I'm writing a system app for android devices that we supply to customers. We control the firmware and can add apps to the android image, including into the priv-app folder.
One of the requirements for our app is that it is able to reset our device's password. In order for a 'normal' app to do this, android requires that the app is set up as a device administrator.
Is there any way to pre-configure our app as a device administrator for our firmware, or an alternative way of setting a device password specifically for system apps?
A device admin application may set itself as admin using the hidden DevicePolicyManager.setActiveAdmin method. To do this, however, the application needs the android.Manifest.permission.MANAGE_DEVICE_ADMINS permission which requires platform signing.
System permissions by placing this application in /system/priv-app is not required - the permission is of type "signature".
I assume the platform signing is necessary since otherwise, the user must first accept the device admin setting policies.
Once admin, the application may set any policies including setting the password using DevicePolicyManager.resetPassword method.
Hope this helps.
/Marek Pola, Sony Mobile.