hi,
been reading all around forums and no solution, here's the situation :
1. Root my device using z4root
2. OC the kernel using custom kernel
3. edit build.prop
4. test it using quadrant and it all went fine
5. unroot the device using z4root
6. try to root back and it failed
is it kernel got something to do with rooting? or z4root cause some problem so i can not root back? now i can not put my original boot img back to my device, have done a lot of time factory reset still failed.
trying all this command give me "permission denied" (ls, chmod, cp, mv..... etc)
is there a way to bypass this? or is there a driver for bootloader mode CSL_SPICE_MI700?
please how to bring this device to it's original state????
at least i can put busybox and su files to /system/xbin..i think it will solve the problem..but how since i don't have write access to the folder...
please...please...please...
Hi all,
I have been through douzens of threads and forums looking for a solution to this.
I followed some instructions to modify the build.prop file on my Huawei G535-L11 to disable Huawei theme manager in order to get Xsposed working fully (changed ro.config.hwtheme: 0). I did a backup of my original build.prop before hand, and my phone was rooted and unlocked but running the stock rom.
Unfortunately, it rebooted but won't go past the first 'EE' splash screen (just turns off again).
I can inconsistently get in to both fastboot and Android recovery, so I have been trying to use adb to push the original build.prop to /system/ on the phone.
However, this fails as /system/ is apparently RO. I have now discovered that I can't get SU permissions despite my phone being rooted.
If I try:
adb shell
$ su
nothing happens and it goes back to a $ prompt.
If I try:
adb root
I get the message (paraphrased):
adb cannot run as root in production builds.
So I can't push or do any adb method of restoring the build.prop file?! I don't understand why it is acting as if it is not rooted. I had Link2sd, Gravity Box, No Frills Cpu Controller all set up and working before, so I'm fairly sure I did truly have root.
I have also tried flashing a TWRP recovery, which apparently is successful, but when I go in to recovery it is still the Android Recovery.
Does anyone have any ideas what I could do to get my phone working again please?! This is my last gasp before the phone gets filed under 'B' in the cylindrical cabinet in the corner of the room! :crying:
Any assistance greatly appreciated!
Bumpty bump?
So what ro.debuggable should be 0 with ro.secure
Evening all,
I have a Vivo V3 Max (www.vivoglobal.com) which runs Android 5.0.1 (no Marshmallow ROM yet!). It has never been able to be rooted and I am on a mission to do it.
The progress I've made so far is as follows:
1. Got a custom TWRP recovery image flashed and working on the phone so I can boot into recovery. This recovery has full root access to everything.
2. Modified the boot image so that ADB runs as root (insecure mode). This allows me to have a full root shell via ADB when the phone has fully booted as normal. Also modified the fstab to make /system world writable.
3. Installed various "recovery flashable ZIPs" to no avail - it puts all the files (su in /system/xbin etc) in the right place but still no root access.
4. Manually created the required files and symlinks myself, which resulted in the same as 3) above.
I am now at the stage where I realise that it's SELinux not allowing the full root to go through in normal userspace. I can run setenforce 0 (and also su 0 setenforce 0) via ADB to make SELinux permissive, but still I get "/system/bin/sh: su: Operation not permitted" when running SU from a Terminal Emulator app.
Is there anyone out there who can help me with the SELinux side of things to allow /system/xbin/su to run? Also tried systemless with Magisk but same result. Vivo do not release kernel sources for any of their products so I'm stuck with what I have. I do at least have read/write access to all partitions on the device though, so if theres any modifications I can make then I'm happy to try them. I have a full NAND backup of the entire thing.
I have tried using supolicy etc to inject rules, but I'm not really sure what I should be injecting.
Any seasoned developers willing to help me out? My background is in PHP, C#, VB.NET and Windows Servers but I'm OK with Linux too.
Many thanks!
I have attached the output on supolicy --dumpav in case it is useful.
Just a quick update on this... I managed to find a ROM for a very similar device hardware-wise, which was pre rooted. After tweaking the boot image to allow it to run on my device, I could see that /system/xbin/su still had no permission to run. This was despite the fact that the security policies from the other device was copied directly to mine, and on that other device full root access is possible using the exact same ROM that I ported.
I am therefore left with the conclusion that it doesn't matter how many rules I inject to sepolicy or how many domains I modify, the kernel is the limiting factor here. Since Vivo do not release the kernel sources for any of their devices I guess I'm screwed. Would this be against the GPL and is something I can take up with Vivo? I'm gutted...
It looks to me like the best phone $80 can buy I spent couple hours trying to figure out how to enable Multi User module.
My understanding is that adding this to /system/build.prop would bring users module back:
fw.max_users=3
fw.show_multiuserui=1
None of the commonly used apps can root this phone.
