Related
Update: One click root has been using this "simple" method since version 2.2.7. If you're rooting your phone for the first time, please try that first. Consider this thread to be purely informational for those who want step-by-step details of how the process works.
I've been suspicious of the joeykrim root method since it was first posted at SDX. I finally got my Epic yesterday and confirmed that is, indeed unnecessary. I don't fault joeykrim though, he ported the working root method from the Moment to the Epic without actually having access to an Epic himself.
Anyways, the joeykrim root method is unnecessarilly complex becuase it works around an RFS permissions bug which loses the setuid bit on the Moment. It appears the Galaxy S phones have this bug fixed, which is why the root methods on the I9000, Vibrant, Captivate, Fascinate, etc., are much simpler.
So, for the simple root:
First, make sure joeykrim root is not installed.
Upgrade to DI18 (not strictly necessary, but you'll want to do it).
Setup a working adb from the Android SDK and whatever drivers are necessary for your platform.
Download rageagainstthecage-arm5.bin from the C skills blog (link removed due to my newbieness) or from any of the one-click root packages.
Download su-2.3.6.1-ef-signed.zip and extract "system/bin/su" and "system/app/Superuser.apk" to a temporary directory you'll be working from.
Enable USB debugging on your phone and connect it to your computer.
Now, open a command prompt/shell on your computer and cd to the appropriate temporary directory. Run:
Code:
adb push rageagainstthecage-arm5.bin /data/local/tmp
adb shell chmod 755 /data/local/tmp/rageagainstthecage-arm5.bin
adb shell /data/local/tmp/rageagainstthecage-arm5.bin
and confirm you have a working root shell. Then continue with:
Code:
adb push su /system/xbin
adb shell chmod 4755 /system/xbin/su
adb install Superuser.apk
That's it! You should have a working root via su & the Superuser package. At least, I did.
Note that the preceeding steps installs Superuser.apk to /data, which is what I prefer to do. This means if you do a "Factory data reset" su will be temporarilly broken until you reinstall the Superuser.apk package. Since installing the package itself doesn't require root, this is easily done after a /data reset.
Also note that I did not perform a /system remount-rw anywhere. At least on my Epic, /system appears to always be mounted read-write so it's an unnecessary step. It's actually the "joeykrim-root.sh" script that remounts /system read-only during the boot process, which is why folks who don't use root kernels have run into this problem before. I'm not sure why joeykrim's script does that, I guess he probably assumed /system is mounted read-only by default. There's arguments that /system should be read-only, but I didn't touch it in case some Samsung stuff depends on it being read-write.
Finally, if you're already rooted via joeykrim or are running a root kernel, there's nothing really to be gained by doing this. I'm just throwing this out there as I perfer to make the minimum invasive changes possible to obtain root.
Wow, that was really informative. To check for Super user you:
Type: adb shell
then type: SU
You should get a # sign if you have root. Correct?
In the original Noobln post method would the Epic keep root even after a wipe therefore not needing to re-apply the superuser apk again? That might be a reason why folks would want to go the more invasive route (considering rooters seems to change ROMS fairly often which requires wipes sometimes). Either way, keeping a copy of the apk file on your SD card is no big deal.
mkasick said:
Also note that I did not perform a /system remount-rw anywhere. At least on my Epic, /system appears to always be mounted read-write so it's an unnecessary step. It's actually the "joeykrim-root.sh" script that remounts /system read-only during the boot process, which is why folks who don't use root kernels have run into this problem before. I'm not sure why joeykrim's script does that, I guess he probably assumed /system is mounted read-only by default. There's arguments that /system should be read-only, but I didn't touch it in case some Samsung stuff depends on it being read-write.
Click to expand...
Click to collapse
This explains a lot of problems! thanks
EDIT- another noob question- why do you prefer to have superuser installed to /system/data- why not put it in /system/app? Also if I want to install busybox where is the best location to put it?
ZenInsight said:
Wow, that was really informative. To check for Super user you:
Type: adb shell
then type: SU
You should get a # sign if you have root. Correct?
Click to expand...
Click to collapse
Once you run rageagainstthecage-arm5.bin, you should get a root-shell automatically every time you run "adb shell" after until you reboot the phone. Yes, you can tell it's a root shell since it uses the "#" prompt. This is the important part to check, since if the exploit doesn't work, you'll have to run it again. But I haven't seen it not work.
After su is installed and you reboot, your steps are correct: run "adb shell", run "su", then you'll be prompted on the phone scren to authorize access and once you allow it you'll end up with a "#" prompt.
ZenInsight said:
In the original Noobln post method would the Epic keep root even after a wipe therefore not needing to re-apply the superuser apk again?
Click to expand...
Click to collapse
noobnl installs Superuser.apk to /system, you can do that here too. Just replace the "adb install Superuser.apk" step with "adb push Superuser.apk /system/app". It's independent of the joeykrim scripts.
With my captivate we have many update.zip root methods to choose from. Any chance this will be coming to the epic? Have a friend with an epic and command lines would be too much and one click didn't work.
Sent from my SAMSUNG-SGH-I897 using XDA App
jimmyz said:
why do you prefer to have superuser installed to /system/data- why not put it in /system/app?
Click to expand...
Click to collapse
I prefer to keep consistent with the idea that user-installed applications go in /data, and stock-installed-and-unmodified applications remain in /system/app. This way, upgrading Superuser.apk doesn't require a root-shell/root-explorer, you can remove it or upgrade it the way you do with any user installed application--adb install, side-loading via an sdcard, or downloading it from the market.
Plus, in general I prefer to keep my /system as untouched as possible. For example, I don't remove stock apps either. The "su" binary has to be installed in /system to persist after a /data wipe, and busybox is best installed to /system so it's in PATH (haven't looked into modifying the default PATH yet). Otherwise I try to keep /system alone.
jimmyz said:
Also if I want to install busybox where is the best location to put it?
