This IS working for 4.3+ using xposed module.
http://forum.xda-developers.com/showpost.php?p=49878296&postcount=679
All credit goes to Phantasm4489. I am only adding the the OP so people can find it.
Below can be used for anything below 4.2 but I still think the xposed module above is better.
Standard Disclaimer:
**************************************************************************************************************
I AM NOT RESPONSIBLE FOR YOU BEING FIRED BY CIRCUMVENTING THE POLICY YOUR IT STAFF HAS PUT IN PLACE. I AM NOT RESPONSIBLE FOR BRICKING YOUR PHONE (ALTHOUGH SERIOUSLY DOUBT IT COULD POSSIBLY DO THAT). I AM NOT RESPONSIBLE FOR ANY DAMAGE WHAT SO EVER. THIS IS FOR EDUCATIONAL PURPOSES ONLY!!
**************************************************************************************************************
Click to expand...
Click to collapse
First off:
THANKS to sparky for the 'su' binary I use in my newer scripts.
THANKS to chainfire for the 'su' binary I use in my older scripts.
THANKS to Fallon for helping fine tuning the directions.
This thread is dedicated to using GFE on rooted devices. My intent is to understand root detection schemes for my own personal education. If the information here is beneficial to others, then that is a plus.
I came up with a process that satisfies both GFE and its use on rooted (technically temp unrooted) devices. Basically unrooting and rerooting the phone so that the GFE app functions and I comply with not running GFE on a rooted phone. .
Tested on CM9 and CM10 for the Epic 4 Touch and the Galaxy S3. I've seen success on other ROMS as well. If you run into issues, i'd be happy to help and improve the process.
What GOOD(GFE) detects and what it doesn't care about
Some key notes about what GFE seems to detect:
Detects 'su' anyplace on the phone /system partition (usually located in /system/bin/su or /system/xbin/su).
Detects the superuser apk and supersu apk
Detects if you have su'd in adb or shell while it is running. Close adb and log out of and shells before launch!
If you use a root tool like titanium, reboot before launching good! Titanium will sometimes leave open rooted processes running.
In pre-JB, it could use the READ_LOGS android permission to comb the system logs and find 'root like 'activity'. In JB, that 'security hole' is closed and that permission is locked down by android.
It detects if /system is RW.
The software is setup to never be shutdown. Once its started, it runs no matter what. Preventing it from starting is a good thing IMHO.
Seems that for some unknown reason, if es explorer was run in root mode at any point before running good, it detects root. Even if I manually kill all the back ground processes before unfreezing/launching Good.
Sometimes I get a compliance failed when I was working in ADB prior to running good. Typically if I was in ADB doing root work, i'll reboot the ROM before enabling good.
Turn off 'automatic update' for super user app from market
What GFE does not seem to care about:
busybox
CWM
locked/unlocked bootloaders
Here is how to make root and GFE play as nice as possible. This isn't perfect but it works pretty good. I still get the 'compliance failed' once in a while when i do something dumb. I am lucky in that I can clear data on the GFE app and reuse the prior key or request a new key from our IT system on demand. If you cannot do this easily, then this may be cumbersome. As we further progress this, we should get less and less lockouts.
SCRIPTED PROCESS
Downloads:
Something to run the scripts One of these will do:
- Connectbot or any shell execution program from play store. connectbot has widgets. I use connectbot.... - Script Manager found here: http://db.tt/Vonx78NI . Or playstore.
(required for PRE-JB roms only). Install Permissions Denied from the Market
The latest cwm/twrp flashable zip attached to this OP.
An installation of busybox. Typically comes with CM and lots of other ROMs but just making the point here that it is required.
Setup app and dependencies:
Flash the gfe_workaround_setup zip attached to this OP in CWM. This will create four scripts and a "backdoor" su binary. They are as follows:
/system/xbin/dger
/system/xbin/egdr
/system/xbin/fu. (The sparkysu binary is insecure so be careful out there! Just a disclaimer)
/system/xbin/r_dger
/system/xbin/r_egdr
Install Good Application
If pre-JB (NOT REQUIRED ON JB+), open Permissions Denied and disable the READ_LOGS permission for the Good Application. Immediately after disabling that permission reboot the device from within the Permissions Denied app (in the menu). It must be done from within the application immediately after toggling the permissions to denied.
