Related
Is it possible to veiw the files in the EXt2 partition from our G1 terminal? If so, can we also delete files? If so, someone explain how, thanks.
asuming is mounted on /system/sd
just
cd /system/sd
ls -la /system/sd
to list the files
is their a way to erase those files
There are commands for deleting files on Android. Look up the Linux Command prompt commands for performing those functions.
If you've rooted your phone and don't know the commands already, you haven't been paying attention to the instructions.
ls = directory listing
cp = copy
mv = move/rename
rm = remove
Those are the very basics. Remember that Unix-like operating systems are case-sensitive and file.txt is different from File.txt or file.TXT.
If you're using wildcards to delete everything, take a precaution and use the dot-slash. It could save you a lot of trouble by ensuring you're only deleting files in the current working directory. To remove all text files in a directory, for example, you'd type rm ./*.txt
god, i hate how rude people are. I grew up with DOS, so dir, and del come more naturally to me than linux commands. So just ease up on the ppl that don't know linux. I didn't know linux til i started to IRC and wanted to run an eggdrop bot. Not like everyone has irc'd or compiled, or whatever. Heck, it has been so long now, I could not write an irc script or egg addon, and I think i was the first to develop some scripts in IRC 20 years ago. So all I can say is chill.
Shaggy
??huh??
whats the beef all about?
you can google the command and linux and probably have a ton of sites that list and explain the usage and stuff like that for *nix commands unix is a very old OS linus torvalds just woke up 1 day at age 15 or sumthin and said im gonna make a unix kernal that runs on my intel based pc and then instead of selling it and making a fortune I'll give it away and still make a fortune.
LINUS is the greatest man of our time, when the other OS was charging BIG $ to run Apache web servers in the .com boom (even more so now) linux was FREE and gave better throughput on the same hardware
Now if you want a pretty box booklet and packaging as you have become accustomed they have them to, some just feel better if they pay for it, free must not be as good as the one that costs right?
why did I bother just rambling, please ignore the babbling lunatic in the corner he is harmless
bhang
beartard said:
If you've rooted your phone and don't know the commands already, you haven't been paying attention to the instructions.
ls = directory listing
cp = copy
mv = move/rename
rm = remove
Those are the very basics. Remember that Unix-like operating systems are case-sensitive and file.txt is different from File.txt or file.TXT.
If you're using wildcards to delete everything, take a precaution and use the dot-slash. It could save you a lot of trouble by ensuring you're only deleting files in the current working directory. To remove all text files in a directory, for example, you'd type rm ./*.txt
Click to expand...
Click to collapse
if you dontknow how to be polite to the noobz then dont say anything at all. let someone else answer their questions.
Hi Beartard,
Thanks for the info.
This site has such a wealth of information, that it can be overwhelming to many members.
Can you tell me how to copy my apps-private from my ext2 partition to my sd card partition so I can back them up?
Thanks
beartard said:
If you've rooted your phone and don't know the commands already, you haven't been paying attention to the instructions.
ls = directory listing
cp = copy
mv = move/rename
rm = remove
Those are the very basics. Remember that Unix-like operating systems are case-sensitive and file.txt is different from File.txt or file.TXT.
If you're using wildcards to delete everything, take a precaution and use the dot-slash. It could save you a lot of trouble by ensuring you're only deleting files in the current working directory. To remove all text files in a directory, for example, you'd type rm ./*.txt
Click to expand...
Click to collapse
uh you wan't to copy your "app-private" folder as a backup in to yoru sdcard correct? well try this
busybox cp -a /system/sd/app-private /sdcard/app-private
if it don't allows you to copy do this command to re mount the system as read-write
mount -oremount,rw /dev/block/mtdblock3 /system
Hi Nitro .
I tried it both ways and it says operation not permitted.
-------------------
Update:
But wait, I connected my phone to the computer and the app-private is copied to the sdcard.
Your procedure worked!
I erased the folder that was copied to test it again.
Then I used just this set of commands and it worked again:
busybox cp -a /system/sd/app-private /sdcard/app-private
So you still get the same error, but it works.
Thanks alot Nitro!!!
Nitro212 said:
uh you wan't to copy your "app-private" folder as a backup in to yoru sdcard correct? well try this
busybox cp -a /system/sd/app-private /sdcard/app-private
if it don't allows you to copy do this command to re mount the system as read-write
mount -oremount,rw /dev/block/mtdblock3 /system
Click to expand...
Click to collapse
u tried it as root? what error u got?
well glad it worked.
Hi,
The error says:
"cannot preserve ownership of ... cannot preserve permissions of ... operation not permitted"
for every file it tries to transfer.
But then when you look in your sdcard the app-private is there.
So it is a false error.
Thanks again.
Nitro212 said:
uh you wan't to copy your "app-private" folder as a backup in to yoru sdcard correct? well try this
busybox cp -a /system/sd/app-private /sdcard/app-private
if it don't allows you to copy do this command to re mount the system as read-write
mount -oremount,rw /dev/block/mtdblock3 /system
Click to expand...
Click to collapse
It's not working for me...
My error is this:
cp: cannot stat '/system/sd/app-private': No such file or directory
Hi,
Use terminal emulator jf 1.41 or better
type su enter
then the busybox commands
Connect your phone to your computer and look on your memory card.
app-private is there
Proxin said:
It's not working for me...
My error is this:
cp: cannot stat '/system/sd/app-private': No such file or directory
Click to expand...
Click to collapse
bestwebs said:
Hi,
Use terminal emulator jf 1.41 or better
type su enter
then the busybox commands
Connect your phone to your computer and look on your memory card.
app-private is there
Click to expand...
Click to collapse
hey guys need some help here i have the same problem, (as far as the error saying 'no such file or dir') and i tried your suggestion about typing su first then the busybox commands.
i have the most current terminal emulator, unfortunately i still continue to get the same error every time i try to run the busybox commands. it just simply say 'no such file or directory"
you guys have any suggestions for me to try ?
any help would be great.
the error i get is "cannot preserve permissions of" i think that error is not something harmful im n o *nix expert but is just saying it wont save the permision of that folder i think...
Code:
# mkdir /sdcard/bk
mkdir /sdcard/bk
# busybox cp -rf /data/app-private/ /sdcard/bk
busybox cp -rf /data/app-private/ /sdcard/bk
cp: cannot preserve permissions of '/sdcard/bk/app-private': Operation not permi
tted
# ls /sdcard/bk
ls /sdcard/bk
app-private
thats what i did.. worked for me.. moved the app-private in to a folder named bk inside the sdcard
Hi,
We are assuming that you have already moved your apps and caches to the memory in a ext2 partition, correct?
Otherwise this will not work.
I 1st followed all the instructions in this post:
http://forum.xda-developers.com/showthread.php?t=468959
All this has to be done 1st including the 2 step 13's
onikus said:
hey guys need some help here i have the same problem, (as far as the error saying 'no such file or dir') and i tried your suggestion about typing su first then the busybox commands.
i have the most current terminal emulator, unfortunately i still continue to get the same error every time i try to run the busybox commands. it just simply say 'no such file or directory"
you guys have any suggestions for me to try ?
any help would be great.