Click to expand...
Click to collapse
Android's default PATH provides four places for busybox to be installed: /sbin, /system/bin, /system/sbin, and /system/xbin. /sbin is part of the initramfs, in other words it's controlled by the kernel you're running. You can install busybox to any of the three /system/*bin directories, but I prefer /system/xbin.
In the traditional Unix conventions, "/usr/bin" is for user-runnable stock-installed programs, and "/usr/sbin" is for root-requiring (superuser-runnable) stock-installed programs. "xbin" isn't part of the standard convention, but I'd guess it's intended for "extra binaries" that are not part of the stock installation (much like /usr/local/bin), thus it seems like an appropriate location for a user-added "su" and "busybox" programs.
The second reason is that "xbin" is relatively empty, so if you want to create the applet symlinks (i.e., so that you can call "cp" instead of "buybox cp") it won't overwrite the stock toolbox symlinks. Also, since "xbin" is last on the default PATH, any programs provided by both toolbox and busybox will default to the toolbox version--which would be important for stock system scripts that might run into compatibility issues if they were to use the busybox versions instead.
To install busybox, grab a copy of the binary from somewhere (one click packages, a copy of stericson.busybox.apk, etc.). Then, once rooted run:
Code:
adb push busybox /data/local/tmp
adb shell
su # Authorize on phone screen
cat /data/local/tmp/busybox > /system/xbin/busybox
chown root.shell /system/xbin/busybox
chmod 755 /system/xbin/busybox
rm /data/local/tmp/busybox
/system/xbin/busybox --install -s /system/xbin
jhnstn00 said:
With my captivate we have many update.zip root methods to choose from. Any chance this will be coming to the epic?
Click to expand...
Click to collapse
I don't believe so. The I9000/Vibrant/Captivate have recoveries that don't check the signature of update.zip (as I understand, or maybe they do but only require test keys) which makes rooting-via-recovery possible. Unfortuntaely the Epic and Fascinate do perform signature checks, so we can't enable root via stock-recovery.
That said, the Fascinate one-click methods should also work on the Epic. Although depending on why your friend couldn't get the Epic one-click to work, the Fascinate one may not work either.
mkasick said:
I prefer to keep consistent with the idea that user-installed applications go in /data, and stock-installed-and-unmodified applications remain in /system/app. This way, upgrading Superuser.apk doesn't require a root-shell/root-explorer, you can remove it or upgrade it the way you do with any user installed application--adb install, side-loading via an sdcard, or downloading it from the market.
Plus, in general I prefer to keep my /system as untouched as possible. For example, I don't remove stock apps either. The "su" binary has to be installed in /system to persist after a /data wipe, and busybox is best installed to /system so it's in PATH (haven't looked into modifying the default PATH yet). Otherwise I try to keep /system alone.
Android's default PATH provides four places for busybox to be installed: /sbin, /system/bin, /system/sbin, and /system/xbin. /sbin is part of the initramfs, in other words it's controlled by the kernel you're running. You can install busybox to any of the three /system/*bin directories, but I prefer /system/xbin.
In the traditional Unix conventions, "/usr/bin" is for user-runnable stock-installed programs, and "/usr/sbin" is for root-requiring (superuser-runnable) stock-installed programs. "xbin" isn't part of the standard convention, but I'd guess it's intended for "extra binaries" that are not part of the stock installation (much like /usr/local/bin), thus it seems like an appropriate location for a user-added "su" and "busybox" programs.
The second reason is that "xbin" is relatively empty, so if you want to create the applet symlinks (i.e., so that you can call "cp" instead of "buybox cp") it won't overwrite the stock toolbox symlinks. Also, since "xbin" is last on the default PATH, any programs provided by both toolbox and busybox will default to the toolbox version--which would be important for stock system scripts that might run into compatibility issues if they were to use the busybox versions instead.
To install busybox, grab a copy of the binary from somewhere (one click packages, a copy of stericson.busybox.apk, etc.). Then, once rooted run:
Code:
adb push busybox /data/local/tmp
adb shell
su # Authorize on phone screen
cat /data/local/tmp/busybox > /system/xbin/busybox
chown root.shell /system/xbin/busybox
chmod 755 /system/xbin/busybox
rm /data/local/tmp/busybox
/system/xbin/busybox --install -s /system/xbin
Click to expand...
Click to collapse
You sir are a true gentleman! Thank you for the informative answers- its great to have you over here! I have one more question- why can't I usually push directly to /system ?
jimmyz said:
why can't I usually push directly to /system ?
Click to expand...
Click to collapse
Pushing directly to /system requires running the adb service on the phone as the root user, so that it has permissions to write to that directory. Usually adb runs on the phone unprivileged, so you can only push to world-writable directories.
Running rageagainstthecage-arm5.bin actually changes this. The exploit forces the adb service to run as the root user, which is why "adb shell" gives you a root shell and "adb push" to /system does work, until the phone is restarted.
Interesting enough, the adb service also runs as root by default in the Android emulator. So there's probably a configuration setting, somewhere, to make it do that. In general it's safer to run adb unprivileged though, and "su" to move files to /system once uploaded elsewhere on the phoe.
mkasick said:
Pushing directly to /system requires running the adb service on the phone as the root user, so that it has permissions to write to that directory. Usually adb runs on the phone unprivileged, so you can only push to world-writable directories.
Running rageagainstthecage-arm5.bin actually changes this. The exploit forces the adb service to run as the root user, which is why "adb shell" gives you a root shell and "adb push" to /system does work, until the phone is restarted.
Interesting enough, the adb service also runs as root by default in the Android emulator. So there's probably a configuration setting, somewhere, to make it do that. In general it's safer to run adb unprivileged though, and "su" to move files to /system once uploaded elsewhere on the phoe.