Optional but recommended: use "autostarts app" (or similar) from market to turn off all autostarting flags for Good app. This is incase you forget to disable root before you reboot and dont want it to start after again after flashing a rom which would restore root..
Use Connectbot or old script manager to execute the enable/disable scripts.
HOW TO Use the scripts and run the Good.
These scripts will basically temp unroot your phone and disable the superuser user whenever you want to run good. It will reverse the operation whenever you want to return root and lockup good.
I typically leave good disabled unless I am using it but that is up to you.
Whenever you want to 'run good'. You will run the script egdr.
Whenever you want to disable good and return root to your phone run dger (prior to reboot for example or flashing roms or whatever)
DO NOT FORGET TO run the DGER script before flashing a rom since that rom will repush superuser and su and if good was enabled when you shutdown to reflash the rom, good will detect root and deactivate the handheld. Also since I disable the superuser user entirely when you flash the new rom, you will lose root and will need to enable the superuser user and reflash the rom to fix things... You can always just fix it with adb but renabling superuser... But that is a pain.
(pre-JB only) Permissions Denied takes FOREVER to startup, several minutes at least & you repeatidly see it getting root permissions, at first I thought it was having issues but that is how it works.
No need to "Lock Permissions" within the Permissions Denied app from what I've seen but ymmv
Under the ROM Developer Options "Root access" is irrelevant, GFE is working just fine with it set to "Apps and ADB right now"
GFE will work fine by wiping app data & initilizing it with a new PIN if you get things cleaned up after a policy violation
No need to get an unlock code from your sysadmins after a policy violation, just wipe app data for GFE & get a new PIN (assuming you have access to a website to request a new PIN
A mini-how to for connectbot:
I prefer this because connectbot is a simple tool and I like to keep it simple. But you may prefer the script manager interface instead.
With connectbot, you can create 2 'local' connections. One for each of the enable/disable scripts appropriately named. You can edit each of the local connections and setup 'post-login automation'. In the post-login automation you add the following (Note that <enter> means to put a line feed... i.e. hit enter ):
Code:
/system/xbin/dger;exit
<enter>
Code:
/system/xbin/egdr;exit
<enter>
You can either open connectbot each time and run the enable or disable scripts or you can add connectbot shortcuts to each local connection on your launcher's desktop. Its under 'add shortcut' you will see connectbot.
If you, like me, get annoyed by the notification icon from connectbot, you can optionally do these steps to execute it.
In the connectbot options, disable persistence. Also you can replace the ';exit' in the post automation commands with ';kill $PPID' and that will get you very close a self closing command. That will terminate the shell session you are in. When disabling GFE you'll still have to hit the back button but when enabling GFE it wont stay in your notification bar.
Example:
Code:
/system/xbin/dger;kill $PPID
<enter>
The negative is that if there was an issue, you wont see the log. I may add logging support in the scripts so that we can go back and look easier anyway at what failed if we get a lock out. If you ever needed to debug though just remove that temporarily and you'll see the log again.
If you wanted a few seconds to review the log, you could do something like this also:
Code:
/system/xbin/dger;[COLOR="Red"]sleep 5[/COLOR];kill $PPID
<enter>
A mini-how to for script manager:
In script manager you will add the scripts into script manager and execute them via the app or it's widgets. The scripts should NOT be setup to run as superuser but they still will prompt for super user when the disable one is actually executed and you should respond GRANT to that request. You will use the app to find the scripts in /system/xbin chosing the following:
Code:
/system/xbin/dger
Code:
/system/xbin/egdr
FAQ
Q: If I am going to dirty flash a new rom (no data wipe), What do I need to do to keep GOOD in compliance?
A: IT'S LIKE DANCING AROUND A LAND MINE! You will want to follow this process before and after flashing dirty:
Run dger to return root to your device and disable GOOD
Reboot into cwm
Flash rom and do any other rom specific instructions including any reboots or whatever the rom maintainer wants you to do.