Click to expand...
Click to collapse
nitro all i can say is thank you very much, i was looking through a 15 yr old unix book looking up commands, and it's just been so damn long ago i couldn't put it together.
thanks a ton. i'm sure you saved me at least a few hours.
@bestwebs ya i have done everything else including moving things to the ext2 partition i was just stuck on a few comands here and there.
but again thanks to both of you, and i'm all setup up now.
Hi,
Nitro is a real blast!
Glad it's working.
Good news for this guide:
I've done it already so you just need to download the files and follow these simple instructions:
YouTube Video of earlier stages of me running Fedora 12
0) make sure your Android Device is rooted (added so I get less nonsensical "It doesn't work!!!!!" and more "I followed everything I get an <insert error here> error! HELP!"
1) download files from http://zornco.net/androfedora/
2) extract fedora_scripts.rar and place all four files (bootfedora, unmountfedora, fedora.sh, fedora.img) in /sdcard/fedora/
3) open android terminal emulator
4) run command "su" (you might have to press allow in the Superuser App)
5) run command "cd /sdcard/fedora"
6) run command "sh fedora.sh"
7) run command "bootfedora" If that returns "not found" run "sh /sdcard/fedora/bootfedora"
8) now you're in fedora (should now see [[email protected] /]#)
OPTIONAL:
9) run "service sshd start" - to run an SSH server
P.S.: I set the root password to password
P.S.S.: I'm pretty sure it's impossible to screw up your Android OS doing this unless you terribly, terribly mess up this guide
Run the scripts and post your errors <- this will help me immensely to make this available on all Android Devices! please, thank you, and have fun!
N4melessS0ldier said:
Good news for this guide:
I've done it already so you just need to download the files and follow these simple instructions:
0) make sure your SGS4G is rooted (added so I get less nonsensical "It doesn't work!!!!!" and more "I followed everything I get an <insert error here> error! HELP!"
1) download files from http://anonymouslyacquired.info/fedoraonsgs4g/
2) place all three files in /sdcard/fedora/
3) open android terminal emulator
4) run command "su" (you might have to press allow in the Superuser App)
5) run command "sh /sdcard/fedora/fedora.sh"
6) run command "bootfedora" If that returns "not found" run "sh /sdcard/fedora/bootfedora"
7) now you're in fedora (should now see [[email protected] /]#)
8) run "startvnc" (my automated vncserver script)
AND/OR
9) run "service sshd start"
If you want to see your newly installed Fedora 12 OS:
android-vnc-client to localhost:5901 with password = password
P.S.: I set the root password to password
P.S.S.: I'm pretty sure it's impossible to screw up your Android OS doing this unless you teriibly, terribly mess up this guide
P.S.S.S: I'm running a rooted Bionix Frost SGS4G ROM with Bali KERNEL (don't think that matters but I do know being rooted matters!)
edit: apparently this isn't working for anyone but myself so far sooooo:
To Moderators: You may delete this thread and move the thread in Galaxy S 4G General: [Guide] Installing Fedora 12 on SGS4G to Galaxy S 4G Android Development (I only posted in General because I didn't have permissions to post here yet and posting here (I hope) will increase my ability to make this available to all SGS4G owners!)
Click to expand...
Click to collapse
forgive me for asking because im usually one to read to learn, but since you made this
what BENEFITS are gained from fedora?
i just dont know exactly what it is? thank you
I suppose mainly for developing. If you have fedora installed on a phone with a kernel that supports adding kernel modules and the kernel headers then you can build new modules for your phone on your phone. Also, it's sortof fun to show off, and it can potentially do some neat things (potentially aircrack-ng if it supports the WiFi device - maybe unlocking some features by allowing you to add linux tools and binaries - adding new media players - converting different media files to things accessible by Android Apps (or just playing them from Fedora) - extracting weird archives - and I'm sure if you take them time you can probably think of cool things you can do with an extremely portable, extremely customizable Linux Operating System Distribution (whether "legit" or less than))
edit: also, most things are already precompiled on a Fedora 12 ARM repo but if they aren't you can easily compile them from your phone (I suggest plugging it in and compiling/installing so you don't waste battery life (also I suggest doing that from your computer to your phone through SSH for easier typing, quicker command entering, etc.) and it may take some time depending on how overclocked the phone is)
Thanks for the explanation brotha!
sent from my sgs4g 2.3.3, finally
So I would be able to modify the frameworkres.apk and other things of that nature?
Sent from my SGH-T959V using XDA Premium App
I got it!
http://forum.xda-developers.com/showpost.php?p=8755526&postcount=7
If bootubuntu gets executed before Android loads all app2sd applications, it is possible solves the loop device busy error even with App2SD applications installed. It requires a very perfect timing, today after few experiments on my phone, I worked out a process which can always boot up Ubuntu on my phone:
1. Reboot phone
2. as soon as you enter lock screen, unlock screen
3. quickly go to terminal emulator
4. become su by typing su and enter
5. type bootubuntu and wait (type it fast... practice )
Click to expand...
Click to collapse
So apparently it's apps2sd causing this problem. I used the ubuntu guide but I'm sure fedora will work now, since it was just a mounting issue.
What I did to type this quickly was change the bootubuntu (or bootfedora in this case) script to just b so i could just do su, press enter, then b, press enter
EDIT
This means that it's possible to boot it as an init.d script to make sure it loads before the phone is done scanning the SD card. I think I'll wind up doing that... It's easier to kill the script when you don't need it than boot it when you want it.
Oh gosh, thank you so much I was just about to give up on public releases. Now that I know the problem I can fix my scripts to get arpund it. Thanks so much!
Sent from my SGH-T959V using XDA App
Just wanted to post again to express my gratitude I will definitely post a new script that will mount regardless of app2sd. Thank you! Thank you! Thank you!
Sent from my SGH-T959V using XDA App
Hey man I'm as happy as you are... Just spent the last few hours messing with ubuntu on the phone. Piece of work that is. You said fedora has sound support when booting on the phone?
Yeah I managed to get sound working.... sad part is my (granted I forgot to make a backup) version of the filesystem image became corrupt.... oops. Well, I'm buying a larger sd card in about 30 mins and I'm going to redo it so soon I'll upload the new img and scripts aswell as a kernel module for you and others using a different linux distro than fedora
Sent from my SGH-T959V using XDA App
Sounds great. Just a heads up, I was messing with the bootscript and I added the lines that mount the sdcard to the other OS's filesystem. Twice I got the phone freezing up so I did a hard reboot (battery pull) and when the phone rebooted it seems as if the /data partition got wiped (except for my background image which got saved, go figure). Weird, not even sure how that could've happened.
Very odd. If this forum has private messaging, PM me exactly what you added so I can make sure that or something more serious doesn't happen to others. Thanks
Sent from my SGH-T959V using XDA App
I just updated the script to mount whether or not you have App2SD installed on your phone.
It turns out App2SD uses a separate loop device for each app you have moved to your SD Card.