Click to expand...
Click to collapse
I am learning a lot!!! Could you take a look at koush's kernel here, with it I noticed that when using adb I got the # prompt right away and was able to push to /system- maybe he was able to figure out the config settings? Once again thanks!!!
one more ? (feel free to ignore this one) what actually happens when you do
Code:
adb shell /data/local/tmp/rageagainstthecage-arm5.bin
and how does that give you permanent root?
mkasick said:
Pushing directly to /system requires running the adb service on the phone as the root user, so that it has permissions to write to that directory. Usually adb runs on the phone unprivileged, so you can only push to world-writable directories.
Running rageagainstthecage-arm5.bin actually changes this. The exploit forces the adb service to run as the root user, which is why "adb shell" gives you a root shell and "adb push" to /system does work, until the phone is restarted.
Interesting enough, the adb service also runs as root by default in the Android emulator. So there's probably a configuration setting, somewhere, to make it do that. In general it's safer to run adb unprivileged though, and "su" to move files to /system once uploaded elsewhere on the phoe.
Click to expand...
Click to collapse
It is indeed a config option in default.prop. However, this is in the initramfs and you can't change it on the fly, so you need to rebuild the kernel to change it. With some work you can modify the stock kernel to do it, but I personally haven't tried it.
Sent from my Epic 4G using XDA App
Thank you, this worked perfectly for me, running stock DI18 ROM that I flashed tonight!!! I confirmed by installing the wireless tethering pre-9 apk, and successfully ran the wireless tethering without any errors.
Quick question: do we need to do this after root or is it not needed?
NEEDED?? ===> SuperUser App to help with Security Concerns for the Epic - h**p://forum.sdx-developers.com/epic-development/superuser-app-to-help-with-security-concerns/
Also, Titanium Backup failed to work - it gave an error of denied root access, and said busybox was not installed. What needs to be done to make it work? Do I need to install clockwork mod (not exactly sure what it does though) or a custom ROM?
AndroidSPCS said:
Quick question: do we need to do this after root or is it not needed?
Click to expand...
Click to collapse
Not sure exactly what you're asking. This is an alternative to the joeykrim-based one-click roots and rooted kernels. If you already have one of those this isn't really necessary.
AndroidSPCS said:
NEEDED?? ===> SuperUser App
Click to expand...
Click to collapse
Yes, the su binary used here requires the Supruser appto be installed to authorize su requests. Otherwise they'll always be denied. Other su binaries might not require it, but then all apps have root access which isn't really a good thing.
AndroidSPCS said:
Also, Titanium Backup failed to work - it gave an error of denied root access, and said busybox was not installed. What needs to be done to make it work?
Click to expand...
Click to collapse
Did you authorize Titanium Backup when the Superuser prompt came up (requies the Superuser app to be instald too)?
Titanium Backup has an option to download and install it's preferred version of busybox. Follow the prompts to do that.
mkasick said:
Not sure exactly what you're asking. This is an alternative to the joeykrim-based one-click roots and rooted kernels. If you already have one of those this isn't really necessary.
Click to expand...
Click to collapse
Thanks, actually this was referring to the thread where the instructions for going to adb shell or terminal and typing in the following commands:
adb shell
su
mount -t rfs -o remount,rw /dev/block/stl9 /system
cp /system/bin/su /system/bin/jk-su
exit
Yes, the su binary used here requires the Supruser appto be installed to authorize su requests. Otherwise they'll always be denied. Other su binaries might not require it, but then all apps have root access which isn't really a good thing.
Click to expand...
Click to collapse
Yes same as above, the question is not whether we need SU app (I know we do), but whether we needed to type the additional commands:
adb shell
su
mount -t rfs -o remount,rw /dev/block/stl9 /system
cp /system/bin/su /system/bin/jk-su
exit
What do these commands do? It seems to me my Superuser app is working fine with wifi tether - popping up with allow / disable permission boxes, etc. Do these commands add something else to Superuser?
Did you authorize Titanium Backup when the Superuser prompt came up (requies the Superuser app to be instald too)?
Titanium Backup has an option to download and install it's preferred version of busybox. Follow the prompts to do that.
Click to expand...
Click to collapse
There was no Superuser prompt during the install of the app, nor anytime when it said it had a failure with root access. However there is an option to install BusyBox, which I have not done yet, because I am not sure what busybox is, or what it does. I'd like to find out why I need it and what it does, so I can feel comfortable with installing it.
Thanks again.
echo "root::0:0:root:/data/local:/system/bin/sh" > /etc/passwd
echo "root::0:" > /etc/group
you need to do that in a shell to make sure su works properly.
I'm updating the one click root right now to be less silly.
http://forum.xda-developers.com/showpost.php?p=8543226&postcount=455
I just cleaned up the one click root to not do many of the silly things joeykrim's root does. It also means your system will be mounted as rw after a reboot and it won't overwrite your su with jk-su every boot (no more modified playlogo).
Cleaned up all the old stuff from the root so it should work fine even if you were using one of the older one clicks. I made sure su works, incl titanium backup.
I'm still installing superuser.apk to /system/app because I think it belongs there.
Thanks for doing the footwork, mkasick!
Firon said:
http://forum.xda-developers.com/showpost.php?p=8543226&postcount=455
I just cleaned up the one click root to not do many of the silly things joeykrim's root does. It also means your system will be mounted as rw after a reboot and it won't overwrite your su with jk-su every boot (no more modified playlogo).
Cleaned up all the old stuff from the root so it should work fine even if you were using one of the older one clicks. I made sure su works, incl titanium backup.
I'm still installing superuser.apk to /system/app because I think it belongs there.
Thanks for doing the footwork, mkasick!
Click to expand...
Click to collapse
Firon- why are these lines still needed?
