Wiki: Better explanationof the different install methods #3162
Description
The install guide contains outdated info and snippets of different approaches that are pretty confusing. For now what I understood is, that there are the following installation methods:
- regular user app.
- requires an Android distro supporting signature spoofing
- otherwise no rooting or custom image required
- should be able to use firebase push (still experimenting, doesn't currently work)
- does not support location and maybe other things
- does not interfere with bootloader locking
- root
- "the messy method"
- needs root, adb as root
- mount /system partition writable, create directory in /system/priv-app, set permissions
- push an APK file into a privileged location
- this will grant microG very elevated privileges but everything should work
- not sure how updates work due to permissions to write to system partition
- will prevent bootloader locking unless users can somehow create their own
avb_custom_key
- magisk module
- some people use that method, likely makes installation easier
- probably pretty similar to the root method
- might be even more insecure than the root method
- likely prevents bootloader locking similar to root method
- downstream packaging
- distros like "LineageOS for microG" ship OS images with microG included as system app
- should support everything the others do
- should work entirely without root
- microG still elevated so more attack surface
- could work with valid signature,
avb_custom_keyand locked bootloader - an issue could be delayed updates due to distro packaging, good CI/CD is important
- (the sandboxed method)
- I think DivestOS did that
- a mix between shipping microG as a user app and including a compatibility layer in the OS image
- less attack surface of the app
- fast updates as no downstream packaging is used
- OS integration could be as good as installed as system app
- no effect on bootloader locking, if distro is installed and signed nicely
So all these methods have upsides and downsides, some might not achieve the wished for things, some might be currently unavailable (like the DivestOS method)
This topic is very complex so documentation could help.
What do you think?