I've set the script "bootfedora" to create a "/dev/loop99"
So, unless you have 99 or more Apps moved to your SD Card it should work!
Re-download "bootfedora" from:
http://anonymouslyacquired.info/fedoraonsgs4g/
edit: currently working on new version of my Fedora 12 filesystem (should include a lot more (including working sound for a "nicer" feel) but it sucks if you have less than 2GB of freespace on your SD Card)
I'm completely in the dark when it comes to Fedora but I find it very interesting. It is going to be a Big Development for our phone I'm sure.
Wish I could help you but this is way out of my league.
I'm definitely following your progresses closely. Keep up the Great Work fellas!
Thanks
N4melessS0ldier said:
I just updated the script to mount whether or not you have App2SD installed on your phone.
It turns out App2SD uses a separate loop device for each app you have moved to your SD Card.
I've set the script "bootfedora" to create a "/dev/loop99"
So, unless you have 99 or more Apps moved to your SD Card it should work!
Re-download "bootfedora" from:
http://anonymouslyacquired.info/fedoraonsgs4g/
edit: currently working on new version of my Fedora 12 filesystem (should include a lot more (including working sound for a "nicer" feel) but it sucks if you have less than 2GB of freespace on your SD Card)
Click to expand...
Click to collapse
Alright man, I got it to boot perfectly without doing this at boot startup! Aww yeah, it's on!
One thing though, the scripts you've been posting lately have windows line endings insteads of Unix, so I had to convert them before they worked.
FBis251 said:
Alright man, I got it to boot perfectly without doing this at boot startup! Aww yeah, it's on!
One thing though, the scripts you've been posting lately have windows line endings insteads of Unix, so I had to convert them before they worked.
Click to expand...
Click to collapse
I'm not sure what I'm doing wrong but I keep getting the error
chroot: notfound
: not found
Shutting down Fedora
: not found
glt0404 said:
I'm not sure what I'm doing wrong but I keep getting the error
chroot: notfound
: not found
Shutting down Fedora
: not found
Click to expand...
Click to collapse
What rom/kernel are you using?
FBis251 said:
What rom/kernel are you using?
Click to expand...
Click to collapse
Stock rom with Bali 3.3UV
I'm pretty sure that's not the problem cause I've successfully booted Ubuntu (without gui).
Post up the whole list of commands you ran, plus the errors. Just copy the whole command line text
FBis251 said:
Post up the whole list of commands you ran, plus the errors. Just copy the whole command line text
Click to expand...
Click to collapse
This is what I got.
Code:
export PATH=/data/local/bin:$PATH
# #cd /sdcard/fedora/
# su
# sh fedora.sh
Usage: mount [-r] [-w] [-o options] [-t type] device directory
Usage: mount [-r] [-w] [-o options] [-t type] device directory
rm failed for -f, No such file or directory
: not found
: not found
: not found
: not found
: not found
: not found
Fedora Chroot Bootloader v0.1
Fedora Bootloader is now installed!
This process does NOT damage Android OS!
Original Installer by Charan Singh
Modified for Fedora Chroot by N4melessS0ldier
To enter the Fedora Linux console just type 'bootfedora'
: not found
: not found
# sh bootfedora
Usage: mount [-r] [-w] [-o options] [-t type] device directory
Usage: mount [-r] [-w] [-o options] [-t type] device directory
: No such file or directoryxtcard2
': Read-only file systemctory '/mnt/extcard2
'knod: invalid number '0
losetup: not found
failed: No such file or directory/extcard2
': No such file or directoryy '/mnt/extcard2/rootfs-f12
failed: No such file or directoryp1 on /mnt/extcard2/rootfs-f12
': No such file or directoryy '/mnt/extcard2/rootfs-f12
failed: No such file or directoryard2/rootfs-f12
': No such file or directoryrd2/rootfs-f12
': No such file or directoryrd2/rootfs-f12
failed: No such file or directoryrd2/rootfs-f12
failed: No such file or directoryxtcard2/rootfs-f12
failed: No such file or directoryrd2/rootfs-f12
failed: No such file or directoryrd2/rootfs-f12
Setting /etc/resolv.conf to Google Open DNS 8.8.8.8 and 8.8.4.4
: directory nonexistentte /mnt/extcard2/rootfs-f12
: directory nonexistentte /mnt/extcard2/rootfs-f12
Setting localhost on /etc/hosts
: directory nonexistentte /mnt/extcard2/rootfs-f12
Operation complete!
Courtesy N4melessS0ldier!
chroot: not found
: not found
Shutting down Fedora
: not found
#
HI,
I would like to share the way how I mounted my NAS folders with SSHFS based on Debian KIT.
SSH-FS is ssh based mountable file system. If you have SSH account you can mount and access that server like a windows share.
Forewords:
Debian KIT is free! and it is _NOT_ yet another chroot debian!
This method is an alternative and FREE way to have SSHFS vs to the unique native Android SSHFS app (which is unfortunately paid. )
It is fully integrated with Androitd! Less ram resources and faster than chroot. Debian libraries are binded to Android.
So you enjoy Android and Debian advantages all together.
Steps to have SSHFS:
Set up Debian on your Android! Go to Debian Kit page and set up Debian!
Run Debian. Open Terminal Emulator and type
Code:
$deb
$sudo su
Set up SSHFS
Code:
#apt-get update
#apt-get install sshfs
Mount SSHFS
Code:
#mkdir /mnt/nas
#sshfs [email protected]:/ /mnt/nas/ -o allow_other
Checking mount:
Code:
#mount
[email protected]:/ on /mnt/nas type fuse.sshfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other,max_read=65536)
Then SSHFS will ask your root password and that all!
If no error then its ok, You Mounted!!
You done! :laugh:
Go back to Android and use your mounted share with any Android file manager under /mnt/nas (or where ever you mounted.)
Finishing all, just
Code:
#deb u
(It will umount and close debian session.)
For more comfort, set up password-less login to ssh server with authorized_keys.
#ssh-keygen
#cat ~/.ssh/id_rsa.pub >> /mnt/nas/root/.ssh/authorized_keys
#chmod 600 /mnt/nas/root/.ssh/authorized_keys
After above steps your ssh server wont ask root password from this site to that site logging in with root user.
Press "Thanks" button if its helps for you.
Regards
Robert
Convert docs to pdf with Openoffice within Debian Kit
Another great usage example of Debian kit:
Use your installed Open/Libre/Star/Office to convert your document to pdf:
#!/bin/bash
time soffice --headless --convert-to pdf $1
exit
Check your doc converted to pdf after a minute.
Thanks for the awesome guide. Any idea about mounting virtual drives from my Ubuntu?
whu007 said:
Thanks for the awesome guide. Any idea about mounting virtual drives from my Ubuntu?
Click to expand...
Click to collapse
Hi,
thanks.
>mounting virtual drive...
Can you please describe a little, what is the scenario?
Regards Robert
SSHFS problems @ Android 4.2.2 Nexus 10 - apps cannot see mounted content
Hi,
Robert, thanks for the guide to sshfs with debian-kit. I've been longing to get sshfs on my Android for three years
My problem is that Android Apps cannot see the mounted content, which is what I desire.