Code:
adb push playlogo /system/bin/playlogo
what is playlogo? Does this just put the stock one back in case you used the joeykrim method in the past?
Code:
adb push remount /system/xbin/remount
Are the remount scripts still needed?
Code:
adb shell ln -s /system/xbin/su /system/bin/su
why is this link needed? why cant su just be in xbin
thanks in advance!
Code:
jimmyz said:
Firon- why are these lines still needed?
Code:
adb push playlogo /system/bin/playlogo
what is playlogo? Does this just put the stock one back in case you used the joeykrim method in the past?
Click to expand...
Click to collapse
This is just pushing the stock playlogo, since joeykrim's method overwrites it with some custom script.
Code:
adb push remount /system/xbin/remount
Are the remount scripts still needed?
Click to expand...
Click to collapse
The script allows you to easily remount system as ro or rw at will. Why not?
Code:
adb shell ln -s /system/xbin/su /system/bin/su
why is this link needed? why cant su just be in xbin
Click to expand...
Click to collapse
I don't know if any apps depend on it being in a particular location. It is in xbin, but I'm also linking it to /system/bin to be safe.
AndroidSPCS said:
What do these commands do? It seems to me my Superuser app is working fine with wifi tether - popping up with allow / disable permission boxes, etc. Do these commands add something else to Superuser?
Click to expand...
Click to collapse
These commands were necessary to get Superuser working with the old joeykrim root method. They're not necessary with this method (or the newly released one-click). In other words, if wifi-tethering is already working for you, nothing further is needed to be done.
AndroidSPCS said:
There was no Superuser prompt during the install of the app, nor anytime when it said it had a failure with root access.
Click to expand...
Click to collapse
I don't actually use TitaniumBackup. I'm not sure why its superuser-requirements would be different from other apps, but I guess it is. The new one-click appears to address this.
AndroidSPCS said:
However there is an option to install BusyBox, which I have not done yet, because I am not sure what busybox is, or what it does. I'd like to find out why I need it and what it does, so I can feel comfortable with installing it.
Click to expand...
Click to collapse
Busybox is a suite of "familar" Unix command-line utilites (things like cp (copy), mv (move), ls (list), etc.). It targets embedded platforms by being very featureful, yet relatively small. It's installed and used on a wide variety of embedded devices including wireless routers, print servers, phones, even televisions.
Oddly enough, Android does not include busybox by default. Instead it comes with it's own utility-programs-package called "toolbox" that isn't nearly as featureful, and quickly becomes a pain to use. Some programs, like TitaniumBackup depend on busybox programs/features, and thus require it's installation. It's safe.
The only problem with busybox is that there's not one single version of it. There's multiple builds of it from the same source code with different sets of features turned on and off. In the past, some folks had a version of busybox installed that didn't contain all the features necessary to support TitaniumBackup, so they added the option to install their own version. It's installed in a separate location, so it won't overwrite any version you do have installed, and it's safe to do. But if you've already installed another version of busybox that does work, then it may be unnecessary.
I did the Jokeyrim method a few days ago. I installed a new kernal and now a new ROM. All seems ok, but ow when I do the "whoami" command in adb shell I get whoami not found. I don't think I'm really rooted anymore. Any attempt to reinstall the Jokeyrim root script results in failure (mostly "device not found" errors). When in adb shell, most commands I type now are either "not found" or "permission denied", so I'm not confident that I'm really rooted now.
Since I have / had Jokeyrim installed, how can I "uninstall" it so that I can use this method of rooting instead? BTW, the newest Clockworkmod is installed and working.
Do I need to flash to stock first? Sorry, but I'm a VERY STOOPID NOOB.
I've seen that there's no topic teaching how to ROOT the phone in the forum yet, so I'm making one myself, I hope this will help users who come here looking for info.
This method was originally found by jboogie3 here http://modmymobile.com/forums/637-motorola-defy-general/557910-motorola-defy-root-droid2method.html
EDIT: If you have version 2.51 ROOT with another way, check out this topic: http://forum.xda-developers.com/showthread.php?t=889133
Let's get started:
1. Put the phone in Debug Mode: Go to Settings > Applications > Development and check USB debugging box.
2. Extract the files from the zip below, connect the phone via USB, and copy them to the phone via ADB like this:
Code:
adb push Superuser.apk /sdcard/Superuser.apk
adb push su /sdcard/su
adb push busybox /sdcard/busybox
adb push exploit.bin /data/local/tmp/exploit.bin
3. Now we enter the phone's internal shell, also using ADB:
Code:
adb shell
4. Then we take advantage of the "fake" root exploit:
Code:
cd /data/local/tmp
chmod 0755 exploit.bin
./exploit.bin
5. Now after that last command you should be back to your normal console, not the phone one, so we need to connect to it again, and doing so we should now see that we have root permissions since the "#" symbol is displayed instead of "$".
Code:
adb shell
6. Now we mount the /system partition as writable and copy the necessary files there, and set them with the right permissions:
Code:
mount -o rw,remount -t ext3 /dev/block/mmcblk1p21 /system
cp /sdcard/Superuser.apk /system/app/Superuser.apk
cp /sdcard/su /system/bin/su
cp /sdcard/busybox /system/bin/busybox
chmod 4755 /system/bin/su
chmod 4755 /system/bin/busybox
mount -o ro,remount -t ext3 /dev/block/mmcblk1p21 /system
exit
7. Restart the phone and check if you have ROOT in a terminal by typing the "su" command, or by installing any other app that requires ROOT, and seeing it the SuperUser app pops up.
Or, download z4root by ryan in the market. Click permanent root, done.
Sent from my MB525 using XDA App
Many people reported z4root to work, but somehow it didn't work for me :\, phone reboot 2 times, but root wasn't being recognized system wide. But yeah, there's no problem testing that first, if it works for you it's way simpler
Worked well for me. Almost too easy.