Reflash the gfe_workaround zip from the op since flashing the rom overwrites it.
Boot into the rom and set it up as you like with root...
Run disable good enable root.sh to make sure things are well after rom flash.
reboot one last time
use scripts as normal
Q: If I am going to clean flash a new rom (wipe data), What do I need to do to keep GOOD in compliance?
A: Clean Flashing will require you to restore the good app or jsut reactivate it. You can likely avoid reactivation by following this. YMMV
Run dger to return root to your device and disable GOOD
Use Titanium Backup (or similar like carbon) to backup the GOOD app and data.
Reboot into cwm
Flash rom and do any other rom specific instructions including any reboots, wiping data/system or whatever\ the rom maintener wants you to do.
Reflash the gfe_workaround zip from the op since flashing the rom overwrites it.
Boot into the rom and set it up as you like with root...
Restore GOOD with Titanium. You may need to also restore your android ID with titanium as I am not sure if it hashes that ID with activation credentials.
Immediately run dger BEFORE REBOOTING to make sure things are well after rom flash.
Ensure you redisable any permissions denied things and autostarts.
reboot one last time
use scripts as normal
DEBUGGING PROCESS
So you've experienced a policy break/lockout? Now what?? This is how you can debug and give me what I need to help you if required:
flash newest scripts in OP and boot up and let it settle.
run the disable good script.
run enable good script.
run disable good script again.
That will create log files in /sdcard/ with the same names as the scripts. You can review those or submit them to me in this thread and I can look. I will also need the following. I review these files to see if there are any 'other' superuser or supersu apks that my scripts have missed. I will need the /sdcard/gfe.txt after you run the below to assist posted in the thread.
Run the following commands in a connectbot shell after above:
Code:
Code:
su
find /system/app /data/app /system/bin /system/xbin|sort > /sdcard/gfe.txt
pm list packages >> /sdcard/gfe.txt
Then give me these following logs:
/sdcard/gfe.txt
/sdcard/egdr.......log
/sdcard/dger.......log
Some of the most common reasons for lockouts are because of the running of certain root apps prior to enabling good. Certain root apps still retain root access after you close them. Notably es explorer and titanium. I'm sure there are others but this is two that I know of. If you use those tools either disable root access in them if applicable or reboot before running good after using them.
Change log
04-20-2013 (v16):
Renamed scripts and binary
04-03-2013 (v16):
Added "script complete" messages to output.
04-02-2013 (v15):
Added command line option to turn off auto-launch of GFE. The default will remain to auto-launch it.
04-01-2013 (v14):
Went back to sparky su as other su is causing too many anomolies.
FAQ added to OP.
02-26-2013 (v13):
Removed execution speed enhancement introduced in v11 as it caused some issues.
02-22-2013 (v12):
Further improved Logging to sdcards
Added some enhancements and termination of some root apps(titanium)
02-14-2013 (v11):
Improved script execution speed by parallelizing some operations
Added logging to /sdcard if available
02-04-2013 (v10):
Changed the way I handled superuser apps (or multiples) stored in data and system.
Added ability to handle chainfire's nonag apk in addition to regular supersu.
Started using supersu's su for a more secure setup.
Revamped directions and cleared up some errors in the OP.
01-29-2013 (v9):
added new mask for apk
added error handling for mounts incase.
01-25-2013 (v8):
reversed order of hiding apks between system/data to resolve
issue of supersu/superuser "forgetting" settings when rerooting.
12-18-2012 (v6):
added supersu support
fixed left over apks from super app upgrades
12-14-2012 (v3):
Added clean exit commands.
12-13-2012 (v2):
- Discovery that new script manager may cause compliance issues and doesn't work after temp unrooting!
12-12-2012 (v1):
- Fixed bugs
- Automated variables
- Created flashable setup script
- Simplified the install process
12-10-2012 ():
- Initial design
The 'manual' process may not work anymore. I believe supersu apks are getting picked up for compliance. There are a few more manual ways listed in this thread that may or may not work for you but you are welcome to try them.