Without root I cannot remount /system to read-write to edit build.prop
Stock recovery can mount /system
There are options in recovery to run update from sd card or to update via adb sideload but the phone does not show in adb devices while in recovery. There is also fastboot option.
I also tried dirty cow exploit but it fails with "only position independent executables (PIE) are supported"
I am into this for only couple hours, so I know I am missing a lot. Any pointers that could get me closer to enabling Users module would be welcome.
So, after some reading, i figured I should be able to apply update form recovery that will replace build.prop with modified one. For start, to test things out, I just want to copy file from update.zip to /system/build.prop.test
I created update.zip with update-script and the file I want to add to /system.
Here is update.zip: www . filedropper.com /update_10
I signed update.zip using this:
www . learn2crack.com /2014/02/sign-android-apk-zip.html
I get error "Signature verification failed". Is the problem that keys are test keys or that they are outdated? Is some special manufacturer key required to sign updates?
I am not looking for someone to do this, I just need to be pointed in the right direction.
I have multiple users now :
- downloaded TWRP from bluroms.info
- connected the phone, enabled USB debugging and OEM unlocking in developer options
- run "adb reboot bootloader"
- after phone booted in fastboot mode
fastboot oem unlock (followed instructions on screen / all data wiped)
fastboot boot blutwrp.img (downloaded TWRP)
- twrp started...
- mounted /system
adb pull /system/build.prop
- edited build.prop
adb push build.prop /system/build.prop
adb reboot
- phone got stuck on logo after reboot
removed battery and started the phone again and all seems good
@sasha_ Hey I know this isn't about how to root but could you tell me exactly how you managed to root your Blu Advance 5.0 HD? PM me.
mrfunnybone said:
@sasha_ Hey I know this isn't about how to root but could you tell me exactly how you managed to root your Blu Advance 5.0 HD? PM me.
Click to expand...
Click to collapse
If by rooting you mean, installing supersu so that apps can request root access, i did not do that, because i do not need it. There must be some tutorial around about installing supersu once you root access to the /system - and the steps I described can you get there.
sasha_ said:
If by rooting you mean, installing supersu so that apps can request root access, i did not do that, because i do not need it. There must be some tutorial around about installing supersu once you root access to the /system - and the steps I described can you get there.
Click to expand...
Click to collapse
So is getting root access to system like booting recovery TWRP? then pressing the Mount button and checking System? Sorry I'm a newb at this.
I'd love to gain root on this phone I have twrp installed but can't seem to find a root method that works
Just in case you guys are still watching this, I posted my experience with this phone here
https://forum.xda-developers.com/showpost.php?p=75164672&postcount=26
Here's where I'm at. I've got the system to give me the Mount /System option in recovery, now i just need assistance getting the build.prop pulled to my PC. What's the procedure for pulling the build.prop from the Android to PC via ADB while the system is mounted in recovery? Why am I getting one of these two ADB errors?
Error 1: Connect failed: closed.
error 2: Failed to get feature set: no devices or emulators
OR, am I approaching it wrong?
Thanks in advance,
K0mraid3
you dont need to be in recovery to do it via adb....
adb pull /system/build.prop
that will pull it to where evr you run the adb command
which would be
C;\adb more than likely
or you can choose a destination with
adb pull /system/build.prop c:\buildprop
if you create a folder called "buildprop" in the root directory of c:\
at least thats how i remember doing it many years ago, ive been away for a while at her majesties pleasure, so i cant try it currently as im not rooted
gav83collins said:
you dont need to be in recovery to do it via adb....
adb pull /system/build.prop
that will pull it to where evr you run the adb command
which would be
C;\adb more than likely
or you can choose a destination with
adb pull /system/build.prop c:\buildprop
if you create a folder called "buildprop" in the root directory of c:\
at least thats how i remember doing it many years ago, ive been away for a while at her majesties pleasure, so i cant try it currently as im not rooted
Click to expand...
Click to collapse
Thanks, so far, its still for some reason denying me permission when OS is booted. So i just cant quite figure out where im supposed to execute these commands, is my issue. I can boot directly to BL from recovery menu, but i can also mount system. i think maybe i need sto send command for r/w.. will try that now.
Another question, when i mount /system in recovery, does that carry over on boot?
no you can re mount system via adb though
Code:
$ adb shell
$ su
# mount -o rw,remount /system
gav83collins said:
no you can re mount system via adb though
Code:
$ adb shell
$ su
# mount -o rw,remount /system
Click to expand...
Click to collapse
1.Needs root for this command. If he have rooted device then why so much trouble needed. Simply use root explorer to copy
2.Since long Samsung have removed system from proc/mounts still magisk system_root can be used
3.Even with system in mounts you can't do system rw on S22 because of Samsung have implemented extra layer of protection. Even not with magisk system_root too
Indeed as of now there is no method available to make stock system/vendor/product/odm rw on S22 even with root access.