Thank you for the great write up though.
pedrodh said:
Many people reported z4root to work, but somehow it didn't work for me :\, phone reboot 2 times, but root wasn't being recognized system wide. But yeah, there's no problem testing that first, if it works for you it's way simpler
Click to expand...
Click to collapse
Sent from my MB525 using XDA App
Well, at least this will help people know what's going on in the background for achieving ROOT hehe
Thanks for posting and distur for the z4root tip, worked for me.
Sent from my MB525 using XDA App
Yep. z4root worked for me as well. Perfect.
Nice writeup! very detailed
thx !!!
thanks much
z4root worked for me as well. no issues and running for more than a week now rooted. haven't tried the unroot function yet...
I made it also with z4root...no problem so far
root
are we talking super 1 click, rooted mine 1st day i got it same method as droid no probs so far, all the crap from vodafone gone now, waiting for a nice rom
I heard that the DORoot works as well. There are also links on how to root on the Droid 2. I'd think it would be similar.
http://forum.xda-developers.com/showthread.php?t=782556
hi first time android newbie here-
i downloaded and install z4root - how do i confirmed the device was rooted?
After rooting, in your application drawer (middle button that brings up all your apps) you'll see the superuser app. It looks like an android skull and crossbones.
I have a Motorola Defy on T-Mobile UK, If I use z4root will this enable me to root my phone.
Exactly what does rooting achieve, Will it allow me to try another rom?
Yes, z4root will let you achieve root on this phone.
ROOT has nothing or very little to do with custom ROMs, ROOT it's the Unix super user, the administrator per say. With it certain apps that modify system properties will work (search Android Market for "root"), and also it enables you to do all sorts of crazy stuff on the phone, like literaly modify any file. So if for example there's an app that bundles with the phone, and that you normaly couldn't unistall it, with ROOT you can just delete the app, and that's it . That's and many more things, although root it's most usufull for developers or hackers than the normal user. It's not like jailbreaking an Iphone, Android it's already open enough for the regular user.
If I root the Motorola Defy and I delete some files because I not familiar with this, will I make my Motorola Defy dead.
croxley said:
If I root the Motorola Defy and I delete some files because I not familiar with this, will I make my Motorola Defy dead.
Click to expand...
Click to collapse
Rooting doesn't delete files If you've rooted your phone, you won't be able to just go to the system folder and delete something. You need tools like "root exporer" for this. This is a payware. When you rooted your phone, this root explorer can ask you for more rights. These are needed to delete needed files. Also you can do it for free with the androidSDK. Have a look here: http://forum.xda-developers.com/showpost.php?p=9456771&postcount=1
but be: don't do thinks where you don't know to get it undone. You CAN brick your phone and then you'll have to spend much time to get it back working.
Trying to install GFE on a previously rooted but now unrooted phone. It's failing because it thinks I'm still rooted.
I have unrooted, removed Superuser (the apk and from the App list), etc.
What the hell is it finding?
Maybe su or busybox in the xbin folder?
wewoapsiak said:
Maybe su or busybox in the xbin folder?
Click to expand...
Click to collapse
Yes. They are both there. But how do I get rid of them now that I'm not rooted? ADB shell errors out with read only file system. If I re-root and delete them, then how do I make the file system read only again?
Also, do I need to get rid of /system/bin/su or is that part of stock Android?
Thanks so much for any help.
So all you did was delete the .apk? Download Super 1-click, re-root, then use it to unroot.
http://forum.xda-developers.com/showthread.php?t=803682
wewoapsiak said:
So all you did was delete the .apk? Download Super 1-click, re-root, then use it to unroot.
http://forum.xda-developers.com/showthread.php?t=803682
Click to expand...
Click to collapse
I rooted by flashing the update.zip and then unrooted by removing the Superuser app and then changing the file system to read only.
I thought SuperOneClick only worked with FroYo on the G2X and not with Gingerbread.
Success!!!!!!!! Many thanks to jboxer and others that pointed me in the right direction.
Here's what you need to do for anyone else facing this issue:
1. Boot into Clockwordmod Recovery and then connect your phone to the computer. CWM Recovery will be seen on ADB with root permissions.
2. Before issuing the following commands, after your phone is connected, use the menu in CWM Recovery to mount the system. If you don't mount the system you are seeing CWM's mini Android system and not the phone's.
3. Issue the following commands from your computer:
#adb uninstall com.noshufou.android.su
#adb shell rm /system/app/Superuser.apk
#adb shell rm /system/bin/su
#adb shell rm /system/xbin/su
#adb shell rm /data/local/tmp/psneuter
#adb shell "find /system/xbin -type l | xargs rm"
#adb shell rm /system/xbin/busybox
4. Use the CWM Recovery menu to unmount system.
5. Reboot your phone.
Before you attempt to re-run the Good setup, check one last time to make sure that su is gone from /system/bin and /system/xbin and that Superuser does not show up either in your Apps or when you go to Settings->Manage Apps. If any of this is still present you need to redo what is written above as the Good setup will fail.
I also recommend doing a Nandroid before unrooting, a second Nandroid after unrooting but before installing Good, and then a third Nandroid immediately after successfully installing Good.
Ok, so this is the problem:
I have a TF101, rooted since 3.2. I have been able to do OTA updates without problems so far, keeping my root with OTA Rootkeeper.
Last week, I tried figuring out how to automatically mount cifs-shares through Tasker. Whatever I tried, the share would not mount through Tasker. It mounted without problems through command line in Terminal Emulator.
Eventually, i narrowed it down to a root acces problem in Tasker, or the Locale Execute plugin, or the secure settings plugin. I noticed that neither of those had ever asked for SU-acces and there were no logs of it in the Superuser app. When downloading other root-needing apps (e.g. rootchecker), I had the same problem: whenever a new app would normally ask for root acces, instead of the usual Superuser-prompt, the app stalled for a few seconds and then gave an error message or just plain nothing. There was no log of this in the superuser app.