MANUAL PROCESS
If the script process is too complicated for you and you want to do things manually, you can do this as well. It is a pain though and more prone to getting the handheld disabled by good because of user error (forgetting to do something).
The key to this way is that gfe doesnt appear to detect supersu apk and does detect superuser apk. Not sure how long this will last! ymmv
You can install supersu, open it and let it authorize. Then rename /system/app/Superuser.apk to super_user.rob since its not needed anymore and let supersu do the authorizations.
Then install "app quarantine" from the market or titanium backup. These apps let you freeze and unfreeze the gfe app so you can bounce between a rooted and unrooted phone. (hint: there are widgets for this in titanium and app quarantine that are much more convenient)
If pre_JB, Install "permissions denied" (in app store) to remove the some of the permissions from the app. specifically you must remove
READ_LOGS
The process is as follows once the above is complete and gfe is installed and you want to use gfe:
FROST GFE(reroot)
open gfe and go into preferences and select "disconnect" and then select shutdown good. VERY IMPORTANT TO DISCONNECT AND SHUTDOWN from within the GOOD app. Do NOT just hit the 'HOME' button and reroot. It WILL detect that it has been frosted and unfrosted if you do not follow this advice
immediately open supersu app and go to settings and select "enable supersu" to reenable root.
open app quarantine (or titanium) and freeze good so it won't autostart.
You can now use the rooted phone like normal.
when you want to use gfe, temp unroot as follows:
UNFROST GFE(temp unroot)
using titanium or app quarantine defrost gfe.
immediately open supersu and go to settings and uncheck "enable supersu". the will hide the su binary and temp unroot.
open gfe and use it like normal.
once done using gfe, refrost it like above
this works very well but ymmv. The scripted method works much better.
Finally had success getting GFE running a recent CM10 nightly on my AT&T SGS3 thanks to calisro. Thanks for figuring out a good work around to enable GFE! It looks like my issues this go around were with Permissions Denied & me doing some uninstall-re-install of GFE.
My process (tweaks to calisro's stuff mostly):
Uninstalled ES explorer (just to make sure it is not causing issues for now)
Installed GFE
Installed Script Manager (I've since upgraded to Script Manager-SManager(NoAds), always a good idea to support the devs)
Installed Permissions Denied
Installed su as /sdcard/rob_su
Opened Permissions Denied and disabled the following permission for the Good Application: READ_LOGS and RECEIVE_BOOT_COMPLETED
Rebooted from within Permissions Denied, checked & verified Good had the 2 permissions in question denied
Created the 3 scripts using the updated versions recently posted
setup_rootdoor.sh
enable_good_disable_root.sh (complete with the missing final line noted above)
disable_good_enable_root.sh
With Script Manager, ran setup_rootdoor.sh
Deleted all data for GFE through app manager
With Script Manager, ran enable_good_disable_root.sh
Activated GFE
Working GFE
Notes:
Permissions Denied takes FOREVER to startup, several minutes at least & you repeatedly see it getting root permissions, at first I thought it was having issues, but I guess that's normal behavior
No need to "Lock Permissions" within the Permissions Denied app from what I've seen
Under Developer Options "Root access" is irrelevant, GFE is working just fine with it set to "Apps and ADB right now"
GFE seems to be sucessfully cleaned up by deleting app data from within app manager
GFE will work fine by wiping app data & initializing it with a new PIN if you get things cleaned up after a policy violation
No need to get an unlock code from your sysadmins after a policy violation, just wipe app data for GFE & get a new PIN (assuming you have access to a website to request a new PIN
Logs & thoughts from of my previous failures & troubleshooting steps http://forum.xda-developers.com/showpost.php?p=33025295&postcount=5
Fallon said:
Finally had success getting GFE running a recent CM10 nightly on my AT&T SGS3 thanks to calisro. Thanks for figuring out a good work around to enable GFE! It looks like my issues this go around were with Permissions Denied & me doing some uninstall-re-install of GFE.