I have managed to get debian-kit + sshfs installed, and my nas mounted using sshfs. I can browse the files on the nas from the mounted directory in the ConnectBot Shell, but I cannot see the mounted directory through android apps (or adb shell), eg TotalCommander, OI FileManager, MX video player. I have tried the TotalCommander Android app, and tried telling TotalCommander to always use root (in case user made a difference).
I mounted the nas using ConnectBot local shell with the command:
> sshfs [email protected]:/mnt/user/ /mnt/tower/ -o allow_other
I can see the /mnt/tower content both with the ConnectBot shell as normal user ([email protected]), as root, and with the shell I get after running 'deb' from a ConnectBot shell.
If I remote login from PC to an SSHDroid server on the Android, then I cannot see the mounted content of /mnt/tower (even as root). Neither can Android apps. If I install the openssh-server in debian and stop the SSHDroid server, then I can see the /mnt/tower content from my ssh login from PC.
Best Alex
I've an issue, after mounting the nas folder I try to add it into the Poweramp library, it recognizes it (I've mounted into /sdcard/nas) but none of the mp3 is added to library
thank you
Thanks for the great guide!
Now how can you unmount the SSHFS directory?
The normal way is with:
Code:
fusermount -u /mnt/share
However this causes an error:
Code:
fusermount: failed to bind parent to /: Invalid argument
Does that happen for everyone or is it just me?
Restarting the Debian system with
Code:
deb -u
also did not cause the SSHFS directory to unmount.
Sent from my Nexus 4 using xda app-developers app
Hi
Just try umount /mnt/mountpoint.
Robert
Sent from my GT-N8013 using xda app-developers app
Thank you for this guide! Unfortunately this solution isn't quite what I'm looking for. I found that in order to get my apps to recognize the mounted share I have to first run the app, then mount the share. Also, if the app gets killed I have to unmount the share and then remount it in order for the share to become visible again from within the android app. However, the share remains mounted when viewed from within the debian shell or adb.
Anyone have an idea why this might be happening?
Debian kit not working on S4
Hey, there. I have a rooted Samsung Galaxy S4 (VZW) running stock.
I get this error after all MD5 sums pass:
ash: id: Permission denied
Can someone please assist me or point me in the right direction?
aikeru said:
Hey, there. I have a rooted Samsung Galaxy S4 (VZW) running stock.
I get this error after all MD5 sums pass:
ash: id: Permission denied
Can someone please assist me or point me in the right direction?
Click to expand...
Click to collapse
did you get this right after you started installing? after you used the 'sh' command?
Sounds to me like you might not have root in android, or you didn't click the accept button when the app asked for root permissions.
---------- Post added at 10:46 AM ---------- Previous post was at 10:44 AM ----------
m2xtreme said:
Thank you for this guide! Unfortunately this solution isn't quite what I'm looking for. I found that in order to get my apps to recognize the mounted share I have to first run the app, then mount the share. Also, if the app gets killed I have to unmount the share and then remount it in order for the share to become visible again from within the android app. However, the share remains mounted when viewed from within the debian shell or adb.
Anyone have an idea why this might be happening?
Click to expand...
Click to collapse
I don't think there is much you can do to get around always having to have deb environment open. One way you might be able to kill a few steps is use the 'autofs' package in debian to automatically mount the sshfs share when you login to the debian envorinment.
I haven't tried autofs yet, but it's on my todo list, i'll report back with my findings.
---------- Post added at 11:19 AM ---------- Previous post was at 10:46 AM ----------
chrisonline1991 said:
I haven't tried autofs yet, but it's on my todo list, i'll report back with my findings.
Click to expand...
Click to collapse
So i had some problems running autofs and i can't seem to find the problem, maybe someone more knowledgeable can help. When i install autofs the output is below, but it looks like it did install fine.
Code:
Starting automount: Error: failed to load autofs4 module.
invoke-rc.d: initscript autofs, action "start" failed.
dpkg: error processing autofs5 (--configure):
subprocess installed post-installation script returned error exit status 1
configured to not write apport reports
Errors were encountered while processing:
nfs-common
autofs5
E: Sub-process /usr/bin/dpkg returned an error code (1)
When i run
Code:
$ sudo dpkg --configure -a
it returns
Code:
Setting up nfs-common (1:1.2.2-4squeeze2) ...
insserv: warning: script '99CleanTWEAKS' missing LSB tags and overrides
Starting NFS common utilities: statd failed!
invoke-rc.d: initscript nfs-common, action "start" failed.
dpkg: error processing nfs-common (--configure):
subprocess installed post-installation script returned error exit status 1
Setting up autofs5 (5.0.4-3.2) ...
insserv: warning: script '99CleanTWEAKS' missing LSB tags and overrides
Starting automount: Error: failed to load autofs4 module.
invoke-rc.d: initscript autofs, action "start" failed.
dpkg: error processing autofs5 (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
nfs-common
autofs5
I found this bug report which points to this bug report that says something about the newest autofs using a new upstart feature called 'wait-for-state' and something is going wrong with it. Looks like they added the bugfix to Ubuntu Precise. And looks like that fix might now have solved the problem as another bug was opened, but i'm not sure if it's related to this. I'm a little burnt out on this at the moment.
Hope this helps someone. If anyone else has some suggestions let me know and i'll try them out.
Hi
I have been trying to get something like this working for awhile...
Any chance by using debian kit this can automatically run at startup and mount my PC to my Android device?
my android apps just see an empty dir. In my terminal the sshfs command works as expected. When I cd into the mounted directory I can see its contents, android apps just see an empty dir.
Has any one managed to solve this?
late-2017 update
bisbal said:
my android apps just see an empty dir. In my terminal the sshfs command works as expected. When I cd into the mounted directory I can see its contents, android apps just see an empty dir.
Has any one managed to solve this?
Click to expand...
Click to collapse
I ran into a thread on stack exchange that says to mount the sshfs-accessed shares to subdirectories of /data/media/0/. I've yet to try it myself, but it sounds plausible.
(https://android.stackexchange[dot]com/questions/50246/mount-inside-subdir-of-storage-emulated-0)
I was initially reluctant to raise an old topic, but I think this is important; being able to mount a remote data store to your local filesystem is crucial to the mobile environment as the tendency of well-known phone companies like Samsung and Apple in removing the external sd card feature (even my OnePlus 3 doesn't have it). I did consider the Nextbit Robin as my next phone for the smart data storage design, but opted out because of the aging hardware.
Hey Guys,
I'm interested in lots of stuff, regarding my phone and so i began writing a skript, which moves files from sdcard0 to sdcard1.
This Skript calls another skript and this Skript calls another one.
Well long story short, of course it doesnt work, because i cant change the permissions of the skript-files to rwx.
How can i change the mount type of my sdcard to -exec, so that i can execute stuff from my sdcard...
Thanks for your help in advance, greetz Esok
AFAIK only linux filesystems "accept" linux permissions,
means format your sd card with ext3 or ext4, than you can change file permissions, but I do not know whether your moto remembers the card
hmmm gotta try this one day.
have read in some forum, that there is some kind of an -noexec flag, which is always set unter android.