When setting the superuser app to 'always grant root', the situation stayed the same: new apps didn't get root, older apps still had root without problems.
While searching for similar occurences on the internet, I saw a suggestion somewhere to clear the cache and data for the superuser app, so I did.
Now superuser still doesn't prompt and NONE of my apps have root. Apparently even the superuser app itself has no root acces anymore, since it fails to get root acces when updating the su-binary.
My guess was that completely removing su and the superuser app and subsequently re-rooting the whole thing would fix this.
I tried unrooting/rerooting through various methods (Brk, Vipermod, this one, and the new Wolf's thingy), but to no avail.
Brk tells me eveything worked fine, but changes nothing, except it gave me an even older version of the su-binary.
Vipermod hangs on "daemon started succesfully" but apparently does nothing even after 10 minutes.
The Asus Backup Utility method changed absolutely nothing
The Wolf's method looked promising, but installing the "Superuser-3.0.7-efghi-signed.zip" failed. (maybe because I did this from CWM recovery instead of his recoveryblob recovery? Dunno.)
So far I can't seem to remove root, as OTA Rootkeeper assures me the superuser app is installed and the device is rooted, even if the root acces is not granted to it (or any other app).
Any ideas?
Update: tried installing SuperSU from CWM recovery to replace Superuser app, but it gave the same 'installation aborted' message. Is this because CWM has no root acces also?
update2: I have root acces through adb shell apparently. I looked here and here for a way to replace the superuser app. I managed to remount /system, delete Superuser.apk and push the Superuser.apk and su from "Superuser-3.0.7-efghi-signed.zip" onto the device.
No apparent change, not even in the su binary version number reported by Superuser app.
I downloaded the standalone su-binary from here too, and replaced /system/bin/su with that one, too, but after reboot the Superuser app still indicated su binary version 2.3.2-efgh.
I don't know exactly when this problem started, but it could have been caused by the recent update from 9.2.1.17 to 9.2.1.21? Is it possible to revert to the previous version? If so, how? Would I lose data/apps?
Type the following in terminal:
ls -l /system/*/su
My guess is that you have two binaries and one or both of them is not superuser with permission rwsr.xr.x
Ensuring CWM working properly, you just try do backup using CWM then, if it worked then it's has nothing to do with being root access problem. And flashing wolf's root zip via CWM is all it takes to regain root after the 9.2.1.21 update.
Mine was similar root access messed after flashing the 9.2.1.21 update. Tried rectified this by copying su from system/bin to system/xbin but still nothing, but my CWM work though and use it to flash wolf's root zip to correct the su missing in the system. Now it work great..
Sent from my awesome rooted Defy: 2.3.6
@gee one
ls -l /system/*/su gives me this:
-rw-rw-rw- root root 22364 2008-02-29 02:33 su
-rwsr-sr-x root shell 26324 2008-02-29 03:33 su
So you're on to sth. Top one is located in /system/bin, lower one is in /system/xbin.
Now what do I do with this? Copy one over the other? chmod? chown?
@farsight73
As said in the OP, I tried flashing wolf's root zip in CWM, but got an error and it aborted. I did the following:
put zip on removable sd
reboot to CWM
choose update from zip
select the right zip
confirm
I also tried this with /system mounted, but same result.
I don't have acces to pc now, I will try more tonight.a
[SOLVED]
Thanks for the replies, you got me in the right direction in that I was replacing the wrong su in the wrong way.
Since Brk Toolkit managed to get me an older su, I thought it could as well give me the right one second time.
I replaced the su and superuser.apk in the /adb folder of the Brk rootkit with the one from wolf's root zip, and then used Brk Toolkit to install su and superuser.
Upon reboot, the problem was solved.
Thanks a bunch!
For future reference, I think you could just elevate to the superuser by typing in terminal "/system/xbin/su" Then you could fix system/bin/su with "chmod 06775/system/bin/su"
Then " exit" should drop you to a normal shell, and "su" will promote you in the usual way.
The issue here is that xbin and bin are both in your path, and bin is probably first, so the non-super version is "found" first. "echo $PATH" will reveal your path variable.
sent from my transformer
gee one said:
For future reference, I think you could just elevate to the superuser by typing in terminal "/system/xbin/su" Then you could fix system/bin/su with "chmod 06775/system/bin/su"
Then " exit" should drop you to a normal shell, and "su" will promote you in the usual way.
The issue here is that xbin and bin are both in your path, and bin is probably first, so the non-super version is "found" first. "echo $PATH" will reveal your path variable.
sent from my transformer
Click to expand...
Click to collapse
HEY MY FRIED I HAVE EXACTLY THE SAME PROBLEM
chmod 06775 /system/bin/su results"unable to chmod /system/bin/su: readonly filesystem "
echo $PATH RESULTS /system/bin/su: /system/Xbin/su
COULD U HELP ME WITH ZIS MY FRIEND
10Q
From adb or the terminal, type in "/system/xbin/su" to elevate to the superuser. Then mount system to read-write and delete the /system/bin/su version. Remount system as read only.
