Bind system service as root?

[Mygod]

When I attempt to bind it I encountered the exception:

            throw new SecurityException(
                    "Unable to find app for caller " + caller
                    + " (pid=" + Binder.getCallingPid()
                    + ") when binding service " + service);

[Chainfire]

Many service check if your app is registered by PID. As you're not actually running an app, that doesn't work. Some services can be reached via reflection (see Reflection.java in librootjava sources). For some services you can get to the base AIDL, get the Binder object from ServiceManager (again reflection).

It can be very tricky to get things to work this way, but I usually manage to get what I need. It usually requires diving into Android source code to figure out exactly what you need, though, and some things just aren't possible. Even if you the service object, specific interface calls may still trigger the error you quoted.

[Mygod]

Thank you! I saw that you used ActivityManagerNative to send broadcast. I will look into that later.

[Mygod]

~It looks like this class is deprecated now and soon to be removed according to doc. The method broadcastIntent is already removed in master. :(~ Never mind sorry!

Still hits the same exception. :/