Well nevermind, the question i asked is stupid, because it doesnt 100% relate to my problem, as i see right now....
So here is what is wrong:
The scripts are lying on the INTERNAL-sd
The internal Sd doesnt have -noexec flag. This is the external, as i found out using .
Code:
mount | grep sdcard0
mount | grep sdcard1
but within the output of
Code:
mount | grep sdcard0
i found the line:
default_permission,allow_other 0 0
Click to expand...
Click to collapse
, i think this is why i cant change the permissions, isnt it?
I also found, that the filesystem on the internal seems to be "fuse". Anyone knows what this means?
so new question: how to solve this problem? oO
is remounting an option or is there any other way?
As it seems, the sdcard1 doesnt have this "default_permission" line, but it has the -noexec flag set...
Maybe i can do something via external sdcard...
i'll give it a try
esok44 said:
hmmm gotta try this one day.
have read in some forum, that there is some kind of an -noexec flag, which is always set unter android.
Well nevermind, the question i asked is stupid, because it doesnt 100% relate to my problem, as i see right now....
So here is what is wrong:
The scripts are lying on the INTERNAL-sd
The internal Sd doesnt have -noexec flag. This is the external, as i found out using .
Code:
mount | grep sdcard0
mount | grep sdcard1
but within the output of
Code:
mount | grep sdcard0
i found the line: , i think this is why i cant change the permissions, isnt it?
I also found, that the filesystem on the internal seems to be "fuse". Anyone knows what this means?
so new question: how to solve this problem? oO
is remounting an option or is there any other way?
As it seems, the sdcard1 doesnt have this "default_permission" line, but it has the -noexec flag set...
Maybe i can do something via external sdcard...
i'll give it a try
Click to expand...
Click to collapse
Although its been a long time since I had to dive into it, I'm really leaning toward FAT filesytems always being mounted noexec in Linux. Either way though, you can still point the interpreter at the script and it will run; for example if you script is at /storage/sdcard0/script.sh you can run it by doing /system/bin/sh /storage/sdcard0/script.sh or possibly even just sh /storage/sdcard0/script.sh and the same would apply to the external sdcard.
I use an app called smanager to run scripts via shortcuts and theres a plugin for widgets if you use a launcer that doesn't like to do shortcuts. It has selections to run things as root as well but I end up just calling root explicitly, running the script as a normal user and I do the same thing you're talking about where a scripts calls another script.
So for example I have Maps and Facebook frozen and I have a script for both of them but only part of it needs root access. So my Maps script, for example, unfreezes maps using root, starts it using the same user as smanager, then it calls another script that checks every couple of seconds if maps is still open. When I've closed it, the second script ends and the rest of the first script executes which kills maps and freezes it again.
So it looks roughly like this from memory:
Code:
/system/bin/sh /system/xbin/su -c "pm enable com.google.maps"
am start com.google.maps/com.whatever.starts.maps.up
/system/bin/sh /system/xbin/su -c "/script/that/stays/open/till/maps/closes/which/makes/this/script/pause/.sh"
/system/bin/sh /system/xbin/su -c "whatever.I.used.to.kill.all.instances.of.maps"
/system/bin/sh /system/xbin/su -c "pm disable com.google.maps.or.something.like.that"
Note that in the above, if I call the script with /system/bin/sh /location/of/script or even possibly sh /location/of/script , that I probably don't need all the paths that follow; most notably the /system/bin/sh since its already established when we call the script in the first place. It could look more like this (I just happened to write it along the lines of the above when I went about making my scripts):
Code:
/system/xbin/su -c "pm enable com.google.maps"
am start com.google.maps/com.whatever.starts.maps.up
/system/xbin/su -c "/script/that/stays/open/till/maps/closes/which/makes/this/script/pause/.sh"
/system/xbin/su -c "whatever.I.used.to.kill.all.instances.of.maps"
/system/xbin/su -c "pm disable com.google.maps.or.something.like.that"
note that the am start didn't need to be called by its path, for example.
I think, but can't remember, that I needed to call su by abosolute path, though. Also, I used a shebang #!/system/bin/sh at the begining of my scripts but don't know if thats necissary or not if you're going to call it by the interpreter in the first place.
If this was a some other script, like python, then it stands to reason that you can put the shebang as the first line as the path to your python and still call it from the shell and it would work; so if your script was:
Code:
#!/path/to/a/python/interpreter
import something
while this:
do this
print "I'm awesome"
and the script was called pythonscript.py then /system/bin/sh /path/to/pythonscript.py and possibly sh /path/to/pythonscript.py would most likely work and is worth a try.
Try it out and see how you go.
One last thing; if you call root explicity in a script every time you need it then you'lle get a popup for permissions every time it asks for root in the script the first time you run it, but if you use an app to launch that script then once the app has root permissions you won't get hassled at every instance. You'lle want to turn toasts off for the app though, or you'lle see one every time root is called in a script.
Hi again.
I just got execute permissions on my external sdcard. It didn't work on the internal one.
It looked like this after playing with a lot of various things
mount -o remount,rw,noatime,exec /storage/sdcard1
though most likely rw and noatime were not needed, probably just needed
mount -o remount,exec /storage/sdcard1
but would have to restart the phone to be sure.
This was using adb. some apps, for example my titanium backup, have problems in JB writing to the external card and I had it remounting properly to work around this at one point, but left the computer and came back, closed out windows, then forgot what I had done without saving any work and wasn't able to figure it out again. It was an fmask, dmask, or umask.
In any case, assuming you want to run scripts on your internal card (which is mounted using fuse by the way, instead of just vfat, which may be intentional to keep permissions from being messed around with), you can also write one to the external card and then after remounting it (you can create a command in tasker for this that runs on boot) just use it as a helper script, so it would look like this:
Code:
#!/system/bin/sh
/system/bin/sh [email protected]
or you might need to use quotes around [email protected] ... "[email protected]" ... its been a long time and I forget how I did this
So [email protected] is just the arguments you give to a script and if your script is called helper.sh and you say ./helper.sh /sdcard/myscript.sh then it should run the script.
[email protected] is like saying $1 $2 $3... and so on; getting the arguments except getting all of them in one string.
Also, one last thing; with my last phone, Samsung SGS2, I made a tiny fat partition on my external sd and then made the rest ext4. The tiny fat partition got mounted at boot and an extra device file was created along with the files created for sdcard0 and sdcard1, and that enabled me to mount the ext4 partition how I wanted to. It wasn't usable for much because it didn't play well with apps such as media players and ... well alll of them, but if you make a small ext4 partition after the larger fat partition then it may do the same as my Samsung did and provide you with a device file to mount and to put your scripts on. I think its easier to just mount the external drive with the execute option and use a helper script, or use smanager as described in my above post, or use tasker to create an app for your scripts but thats going to make a simple command into a really big app.
Hi,
IT MIGHT BRICK YOUR DEVICE.
Always ensure you have a way back.