This will work if you have two versions of su and one of them is not really super.
sent while running with scissors
Ladies and Gentleman,
I was able to root the HD8 6th Gen using Kingoroot while in airplane mode. I download the executable and ran it directly from my computer. My Fire tablet is on version 5.3.1.1 and was never registered with Amazon. I can run su in adb but the SuperUser app is not working on my tablet. I am looking into replacing the KingoRoot SuperUser app with SuperSU. I suggest you block updates as soon as you achieve root.
look at this thread to see if you can remove Kingroot and replace
https://forum.xda-developers.com/am...rtool-root-t3272695/post69855730#post69855730
This applied to 7" but may be same issue you are having. Note I would suspect you at least need to install the app since you used the PC version but then that might allow replacement fully. The Rootjunky script basically installs supersu and removes the kingroot app following this approach: https://www.droidmen.com/remove-kingroot-kinguser-with-supersu/
So now the questions are:
* Does the app work too or just PC version
* Does a device which has been used and registered with Amazon work? I am on 5.3.1.1, have OTA disabled, have Novalauncher sort of working, and managed to get Amazon to disable the ads lock screen but right now the device does not leave home due to Opendns constraints as I did not want to lose 5.3.1.1 while waiting.
Decided to try this on 5.3.2.1, ran Kingroot for PC few times (version 3.4.0 build 1142). Did not work. Hope it works for you 5.3.1.1 guys.
I believe 5.3.2 can be downgraded to 5.3.1.1 but I also believe 5.3.2.1 is confirmed to not be downgradable.
I was lucky and got my BF unit with 5.3.1.1 and blocked OTA right away
I register to reply this thread and tell everyone that 5.3.1.1 CAN BE ROOT using KingoRoot(not KingRoot)
blocked OTA and planning to place Kingoroot with Supersu now.
go kingoapp.c0m(replace 0 with o) and download the PC one.
Tried APK one but seems stuck at 90% or not enough patient?
---------- Post added at 05:17 PM ---------- Previous post was at 05:12 PM ----------
chemie99 said:
look at this thread to see if you can remove Kingroot and replace
https://forum.xda-developers.com/am...rtool-root-t3272695/post69855730#post69855730
This applied to 7" but may be same issue you are having. Note I would suspect you at least need to install the app since you used the PC version but then that might allow replacement fully. The Rootjunky script basically installs supersu and removes the kingroot app following this approach: https://www.droidmen.com/remove-kingroot-kinguser-with-supersu/
So now the questions are:
* Does the app work too or just PC version
* Does a device which has been used and registered with Amazon work? I am on 5.3.1.1, have OTA disabled, have Novalauncher sort of working, and managed to get Amazon to disable the ads lock screen but right now the device does not leave home due to Opendns constraints as I did not want to lose 5.3.1.1 while waiting.
Click to expand...
Click to collapse
my device is registered with amazon and it works
Detailed instruction on post#38
so what is difference between
kingoroot
and kingroot
??
I am familiar with Kingroot but kingoroot seems to be another animal? Is kingo safe? We have a total of 3 lifetime posts from two accounts who are speaking its benefits....
chemie99 said:
so what is difference between
kingoroot
and kingroot
??
I am familiar with Kingroot but kingoroot seems to be another animal? Is kingo safe? We have a total of 3 lifetime posts from two accounts who are speaking its benefits....
Click to expand...
Click to collapse
honestly I dunno, I'm new to android, just bought the kindle to start playing with android...
but I found it difficult to replace the kingoroot with supersu, when I type su in terminal, it show nothing, can't give root permission to terminal emulator.
I replaced kingoroot with supersu following instruction from androidforums.com/threads/script-replace-kingoroot-with-supersu.919175/
After it's done, supersu doesn't prompt for root access. So I set 'default access' to 'grant' in supersu settings, and it seems to be working.
g4ry12 said:
Decided to try this on 5.3.2.1, ran Kingroot for PC few times.
Click to expand...
Click to collapse
I was not paying attention, it's KingoRoot, not KingRoot. Downloaded KingoRoot for PC (v1.4.9), and tried on 5.3.2.1. Rooting failed, unfortunately.
I ran the PC kingo and rooted.
I then tried to remove and replace with supersu and it failed
I lost root
I tried to rerun Kingo PC but it wanted debugging enabled even though it was
tried the apk kingo (from kingoapp.com; playstore it is a adware hack)
got stuck at 90%
exited and kindle was really sluggish; maybe something to do with my novalauncher or something?
power off reboot and stuck in boot up (Fire image). Now can't boot.
Message is be careful with kingo when removing....will try restore now.
Edit: wiping data and cache did not help. Did brick recovery to 5.3.1.1 (which is what it was on when I got it), and managed to recover. Glad I don't have to send this one back to Amazon!
I will now restart kingo root effort and if it works will report back steps (including supersu replacement).
So I have root according to kingo but "root checker basic" says I do not have root.
Try to open "superuser" (which is a kingo superuser app) and it is just a blank screen then back to Home.
The removal tool that @2ig2ag linked did not work.
It failed on "mount -w -o remount /system" with "mount: operation not permitted"
I also tried to manual cp the su file over and get error "read only file system"
Edit: Despite kingo saying you have root, you don't. At least not complete root. I am unable to copy anything into system/app via ES File explorer too. I am unable to grant programs that want access, that access. For example, Titanium BackUp is unable to detect "Su and Busybox" so no go.
I am able to pm disable the firelauncher for example but that is about it
chemie99 said:
So I have root according to kingo but "root checker basic" says I do not have root.
Try to open "superuser" (which is a kingo superuser app) and it is just a blank screen then back to Home.
The removal tool that @2ig2ag linked did not work.
It failed on "mount -w -o remount /system" with "mount: operation not permitted"
I also tried to manual cp the su file over and get error "read only file system"
Edit: Despite kingo saying you have root, you don't. At least not complete root. I am unable to copy anything into system/app via ES File explorer too. I am unable to grant programs that want access, that access. I am able to pm disable the firelauncher for example but that is about it
Click to expand...
Click to collapse
I soft-bricked once, stuck at fire logo, sideload adb and resumed normal.
I didn't use the root checker to check, the superuser included will crash when I launch it,
but I can su in adb shell..
