We are including an apk within the /system/priv-app folder on our custom Android device. This apk handles all device core functions and can even pull down an upgrade (newer version of itself) from our dashboard. Lets call it core.apk. We would like to support updating core.apk by having it download an update (newcore.apk), launching another apk (/system/priv-app/update.apk) and shutting itself down. Then, update.apk could replace /system/priv-app/core.apk with /system/priv-app/newcore.apk. After replacement, a system restart should support execution of /system/priv-app/newcore.apk (ideally).
We are running Kitkat (API 19). I have read about improved PackageManager support for apk updates in API 21, but that does not help us.
I think the fundamental issue is that we must rely on an Android API to support updating anything under /system as this partition is read-only. So, does such support exist? There is much conversation within this forum about system apps supporting update of standard apps (within /data/app), but I am struggling to find a solution that facilitates programmatic update of apks within /system/priv-app (with no user interaction of course).
More info, we are self-signing apks using Android Studio, but we can sign with the system signature of our AOSP build if required (more work but feasible).
Even more info,we are familiar with using su to access features including remount of /system (to get r/w access), but would prefer to avoid this path as getting our AOSP build to support su is not trivial and we do not think that having su access is the best option from a security perspective.
Any help or suggestions are welcome.