koobas.hobune.stream
How to Prevent Unity from Adding Permissions to Android Manifest
So I'm ready to release an app to Google Play but it's showing up as requiring permissions I do not want. The app is targeted at children and parents, so it's very important that we include only the permissions necessary. (It's also a requirement not to include position tracking, which is one of the problem permissions, if you want to have the "everyone" rating.)
I've overridden the Android manifest file successfully by placing it under Plugins/Android/AndroidManifest.xml. This appears to work, and I can see my changes in the manifest Unity is using by checking temp/stagingarea/AndroidManifest.xml after running a build.
However, Unity also appends several permission requirements to this file. In my case, they are:
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-feature android:name="android.hardware.location.gps" android:required="false" />
<uses-permission android:name="android.permission.CAMERA" />
<uses-feature android:name="android.hardware.camera" android:required="false" />
<uses-feature android:name="android.hardware.camera.autofocus" android:required="false" />
<uses-feature android:name="android.hardware.camera.front" android:required="false" />
We don't need these permissions for our app. I've heard that perhaps Unity is automatically adding permissions based on code references to these features? I'm not sure if this is true, but if so it's very problematic for us. We use several different 3rd-party code libraries with optional features that aren't actually used in the app. Hunting through such libraries and removing the bits we don't use is not a reasonable option for us.
So the question is: How can I prevent Unity from adding these unwanted permissions to the manifest file on build?
I believe if your project contains it's own $$anonymous$$anifest that you wrote, perhaps in a Plugins folder, than it will use that one, as opposed to the one Unity creates.
I'm not sure exactly where it needs to be, could be or not in the Plugins, but I feel like I've ran into that before.
Yes, you add it to Plugins/Android as I mentioned. This works, BUT Unity continues to append new permissions to it regardless.
$$anonymous$$aybe you can get to it after the compilation and just delete those things.
I'm looking at that, and it seems possible if you export a Google Android project. But (if that works) I'm left with a really ugly pipeline where I have to re-do work every time I export from Unity. It would be so much nicer if Unity just didn't add problematic content to my manifest file.
having the same problem. Any progress in solving it?
We had the same issue with Unity adding permissions to our manifest that we did not need/want. In our case a plugin we're using (Fabric) was referencing the Microphone API of Unity, making Unity add the RECORD_AUDIO permission to our manifest.
Now, the way we solved this was to add the RECORD_AUDIO manifest to our own manifest in the Plugins/Android folder, but also specify a maxSdkVersion for the permission that's lower than the minSdkVersion of our app;
<uses-permission android:name="android.permission.RECORD_AUDIO" android:maxSdkVersion="1" />
The minSdkVersion of our app is set to 16;
<uses-sdk android:minSdkVersion="16" android:targetSdkVersion="23" />
This makes Unity use that permission in the created manifest, but since the maxSdkVersion is set to 1, users do not have to give that permission when installing because the minSdkVersion of the app i higher.
Quite a workaround, but it works :-)
Interesting! Would you $$anonymous$$d sharing what that looks like for those of us who are less Android-manifest savvy?
Hm, I included it in the original post, but it somehow got lost in translation...
Here's how to set the maxSdkVersion for a permission;
<uses-permission android:name="android.permission.RECORD_AUDIO" android:maxSdkVersion="1" />
Thanks! I don't know if it wasn't there or just wasn't displaying for me...
I definitely want to try this out!
Cool - solved it for me! Unity was adding permissions (INTERNET ACCES, ID, etc.) to my project and now - ahhhh! - all the permissions are gone:) !
Thanks a lot for this solution! Worked for me and was really easy to implement. :D [Edit: Works on device, but Google Play does not accept it and complains about the maxSdkVersion. :(
I tried this, because my apk started asking the the internet permission even though this is absolutely no reason for it. However, upon the upload to google play failed, because maxSdkVersion has to be 18 or higher(which is Jelly Bean 4.3.1 btw).
Find "Input.location" in all files, if any .cs file contains this code, uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" will be added automatically when building apk.Delete all related files, this issue will be fixed.
That worked for me. I found Playmaker has various actions that makes calls to Input.location so removing or commenting out those actions will help if you are using playmaker and are not wanting use location services in your app.
One possible solution which appears to work is to export a Google Android project instead of building directly from Unity. Then one can modify the manifest (again) in Google's environment, build and sign.
This does accomplish what I need, but it creates a somewhat hellish workflow for creating publishable builds. It also required learning a set of tools I didn't need for any particular reason other than working around a problem Unity seems to have created.
Do you have any updates on how you solved this? I have the same problem and also don't want to deal with this build flow.
Sorry, forgot to answer your question. In brief, no, Unity doesn't appear to have a work-around. If you don't want those extra permissions, you have to export the Eclipse (Google Android) project and modify the manifest yourself every time.
On the plus side, you get faster at it the more you do this :P
You could automate the process by exporting a Google project, and have a post build processor to manipulate the Android$$anonymous$$anifest.xml (it's just an xml file, you could get all Permissions from it and chop off the one you don't need).
After this is done, you could build an AP$$anonymous$$ from the command line (Android has a set of tools for doing that), so effectively you would get an AP$$anonymous$$ at the end of the process.
If you're into that i could post an answer later to describe how this could be done (although there's already an accepted answer for this question here).
liortal, that sounds like a more "proper" solution than the one above, and any details you could provide would be helpful. I personally wouldn't know where to begin doing that.
Are you using Split Application Binary when building due to a over 50mb app? I found out that doing so will trash your intended post processors AND the Android$$anonymous$$anifest and add permissions like crazy like CHEC$$anonymous$$_LICENSE and WRITE_EXTERNAL and a couple others on top of the 4 I define.
Found a way to prevent Unity from adding the permission on stack overflow:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools">
...
<uses-permission android:name="android.permission.RECORD_AUDIO" tools:node="remove" />
...
Hi I've just found a nice soultion to the manifest permission problem.
Build an .apk file as always. Don't worry about manifest file.
Deploy the app to the android device.
Download permission manager from Google Play store. In my case this was Advanced Permission Manager. Free version will do good. You don't have to root the device.
Remove permissions from apk fie and push th Save and Install button.
Voila! You have New.apk file in PermMaster folder on the device - this is your apk file without unwanted permissions.
I'm pretty sure that you would need to re-sign your AP$$anonymous$$ with your key, otherwise wou probably can't publish the app to the store.
Hm. Yes, I haven't had time to test this, but I imagine you WOULD have to re-sign the .apk, which is its own finagling.
I am just making my first app for Android. Everything is new for me. How to in simplest way test if I had to re-sign the App?
I think you would have to sign it to submit to Google Play...?