@2ig2ag's way not work for me either,
I cannot run the script, it said permission denied, then I try to run it manually,
I can remount /system, it do not show any error, but I am stopped at "cp ./su /system/xbin/daemonsu",
it said "daemonsu" text file in use.
tried ultra explorer as another way to get to /system and it just locks up when trying to detect root.
Tried manually installing supersu.apk and it locks up and requires reboot to get back to working device.
@phpbb88 I retried "mount -w -o remount /system" and it worked; maybe I wasn't in su at the time. I get the same error on file copy
So to summarize:
you can: adb su
you can: pm disable fire launcher and OTA (not sure if unrooted allows this too?)
you can not:
write to /system
install any apk that require root and grant root access
switch to supersu
adb remount (fails)
I would not call this a successful root. I am not even sure of the pm disables will last more than 24 hours.
chemie99 said:
tried ultra explorer as another way to get to /system and it just locks up when trying to detect root.
Tried manually installing supersu.apk and it locks up and requires reboot to get back to working device.
@phpbb88 I retried "mount -w -o remount /system" and it worked; maybe I wasn't in su at the time. I get the same error on file copy
So to summarize:
you can: adb su
you can: pm disable fire launcher and OTA (not sure if unrooted allows this too?)
you can not:
write to /system
install any apk that require root and grant root access
switch to supersu
adb remount (fails)
I would not call this a successful root. I am not even sure of the pm disables will last more than 24 hours.
Click to expand...
Click to collapse
I am using a file explorer called "ES File explorer", it cannot view the system file when it is not root.
After Kingoroot, I can view them, but I still cannot create file in /system by using that File explorer.
However I can successfully create a dir in /system in adb shell, shown below.
[email protected]:/system # mkdir 123
[email protected]:/system # ls
123
app
bin
build.prop
data
etc
fonts
framework
lib
lib64
lost+found
media
priv-app
recovery-from-boot.p
sbin
security
sqfs
tts
usr
vendor
xbin
[email protected]:/system #
I have made progress...with kingo install I did this:
copy the files of the kingo root removal to sdcard/kingo
adb shell
su
mount -w -o remount /system
cd /sdcard/kingo
cp ./su /system/xbin/daemonsu
fails because it is locked. Then I started to think that the steps were for the kingo app and not the PC so
with adb window still open, run PC program and remove root
then
cp ./su /system/xbin/daemonsu
chmod 0755 /system/xbin/daemonsu
daemonsu -d &
./step1.sh
got some errors
then sideload the supersu apk via ES file explorer
then allow supersu to do it thing and reboot.
Now I have supersu running!''
edit:
but do I have root?
Titanium backup still fails but ultra explorer does say it has root
now adb shell su fails.....
chemie99 said:
I have made progress...with kingo install I did this:
copy the files of the kingo root removal to sdcard/kingo
adb shell
su
mount -w -o remount /system
cd /sdcard/kingo
cp ./su /system/xbin/daemonsu
fails because it is locked. Then I started to think that the steps were for the kingo app and not the PC so
with adb window still open, run PC program and remove root
then
cp ./su /system/xbin/daemonsu
chmod 0755 /system/xbin/daemonsu
daemonsu -d &
./step1.sh
got some errors
then sideload the supersu apk via ES file explorer
then allow supersu to do it thing and reboot.
Now I have root with supersu!
Titanium backup still fails but ultra explorer does say it has root
Edit: hmmm..
now adb shell su fails.....
Click to expand...
Click to collapse
I cannot run the step1.sh, still show permission denied.
I tried manually, but got another permission error...
[email protected]:/sdcard/Kingo # cp ./su /system/xbin/daemonsu
[email protected]:/sdcard/Kingo # chmod 0755 /system/xbin/daemonsu
[email protected]:/sdcard/Kingo # daemonsu -d &
[1] 8434
[email protected]:/sdcard/Kingo # ./step1.sh
sh: ./step1.sh: can't execute: Permission denied
[1] + Done daemonsu -d
126|[email protected]:/sdcard/Kingo # cp ./su /system/xbin/su
[email protected]:/sdcard/Kingo # chmod 0755 /system/xbin/su
[email protected]:/sdcard/Kingo # ./chattr.pie -ia /system/xbin/ku.sud
sh: ./chattr.pie: can't execute: Permission denied
126|[email protected]:/sdcard/Kingo # ./chattr.pie -ia /system/xbin/supolicy
sh: ./chattr.pie: can't execute: Permission denied
126|[email protected]:/sdcard/Kingo #
after the errors, did you install supersu.apk?
I ignored the errors thinking they were from differences between kingo apk and kingo PC versions of what they put on device.
Supersu does manage to install itself but root checker still says I do not have root.
chemie99 said:
after the errors, did you install supersu.apk?
I ignored the errors thinking they were from differences between kingo apk and kingo PC versions of what they put on device
Click to expand...
Click to collapse
I didn't finish all the steps in step1.sh, cause I have installed SuperSU at the beginning of time,
I then try to run Supersu and it said blahblahblah error, need to reboot my device.
wola, i lost my connection to root adb shell, and now going to root it again
phpbb88 said:
I didn't finish all the steps in step1.sh, cause I have installed SuperSU at the beginning of time,
I then try to run Supersu and it said blahblahblah error, need to reboot my device.
wola, i lost my connection to root adb shell, and now going to root it again
Click to expand...
Click to collapse
I only install supersu as the step after running step1; it worked, and took hold (at least no errors and opening the program looks normal). The issue is that it won't grant access to anything (TB, flashfire, etc)
chemie99 said:
I only install supersu as the step after running step1; it worked, and took hold (at least no errors and opening the program looks normal). The issue is that it won't grant access to anything (TB, flashfire, etc)
Click to expand...
Click to collapse
Kingoroot PC asked me to grant root access to it by pressing OK on my device's pop up when my device is under root,
but my device wouldn't show anything.
Is there any problem on fire OS that wouldn't show this pop up?