My process (tweaks to calisro's stuff mostly):
Uninstalled ES explorer (just to make sure it is not causing issues for now)
Installed GFE
Installed Script Manager (I've since upgraded to Script Manager-SManager(NoAds), always a good idea to support the devs)
Installed Permissions Denied
Installed su as /sdcard/rob_su
Opened Permissions Denied and disabled the following permission for the Good Application: READ_LOGS and RECEIVE_BOOT_COMPLETED
Rebooted from within Permissions Denied, checked & verified Good had the 2 permissions in question denied
Created the 3 scripts using the updated versions recently posted
setup_rootdoor.sh
enable_good_disable_root.sh (complete with the missing final line noted above)
disable_good_enable_root.sh
With Script Manager, ran setup_rootdoor.sh
Deleted all data for GFE through app manager
With Script Manager, ran enable_good_disable_root.sh
Activated GFE
Working GFE
Notes:
Permissions Denied takes FOREVER to startup, several minutes at least & you repeatedly see it getting root permissions, at first I thought it was having issues, but I guess that's normal behavior
No need to "Lock Permissions" within the Permissions Denied app from what I've seen
Under Developer Options "Root access" is irrelevant, GFE is working just fine with it set to "Apps and ADB right now"
GFE seems to be sucessfully cleaned up by deleting app data from within app manager
GFE will work fine by wiping app data & initializing it with a new PIN if you get things cleaned up after a policy violation
No need to get an unlock code from your sysadmins after a policy violation, just wipe app data for GFE & get a new PIN (assuming you have access to a website to request a new PIN
Logs & thoughts from of my previous failures & troubleshooting steps http://forum.xda-developers.com/showpost.php?p=33025295&postcount=5
Click to expand...
Click to collapse
FYI, I simplified the install with a flashable zip and some modifications to the scripts so that the work they do is dynamic rather than hard coded.
Discovered that the new Script Manager is potentially causing policy compliance issues. See the op for alternative or older version of script manager.
calisro said:
Discovered that the new Script Manager is causing policy compliance issues. See the op for alternative or older version of script manager.
Click to expand...
Click to collapse
Does it only trip when you use it? I think I saw Script Manager update a couple days ago, but haven't had any problems yet. Then again I haven't needed to mess with SM at all since then or even engage root for anything since I got GFE working on CM10 a week or so ago.
I'm having it fail compliance by simply having it installed. I've gone through and upgraded, tested, downgraded, tested, etc for a number of times to be sure and it keeps tripping as soon as it is used once. I've even installed it,denied superuser for the app, then used connectbot to actually run the script and it still failed. As soon as I go back to older version it works flawlessly again.
I'll be interested if yours' trips when toggle root and good once again.
De easiest way to perform tasks that require root is to use chainfire's exynos exploit apk to acquire root and when you're done use supersu to unroot.
Make sure you stop de GFE service before rooting! I just did this and GFE really stops working as I rooted, cleaned up my new polish Note 2 4.1.2. rom, unrooted, booted and used GFE like before, no policy violations.
Whatever you do, do not boot before you unrooted.
blackspp said:
De easiest way to perform tasks that require root is to use chainfire's exynos exploit apk to acquire root and when you're done use supersu to unroot.
Make sure you stop de GFE service before rooting! I just did this and GFE really stops working as I rooted, cleaned up my new polish Note 2 4.1.2. rom, unrooted, booted and used GFE like before, no policy violations.
Whatever you do, do not boot before you unrooted.
Click to expand...
Click to collapse
I wouldn't call that the easiest but to each their own.
While that may work for some people for a short time, it doesn't address a lot of things:
1) Doesn't work with superuser since Good detects the superuser apk and doesn't detect supersu yet. Detection of supersu will be added to Good at some point since its use is being coming more prevalent.
2) That exploit will be addressed soon since it affects millions of hand sets. Samsung will close the exploit and AOSP/AOKP will also address the exploit. So it will be useful for a short time only.
3) It only works for Samsung exynos based handsets only. My method is generic.
4) Requires reboots to bounce back and forth between root and unroot. Would be tiresome to do this many times a day.