Here is a thread about my fork of Koush's Superuser, to handle SELinux: https://github.com/seSuperuser/Superuser
So I would like your help to make this SuperUser a proud opensource SU app!
If you have an application that requires root, and which needs specific SELinux configuration please ask!
Build bot: https://superuser.phh.me/
Currently, four flavors of su are available on the build-bot:
- "eng" which puts "su" in permissive mode. This is the most compatible mode, but you should trust the apps you give root to. This does NOT put SELinux in permissive mode.
- "noverity" is eng and dm-verity disabled
- "nocrypt" is eng, dm-verity and dm-crypt disabled
- "user" is meant to give a safe su. su-apps won't be able to access to your Android Pay (for instance) informations, or keep persistent su access without your consent
Please note that user is in heavy development and isn't up to its promises at the moment.
I setup a build bot, which generates boot.img based on my solution, and pushes them to https://superuser.phh.me/
I did this build bot in a way so it is easy to add new ROMs, so don't hesitate asking for new ROM/devices support.
Supporting new devices might mean some additional work on http://github.com/seSuperuser/super-bootimg/ if they are using non-standard boot.img format, but the aim is to support as many devices as possible.
You need to install the APK from PlayStore afterwards: https://play.google.com/store/apps/details?id=me.phh.superuser
Bot-supported devices
Here are some devices, but there are many more !
- A *lot* of Archos devices
- All Nexus-es, including Pixel C (if some Nexus is missing, just ask!)
- nVidia Shield TV
- nVidia Shield Tablet
- Fairphone 2
update.zip format
The zip is available at https://superuser.phh.me/superuser.zip
It should be able to root any device supported by super-bootimg from TWRP (and possibly other custom recoverys)
You still need to install the APK afterwards. https://play.google.com/store/apps/details?id=me.phh.superuser https://f-droid.org/repository/brow...lob/master/known-imgs/nexus/hammerhead/MRA58N describes a firmware, nothing device-specific). This only requires to do some PRs to add a device, or on updated firmwares
- Testers
- UI designer: The current UI dates back from 4.1...? It is really ugly and not really usable.
- Testers
- Root-related devs: SELinux policies are still being written
- Testers
- Security reviewers
- Testers
Bug report
If some app doesn't work, please ask me, not the dev.
I consider I have to fix support for other apps, not the other way around.
ChangeLog
2016-01-31 r170: superuser.zip can be included in other update.zip
2016-01-27 r166: Add support for Viper4Android
2016-01-15 r162: Add su --bind and su --init commands
2016-01-10 r154: Files are no longer copied multiple times. Fixes MultiROM, and multiple install for update.
2016-01-06 r152: Fix support for ChromeOS-like format (Pixel C)
2016-01-01 r144: Detect chromeos-style signature, and don't try to resign it in that case
2015-12-30 r143: Improved compatibility with apps.
2015-12-28 r142: Changed naming convention to include device name and release
2015-12-28: Added "nocrypt" target
2015-12-13: Added "noverity" target to buildbot
2015-12-13: Add options for noencrypt, noverity
2015-12-03: Fix TitaniumBackup
2015-11-24: mount --bind to /system/xbin/su if it exists to override ROM's su
2015-11-23: Fix CF.Lumen
2015-11-14: Add super-bootimg's version in boot.img, several network/firewall-related permissions
2015-11-11: Access to Android's services
2015-11-10: Recursive su access
2015-11-09: Fix pm disable command
Do you mean that latest galaxy s5 neo sm-g903f might be rooted soon ?
(Exynos5 & Mali T-720)
It seems like many people still haven't understood the purpose of apps like SuperSu and Superuser. They are no exploits and don't gain your root access. What they do is they manage the root access and enable you to select which apps to grant root access, otherwise every single application on your device would have it. They are root managers. So this project won't help you in getting root for your device as long as there's no method (exploit) to gain it.
Not much activity here, but a lot on my side.
Android 6.0 is now out, with its new SELinux policy, which makes it impossible to update the policy after the boot, and dm-verity becomes mandatory (so no /system change without boot.img)
I'm thus totally retargetting my work:
- I've created https://github.com/phhusson/super-bootimg which will edit boot.img (the complicated part, because it needs A LOT of testing across many devices)
- change sepolicy
- Add su in /sbin/su
- Enable su daemon
With various options to disable dm-verity, encryption, etc. (please note that this is NOT required, since only boot.img is changed)
dude - you should kickstarter this. SuperSu is pretty much a mandatory install for every rooted device. this is big for the XDA community and we would love to support you.
Cannot express enough how much i want this project to succeed
And, at least for myself
"I also wonder about displaying an user-understandable SELinux policy, so that root applications can be "more secure
Would anyone be interested in such a feature?"
......Hell yeah, that most certainly does interest me.........controllable levels of su right?
Obviously, if its possible to do........even if android denies this possibility, an open source su is most assuredly welcome from this neck of the woods
I wish this project major luck
Edit
"(I'm thinking that I'm trying to be even more secure than "standard" non-rooted ROMs, that's perhaps a bit optimistic.)"
I love that mentality, and im enjoying immensley your discussions on github with lbdroid........i love that your taking security more seriously then most...love where your coming from on this.....major props
To better test on shell of recovery without making an update.zip , I modified the sepolicy-inject.c so that the usage() no longer blocks the "booting.sh"
on sepolicy-inject.c:377, insert a line "if ( NULL == optarg ) break;", as in my shell there will be a parameter value with null on last entry of "char** arguv", which will trigger the default switching case and exit the sepolicy-inject unexpectedly.
......
while ((ch = getopt_long(argc, argv, "a:f:g:s:t:c:Z:z:n", long_options, NULL)) != -1) {
if ( NULL == optarg ) break;
switch (ch) {
......
kennylam said:
To better test on shell of recovery without making an update.zip , I modified the sepolicy-inject.c so that the usage() no longer blocks the "booting.sh"
on sepolicy-inject.c:377, insert a line "if ( NULL == optarg ) break;", as in my shell there will be a parameter value with null on last entry of "char** arguv", which will trigger the default switching case and exit the sepolicy-inject unexpectedly.
......
while ((ch = getopt_long(argc, argv, "a:f:g:s:t:c:Z:z:n", long_options, NULL)) != -1) {
if ( NULL == optarg ) break;
switch (ch) {
......
Click to expand...
Click to collapse
I'm not sure I understand...
When calling what command do you need this?
phhusson said:
Hi,
IT MIGHT BRICK YOUR DEVICE.
Always ensure you have a way back.
I'm the author of a fork of Koush's Superuser, to handle SELinux: https://github.com/phhusson/Superuser
It is in early-stage, but thanks to recent events related to SuperSU, it got some spotlight.
So I would like your help to make this SuperUser a proud opensource SU app!
I have mostly two sides of things left to do:
- Device compatiblity/update.zip
- Application compatbility
I've tested my Superuser on Qualcomm/CAF 5.1 devices, on MTK 5.1 devices, on CAF 6.0, on Nexus 5/9 6.0, and I believe it should work on most devices which are close enough to AOSP.
