sure that you are passing value in the product_id is not empty.

Roman Soviak · Answer 4 · 2019-04-03T12:27:46.403

3

One of the possible solutions is to disable auto-fill, but it works only on Android Oreo. Check this link

Simply add this code to your app :

      if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
        window.decorView.importantForAutofill = 
        View.IMPORTANT_FOR_AUTOFILL_NO_EXCLUDE_DESCENDANTS;
    }

And rename getUserId() method if you have it.

edited Apr 03 '19 at 12:27

answered Mar 23 '18 at 21:26

Roman Soviak

791
2
9
30

wtf, rename getUserId() method if you have it. this line save me! why!? thanks you – Radesh Nov 15 '20 at 09:26
Do you know why getUserId() causes this problem? – Sajal Jain Jul 26 '22 at 03:14

score 1 · Answer 5 · answered Feb 02 '20 at 19:00

1

Just ran into it after updating the OS on the device.

A hard restart solved it.

answered Feb 02 '20 at 19:00

MasterMastic

20,711
12
68
90

score 0 · Answer 6 · answered Nov 15 '18 at 16:16

It's a very strange error ... I got this one after I switched from Java to Kotlin or maybe from any Android Studio update. I started to comment elements one by one from both XML and .kt files till I found that the error had nothing to do with any userId (which was mentioned in the error), not any Retrofit call either, the error was caused by one Spinner element in XML, nothing about it in .kt file when I loaded the elements, just this:

<Spinner
        android:id="@+id/number_people_sp"
        android:layout_width="match_parent"
        android:layout_height="wrap_content"
        android:inputType="text" />

So I deleted it and things went good again. I'm thinking that the problem was caused by some spacing of elements (because that spinner was in a Fragment in a Tabbed Activity) and I see in the long lines of error something about spacing and child measures.

Have in mind just to check any possible small thing in the error file, the error could be from anything ...

score 0 · Answer 7 · answered Aug 28 '19 at 04:27

0

I've been faced with the same issue "android.permission.INTERACT_ACROSS_USERS_FULL" when i upgraded the OS version of my android device. i tried to clean and rebuild project and the issues has been solved.

answered Aug 28 '19 at 04:27

Ali Soleimani

301
1
4
16

score 0 · Answer 8 · answered May 08 '21 at 19:28

0

I encountered this error right after updating phone OS to Android 9. Nothing but resetting (restarting) phone and restarting Android Studio worked for me.

answered May 08 '21 at 19:28

niteblud

1
1

score 0 · Answer 9 · answered Aug 10 '22 at 07:36

This happened to me when I was using a notificationChannel. I had created it using a applicationContext but in other place I was trying to get it from context of a service by NotificationManager.getNotificationChannel(). So probably using the same context in different places for example applicationContext can fix this problem.

score -2 · Answer 10 · edited Jul 14 '18 at 00:02

-2

i resolved this issue by luck . I was using a singleton fragment instance which caused this issue. When i replaced the fragment.getInstance() call with new fragment() it worked like a charm. fragments shouldnt be used as singletons and should be brought back (if required) with the saved state.

edited Jul 14 '18 at 00:02

taras

6,566
10
39
50

answered Jul 13 '18 at 20:23

Partha Sarathi Murmu

17
1
2

this is likely not the root cause experienced by OP – sudocoder Nov 07 '18 at 13:37

Android permission.INTERACT_ACROSS_USERS_FULL

10 Answers10

Linked