4.To copy file from system rw mount not needed, ro is fine
dr.ketan said:
1.Needs root for this command. If he have rooted device then why so much trouble needed. Simply use root explorer to copy
2.Since long Samsung have removed system from proc/mounts still magisk system_root can be used
3.Even with system in mounts you can't do system rw on S22 because of Samsung have implemented extra layer of protection. Even not with magisk system_root too
Indeed as of now there is no method available to make stock system/vendor/product/odm rw on S22 even with root access.
4.To copy file from system rw mount not needed, ro is fine
Click to expand...
Click to collapse
im yet to root my device so i cant test but what about
Code:
adb root
adb disable-verity
adb reboot
Then
Code:
adb root
adb remount
gav83collins said:
im yet to root my device so i cant test but what about
Code:
adb root
adb disable-verity
adb reboot
Then
Code:
adb root
adb remount
Click to expand...
Click to collapse
Do you got what I meant?
leave it.
dr.ketan said:
WTF
Do you got what I meant?
leave it.
Click to expand...
Click to collapse
look, there is no need for condescension and bad language, a simple "no" would have sufficed
Lol not meant to hurt you! but on which planet WTF is bad language
Here search WTF on xda
dr.ketan said:
1.Needs root for this command. If he have rooted device then why so much trouble needed. Simply use root explorer to copy
2.Since long Samsung have removed system from proc/mounts still magisk system_root can be used
3.Even with system in mounts you can't do system rw on S22 because of Samsung have implemented extra layer of protection. Even not with magisk system_root too
Indeed as of now there is no method available to make stock system/vendor/product/odm rw on S22 even with root access.
4.To copy file from system rw mount not needed, ro is fine
Click to expand...
Click to collapse
So my device is strange. It doesn't have root, but it indeed shows options in recovery to apply updates from ADB, SD Card aswell as boot directly to BL and to Mount /System, but when I'm booted, the OS is denying me permission to "Su" . I have verified that USB debugging is activated. So I'm trying to see if there's a way to pull the build.prop from Recovery since the Mount /System option is available, but my computer refuses to recognize the device in while in recovery, but easily finds it in Download, BL mode. No FRP lock. No accounts on device. But also no option to unlock bootloader. This device in particular is/was a development sample so I have no clue what the current state of the bootloader etc is in terms of being unlocked prior to me working on it.
It'd also worth noting that this device was loaded with Android 11 when I received it. I'm not kidding. So idk what's going on with this FrankenGalaxy
K0mraid3 said:
It'd also worth noting that this device was loaded with Android 11 when I received it. I'm not kidding. So idk what's going on with this FrankenGalaxy
Click to expand...
Click to collapse
K0mraid3 said:
So my device is strange. It doesn't have root, but it indeed shows options in recovery to apply updates from ADB, SD Card aswell as boot directly to BL and to Mount /System, but when I'm booted, the OS is denying me permission to "Su" . I have verified that USB debugging is activated. So I'm trying to see if there's a way to pull the build.prop from Recovery since the Mount /System option is available, but my computer refuses to recognize the device in while in recovery, but easily finds it in Download, BL mode. No FRP lock. No accounts on device. But also no option to unlock bootloader. This device in particular is/was a development sample so I have no clue what the current state of the bootloader etc is in terms of being unlocked prior to me working on it.
Click to expand...
Click to collapse
These options are normal in stock recovery and can be used only for flashing official zip (OTA), To have root access on your recovery, you needs custom one (TWRP) which is in development stage on S22
Without twrp, You needs to root device (must have oem unlock option in development option) to access system files while you are booted to android.
Android 11 on S22? Can you show me screenshot of settings - about phone - software info?
dr.ketan said:
These options are normal in stock recovery and can be used only for flashing official zip (OTA), To have root access on your recovery, you needs custom one (TWRP) which is in development stage on S22
Without twrp, You needs to root device (must have oem unlock option in development option) to access system files while you are booted to android.
Android 11 on S22? Can you show me screenshot of settings - about phone - software info?
Click to expand...
Click to collapse
Thanks for the clear answer, that's kind of what I'm working on is trying to gain root access, but like you said, I need oem unlocking, which isn't on this device. So I'm trying to find a backdoor/vulnerability that will take me even one step closer to atleast finding a way to set ro.secure. prop. Something VERY interesting I did find, is that if you put the device to Debug medium or high via device keystring activity, and play with the key combos, you can get booted into a mode called RDX, if you plug it into your dev system with the right drivers, it's treats the phone as if it were a Disk and shows a bunch of VZW upgrade software ment for PCs. I've installed it but haven't got it working quite yett.
No idea what you have shown in screenshot, I'd asked something else.
dr.ketan said:
No idea what you have shown in screenshot, I'd asked something else.
Click to expand...
Click to collapse
Maybe Heindall will give me better results. I just refuse to believe the manufacturers have outsmarted us all on this.