I have missing steps to be compatible with SuperSU (see https://github.com/phhusson/Superuser#todo-list ).
I'd like to have feedback from app developers about which features they need the most.
If you have an application that requires root, and which needs specific SELinux configuration please ask!
There are main two types of builds, and some sub-types in it:
- @doitright did an integration in an AOSP tree, to make it suitable for ROM integration, https://github.com/lbdroid/AOSP-SU-PATCH/
- I did http://github.com/phhusson/super-bootimg/ which integrates su in a binary boot.img, and outputs a root-ed boot.img
@doitright's source solution currently has one SELinux policy, which is fully enforcing, and currently works in most cases.
My solution currently has two different policies, one which has su permissive, meaning it can do anything, which is not as safe as source-based s solution, and one which is WIP (basically unusable, because almost nothing is allowed to root).
I setup a build bot, which generates boot.img based on my solution, and pushes them to https://superuser.phh.me/
I did this build bot in a way so it is easy to add new ROMs, so don't hesitate asking for new ROM/devices support.
Supporting new devices might mean some additional work on http://github.com/phhusson/super-bootimg/ if they are using non-standard boot.img format, but the aim is to support as many devices as possible.
The plan is to have a third method for rooting:
super-bootimg will work from a recovery, so that you can root any ROM from recovery.
Thanks !
Click to expand...
Click to collapse
my question is how to change a file label to u: object_r:system_file:s0
i modify system.img to add some additional apps into /system/app/ directory i did modification then build a new system.img after flashing phone with new system.img the app was appear in menu but once i am trying to open it gives me error (com.xxxxxx.andriod) stopped working then i execute ls -Z command in /system/app/ directory to see the different and i realize that the new app i copied in system/app/ directory it has a different label than others
so i tried to change .apk file label to (u: object_r:system_file:s0) using chcon command but failed
chcon: Could not label u: object_r:system_file:s0
can you please guide me how to do it ?
zameer_yus said:
my question is how to change a file label to u: object_r:system_file:s0
i modify system.img to add some additional apps into /system/app/ directory i did modification then build a new system.img after flashing phone with new system.img the app was appear in menu but once i am trying to open it gives me error (com.xxxxxx.andriod) stopped working then i execute ls -Z command in /system/app/ directory to see the different and i realize that the new app i copied in system/app/ directory it has a different label than others
so i tried to change .apk file label to (u: object_r:system_file:s0) using chcon command but failed
chcon: Could not label u: object_r:system_file:s0
can you please guide me how to do it ?
Click to expand...
Click to collapse
Can you check in audit log?
How did you put the file?
Don't you have any other message?
Maybe in your intro you can eloborate on the naming convention of your bot built .img’s?
one which has su permissive (power?), meaning it can do anything, which is not as safe as source-based s solution (user?), and one which is WIP (eng?)
Your HTTPS link to superuser.phh.me is refusing connections?:
This webpage is not available
ERR_CONNECTION_REFUSED
ReloadHide details
Google Chrome's connection attempt to superuser.phh.me was rejected. The website may be down, or your network may not be properly configured.
Check your Internet connection
Check any cables and reboot any routers, modems, or other network devices you may be using.
Allow Chrome to access the network in your firewall or antivirus settings.
If it is already listed as a program allowed to access the network, try removing it from the list and adding it again.
If you use a proxy server...
Check your proxy settings or contact your network administrator to make sure the proxy server is working.
If I do a flash-all.sh of mra58r, reboot to bootloader, fastboot flash boot your-boot.img, would you expect this to boot fine?
Can you detail which phones can take a custom keystore?
For https, I know it is a must, but i'm waiting for let's encrypt.
For naming convention, I have to rethink those, and i'll update first post.
Anyway it's user < power < eng.
User has only safe permissions, power has all known permissions, eng is permissive. There is nothing source based.
For custom keystore, at the moment I have only seen CAF 5.1/6.0 bootloader with verity enabled to work, and it doesn't display key ID, so it is useless everywhere.
I should get a hand on a Nexus 5X soon, to test properly and get screenshots if it works as advertised.
For your last question, yes. I always work with factory image's partitions, and only change boot.img
I welcome any suggestion about naming convention.
Some times I dont know where to post, here or the Nexus 6 doitright thread. Anyway, I found this interesting.
http://events.linuxfoundation.org/sites/events/files/slides/ABS Lollipop MR1 Verified Boot.pdf
"• We relax some security policies in eng/userdebug loaders to make life less annoying for development • Persistent Data Block ignored, device always unlockable"
If this is true of the boot.img's you build, the only one we could trust is user or are they talking bootloader? Maybe the factory bootloader (user) that google is distributing does not have the verification functionality? Is the bootloader AOSP? If so, what would prevent someone from creating a bootloader, boot.img and /system that circumvents all the verification?
I used your bot built mra58r.
Unfortunately, if forced encryption is on, local.prop does not get parsed and I dont get my custom LCD. This means unless you offer variants of the auto built boot.img with forced encryption off or the ability to pass a noencrypt parameter to the update.zip or build.sh for modifying fstab, I will be forced to modify source and build myself. As for mount -o bind /data/local/tmp/hosts /system/etc, as long as the custom hosts has chcon ubject_r:system_file:s0, things work great.
I still like idea of having the ability to establish a trust between boot.img and a config file in /data/ that do things like custom hosts file, lcd density, iptables (one of my favorites: iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to 8.8.8.8:53; iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to 8.8.8.8:53)
havealoha said:
Some times I dont know where to post, here or the Nexus 6 doitright thread. Anyway, I found this interesting.
http://events.linuxfoundation.org/sites/events/files/slides/ABS Lollipop MR1 Verified Boot.pdf
"• We relax some security policies in eng/userdebug loaders to make life less annoying for development • Persistent Data Block ignored, device always unlockable"
If this is true of the boot.img's you build, the only one we could trust is user or are they talking bootloader? Maybe the factory bootloader (user) that google is distributing does not have the verification functionality? Is the bootloader AOSP? If so, what would prevent someone from creating a bootloader, boot.img and /system that circumvents all the verification?
Click to expand...
Click to collapse
They are talking about the bootloader, but as it is built in the Android build system, they are using Android build system flags.
I know the Nexus 6/9 doesn't have this functionnality. I'm waiting to get a Nexus 5X in my hands to say for 5X/6P.
Either way, we can't circumvent the verification, all we can do is have a YELLOW state instead of ORANGE, which displays the fingerprint of the keystore.
I forgot this presentation from Intel, so I thought I'd give it a try on Nexus Player. Intel has a proper implementation of the bootloader of Google's recommendation, it sounds logical the Nexus Player would implement it.
Oh wait. Google's logic striked again. No they didn't implement it on Nexus Player.
There is no AOSP bootloader... Or there are three (there are two LK and one u-boot), but neither of them are supported, and neither of them support the different verified boot states.
CAF bootloader handles the four states, but doesn't display them. Thanks to you I checked Intel reference bootloader, and it DOES implement the full spec \o/. Though I have no device to test. But basically, there is no opensource arm bootloader implementing it, and that makes me rant a lot against Google.
havealoha said:
I used your bot built mra58r.
