Update (and Warning): When I first edited the platform.xml file mentioned below I used vi from a terminal (part of BusyBox). Everything worked perfectly. Then, I wanted a GUI editor that could use root access for system files like this. Jota didn't do it, though Jota+ did, but was not free. Googling around for Android text editors, I found 920 Text Editor, which looked promising. I tested it with a few random text files and it worked well. Then I gave it root and edited platform.xml (just opened it and saved it without any changes), and that seemed to work too. But next time I rebooted, my entire tablet was FUBAR. Every app crashed and the /sdcard partition didn't exist. Turned out that parition was mounted so only root could see it, the file permissions were screwed (700 or something like that), and when I connected as root through ADB to set them back, they immediately reverted to their screwed up state.

What happened was 920 Text Editor changed the file permissions when it saved the file. It should have been root:root mode 644. But it changed to root:media_rw mode 770. This made the file unreadable by most apps and FUBARed my tablet. The only way to recover was to do a full data erase and re-flash it with my rooted Android 4.4. Fortunately, I used Titanium Backup, so restoring it took only about an hour or so. Google's built-in restore doesn't restore all the apps nor their settings.

Lesson learned: when editing system files as root, don't trust any GUI text editor. Use simple tools like vi from the terminal, and double-check not only the file contents, but also its permissions!

Now, back to the original blog entry:

In Android version 4.4, Google restricted the permissions for apps to write to the external SD card. Apps that have the right permissions can still read the entire external SD card. But even with the WRITE_EXTERNAL_STORAGE permission, they can write only to their own directory and nowhere else. Android defines each app's writable directory on the SD card to be:
[PATH TO EXTERNAL SD]/Android/data/x.y.z.app/files

Where x.y.z.app is the app's Java classname. For example, the default music player puts its files here:
[PATH TO EXTERNAL SD]/Android/data/com.google.android.music/files

This decision to restrict permissions broke backward compatibility, made external storage far less useful, and undermined one of the reasons people like myself use Android. And it was not well advertised - nobody's devices warned them about this restriction before updating to 4.4. The warning would read something like, "WARNING: This update makes the external SD card read-only for all practical purposes. If you are using an external SD card to share storage across apps, do not install this update."

The external SD card used to be a general storage area all applications could share, just like the internal memory - only much bigger and replaceable. In Android 4.4 you can't do this anymore. You can still store movies and music etc. on the external SD card. But you can write them there only over a USB cable. Your Android file manager can't copy them there, because it can't write anywhere except its own directory.

There is one exception to this: some devices have a system file manager - for example on Samsung it's called "My Files". This app runs with system privileges and can write anywhere on the external SD card.

This breaks anything that requires multiple apps to write the same files on the external SD card. This broke my Dropbox sync and my Mantano cloud sync, among other things.

The problem - and the fix - is a one-line change in an Android config file.
The file: /system/etc/permissions/platform.xml
Find the XML that looks like this:
‹permission name="android.permission.WRITE_EXTERNAL_STORAGE"›
‹group gid="sdcard_r"/›
‹group gid="sdcard_rw"/›
‹/permission›

Add an extra child element so it looks like this:
‹permission name="android.permission.WRITE_EXTERNAL_STORAGE"›
‹group gid="sdcard_r"/›
‹group gid="sdcard_rw"/›
‹group gid="media_rw"/›
‹/permission›

Unfortunately, this file is on the /system partition, which is mounted read-only. You must mount it read-write to edit this file, and to do that you need to be root. Once rooted, you can get apps on Google Play that make the SD card writable. But all they're doing is mounting /system read-write and editing this file. You probably don't need these apps because if you can root your device, you can edit a file.

So I rooted my Galaxy Tab 3 and made this change. Now I have a usable SD card in Android 4.4. I used the root procedure from XDA Developers, a site with knowledgable people I trust.

Rooting Samsung devices uses an app called Odin, which apparently is used internally at Samsung and was leaked to the public several years ago. Unfortunately, Odin runs only in Windows. There is an open source version of Odin called Heimdall. I tried this but it didn't work with the same files Odin used, so I used Odin instead.

To use Odin on my Linux system, I used VirtualBox and ran it under Windows 7. This works fine, but here's a trick you'll need to know: When you boot the tablet to download mode (while off, hold down pwr + volume down + home), it uses a different device name when it USB connects to the computer. Virtual box exposes USB devices to sessions by device name. Thus you need to add BOTH device names to the USB devices settings of your VirtualBox Windows session. Once while the tablet is booted normally, another while it's booted in download mode. Otherwise, when you run Odin, it will never see the device because VirtualBox isn't passing it through, because it has a different name.

I close with a simple request to Google: IN THE NEXT VERSION OF ANDROID, ADD A SETTING TO PUT THE EXTERNAL SD CARD INTO PUBLIC READ+WRITE MODE, LIKE IT ALWAYS USED TO BE. MAKE IT A DEVELOPMENT MODE SETTING, IF YOU MUST. BUT ALLOW IT TO BE SET WITHOUT ROOTING THE DEVICE!