Requirements: Android 7.0+ | Root or ADB
Overview: Using system APIs directly with adb/root privileges from normal apps through a Java process started with app_process.
When developing apps that requires root, the most common method is to run some commands in the su shell. For example, there is an app that uses the pm enable/disable command to enable/disable components.
This method has very big disadvantages:
Extremely slow (Multiple process creation)
Needs to process texts (Super unreliable)
The possibility is limited to available commands
Even if ADB has sufficient permissions, the app requires root privileges to run
Shizuku uses a completely different way. See detailed description below.
First, we need to talk about how app use system APIs. For example, if the app wants to get installed apps, we all know we should use PackageManager#getInstalledPackages(). This is actually an interprocess communication (IPC) process of the app process and system server process, just the Android framework did the inner works for us.
Android uses binder to do this type of IPC. Binder allows the server-side to learn the uid and pid of the client-side, so that the system server can check if the app has the permission to do the operation.
Usually, if there is a "manager" (e.g., PackageManager) for apps to use, there should be a "service" (e.g., PackageManagerService) in the system server process. We can simply think if the app holds the binder of the "service", it can communicate with the "service". The app process will receive binders of system services on start.
Shizuku guides users to run a process, Shizuku server, with root or ADB first. When the app starts, the binder to Shizuku server will also be sent to the app.
The most important feature Shizuku provides is something like be a middle man to receive requests from the app, sent them to the system server, and send back the results. You can see the transactRemote method in rikka.shizuku.server.ShizukuService class, and moe.shizuku.api.ShizukuBinderWrapper class for the detail.
So, we reached our goal, to use system APIs with higher permission. And to the app, it is almost identical to the use of system APIs directly.
What’s New:
Works on ColorOS (Oppo & OnePlus) Android 14
On Android 14+, prompts the user that if rish file has write permission (Android 14 enforces dex runs by app_process must not have write permission, so place rish files in /sdcard will not work, uses needs to copy rish files to terminal apps’ data folder)
This app has no advertisements
More Info:
https://github.com/RikkaApps/Shizuku
https://play.google.com/store/apps/details?id=moe.shizuku.privileged.api
https://shizuku.rikka.app/Download Instructions:
https://ouo.io/6EcM5m
Mirror:
https://ouo.io/372eKCC
https://github.com/RikkaApps/Shizuku/re … elease.apk
https://ouo.io/WmLKJy.