Unfortunately, if forced encryption is on, local.prop does not get parsed and I dont get my custom LCD. This means unless you offer variants of the auto built boot.img with forced encryption off or the ability to pass a noencrypt parameter to the update.zip or build.sh for modifying fstab, I will be forced to modify source and build myself. As for mount -o bind /data/local/tmp/hosts /system/etc, as long as the custom hosts has chcon ubject_r:system_file:s0, things work great.
Click to expand...
Click to collapse
Two sides:
1. For LCD density, have you tried just doing adb shell wm density? Possibly it doesn't even break SafeNet
2. My plan on the matter is to keep my current builds as is, but add a configuration file, and when I'll make an update.zip, the user will be able to change the config file directly in the update.zip
I still like idea of having the ability to establish a trust between boot.img and a config file in /data/ that do things like custom hosts file, lcd density, iptables (one of my favorites: iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to 8.8.8.8:53; iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to 8.8.8.8:53)
Click to expand...
Click to collapse
Well for iptables, I put it in standard su permission. Well ATM because of some bugs it's only in "power", but I expect it to get into "user" when a bug concerning pts is fixed.
phhusson said:
Two sides:
1. For LCD density, have you tried just doing adb shell wm density? Possibly it doesn't even break SafeNet
Click to expand...
Click to collapse
Yay! As su in Terminal Emulator, wm density 360 worked. The launcher didn't work until #am start -c android.intent.category.HOME -a android.intent.action.MAIN and other apps also needed to be killed before they would display at the new density like lock screen and existing notifications. There are a few issues with the status bar and nav buttons depending on what app you try to run. I assume that if you set this early enough with a hook from init.rc, (nudge nudge) say a trusted file from /data/ that there would be no problem.
LCD density set from setprop, local.prop and wm density all break SafeNet. Even worse, SafeNet now checks /sbin/ for su, requiring a mount bind to a copy of sbin without su. Next thing you know, it will check for bind mounts!
How about a build of SuperSU, su in a random directory with random names? I know, name it the hash of boot.img or the public key from the user generated keystore.
Dont read on, I fixed it , the /data/setlcd.sh 560 needed quotes around it.
I created a Terminal Emulator widget in an attempt to make it easy to switch between resolutions. Interestingly, when set with #wm density 360 and then #am restart, the density sticks across reboots, I was not expecting that!
Ive tried the widget with different combinations of explicit paths for su with options like --context and -c with wm density and am restart and even with a /data/setlcd.sh that is chmod 750 and chcon ubject_r:system_file:s0. Any tricks to accomplish this? I would expect the widget to prompt for root permission and then run my setlcd.sh taking the DPI as argument $1 I am envisioning one main .sh that has a function for each of my customizations, wm density, hosts, iptables and mount bind to a /sbin that has no su. I dont want to keep building boot.img's with special init.rc's.
The closest I have gotten is a widget with command /sbin/su with the arguments -c /data/setlcd.sh 560
This results in a terminal launching that asks for su permission and then:
$"/sbin/su" -c /data/setlcd.sh 560
sh: /data/setlcd.sh: can't execute: Permission denied
nothing in dmesg
Click to expand...
Click to collapse
So I made a test of verified boot feature here: http://forum.xda-developers.com/and...rified-boot-disk-encryption-testings-t3248161
The tl;dr is that verified boot is IMO a great feature of 5X/6P, and we have to find a way to have su enabled with this feature.
But this requires to have working OTA.
I have finally gotten the functionality I need with the exception of iptables which I understand you are working on adding. I am testing with shamu mra58r and the boot-su-power.img.
Here is my setup that features:
custom hosts file for browsing without advertisements
set the LCD density to tablet mode
quickly disable su and revert density when I want to use Android Pay
As root, I created a script in /data/android.sh and set the context to system via chcon ubject_r:system_file:s0 and chmod 700 here are its contents:
Code:
#!/system/bin/sh
#bind mounts transcend am restarts
#wm density transcends reboots
function lcd
{
/system/bin/wm density $density
/system/bin/sleep 3
/system/bin/am restart
}
function hosts
{
mount -o bind /data/hosts /system/etc/hosts
}
function nosu
{
/system/bin/wm density 560
cp /sbin /data/sbin -r
rm -f /data/sbin/su
mount -o bind /data/sbin /sbin
/system/bin/am restart
}
function dns
{
#not working yet in phh
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to 8.8.8.8:53
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to 8.8.8.8:53
}
density=$2
case "$1" in
lcd) lcd ;;
hosts) hosts ;;
nosu) nosu ;;
dns) dns ;;
esac
The hosts file was copied from http://winhelp2002.mvps.org/hosts.txt and placed in /data, its context was also set chcon ubject_r:system_file:s0 and chmod 644. The local host entries were modified to match those found in /system/etc/hosts. It was important that the contents of this file were terminated on each line and with a blank line at the end.
The tricky part was creating launchers on a home screen using the Terminal Emulator Widget. It seemed that you could not just type in /sbin/su, instead you had to browse to it. Screenshot of widget config attached.
I learned a few interesting things during testing.
Using a /data/local.prop with an encrypted disk resulted in the local.prop not being read during init.
Once wm density is set, it is persistent.
Using mount -o bind gives persistent mounts if you reboot using am restart from the terminal
SafetyNet now checks for su in /sbin
SafetyNet for AndroidPay checks for LCD density regardless of setting it via local.prop (if unencrypted), setprop or wm density
This will be easy for me to reproduce across all my devices without granting persistent root to any app and without adding any app but superuser and terminal emulator.
Thanks for your test! It's really interesting.
You must be the first user of something other than eng
iptables does work for me (in adb shell). Looking back, it should have been fixed by https://github.com/phhusson/super-bootimg/commit/31d3a635eea4fe66071346e05913acfb00d60144
That made me realize that if I don't do releases, I still need to know what users are using, so I added /super-bootimg which contains the git version of super-bootimg repo
For local.prop I'm happy to see you don't need it. I really feel like user shouldn't be allowed to change it (but I'm thinking only about some properties which are in /default.prop so it can't be overriden. perhaps local.prop is safe enough)
am restart is not a reboot, so it's normal mount bind stays
I think you could just mount bind an empty folder to /sbin. The only risks are if adbd/ueventd/watchdogd/healthd restarts, but they shouldn't
Any idea why busybox nslookup is not working?
[email protected]:/data # ls -Z nslookup busybox-android.bin
lrwxrwxrwx root root ubject_r:system_data_file:s0 nslookup -> busybox-android.bin
-rwxr-xr-x root shell ubject_r:system_file:s0 busybox-android.bin
[email protected]:/data # ./nslookup superuser.phh.me 8.8.8.8
Server: 8.8.8.8
Address 1: 8.8.8.8
nslookup: can't resolve 'superuser.phh.me'
1|[email protected]:/data # dmesg
[39764.686702] healthd: battery l=91 v=4144 t=28.1 h=2 st=3 c=-439 chg=
[email protected]:/data #