5) if you reboot while your rooted, you'll get policy breaks.
v6 works great. the new method of CWM installation of scripts makes it very easy. i used the free autorun app "autorun manager" to disable the receiver flags of GFE.
the only annoyance that really is not bad is that when GFE is disabled, the shortcuts/widgets i have are removed since the app is hidden. a very acceptable price to pay considering my company has the "root" compliance turned on. this at least gives me access to email w/o rebooting when needed.
Thanks for all the work!
Do you have to use CWM recovery to flash the zip or can I use the team win recovery. I'm on Verizon note 2 with jelly beans v4 rom.
Thanks, Will
Sent from my SCH-I605 using xda app-developers app
wc4482 said:
Do you have to use CWM recovery to flash the zip or can I use the team win recovery. I'm on Verizon note 2 with jelly beans v4 rom.
Thanks, Will
Sent from my SCH-I605 using xda app-developers app
Click to expand...
Click to collapse
I have not tried twrp but it should work fine.
calisro said:
I have not tried twrp but it should work fine.
Click to expand...
Click to collapse
Just wanted to say thank you for your scripts. Installation worked perfectly on TWRP and to be safe I froze ES file Explorer in titanium since it came with my ROM.
I think my favorite part of the re root script is killing Good and not being bothered by work emails unless I want to be.
Sent from my SCH-I605 using xda app-developers app
glad they are working for you. what rom and phone are you on?
calisro said:
glad they are working for you. what rom and phone are you on?
Click to expand...
Click to collapse
Jelly Beans v4 ROM for Verizon Galaxy Note 2
Sent from my SCH-I605 using xda app-developers app
Good unrooted
Hi,
I've tried lots of different options, being a complete noob at this unrooting malarkey.
Having had a nightmare rooting, I finally managed it, only for Good to then not work because it was rooted.
I finally managed it thus: Downloaded the paid for version of SuperSU. Selected the 'clean up for complete unroot option', downloaded GFE, and self served a new pin, installed Good, went through the setup steps, et voila!
Have rebooted a couple of times and it's still working. Fingers crossed.
Galaxy S3 i9300 with a nightly build of CyanogenMod 10.1 Jelly Bean 4.2.
Not sure if it'll keep working, but I really hope so!
Bestbaldmanever said:
Hi,
I've tried lots of different options, being a complete noob at this unrooting malarkey.
Having had a nightmare rooting, I finally managed it, only for Good to then not work because it was rooted.
I finally managed it thus: Downloaded the paid for version of SuperSU. Selected the 'clean up for complete unroot option', downloaded GFE, and self served a new pin, installed Good, went through the setup steps, et voila!
Have rebooted a couple of times and it's still working. Fingers crossed.
Galaxy S3 i9300 with a nightly build of CyanogenMod 10.1 Jelly Bean 4.2.
Not sure if it'll keep working, but I really hope so!
Click to expand...
Click to collapse
If you completely unrooted it should be fine but now you don't have root unless you reflash. The point here was to offer a way to temp unroot.
calisro said:
If you completely unrooted it should be fine but now you don't have root unless you reflash. The point here was to offer a way to temp unroot.
Click to expand...
Click to collapse
*hangs head in shame for being a dumbass*
That said, it's no biggie to reflash with CF Root whenever I need Root. Which won't be very often I can't imagine... I've had the phone six months and only flashed it cos I got so frustrated with TouchWiz and the horrendous lag I was getting.
The SGS3 is my work phone; I'm an iOS boy for all my personal stuff (sorry!), so I'm quite used to operating without Root access!
Bestbaldmanever said:
*hangs head in shame for being a dumbass*
That said, it's no biggie to reflash with CF Root whenever I need Root. Which won't be very often I can't imagine... I've had the phone six months and only flashed it cos I got so frustrated with TouchWiz and the horrendous lag I was getting.
The SGS3 is my work phone; I'm an iOS boy for all my personal stuff (sorry!), so I'm quite used to operating without Root access!
Click to expand...
Click to collapse
But the scripts in the OP didn't work for you? What problems did you have?
I understand if it ain't broken don't fix it, but I'm also a noob and was able to get this working- the best of both worlds now!
Sent from my SCH-I605 using xda app-developers app
wc4482 said:
But the scripts in the OP didn't work for you? What problems did you get have?
I understand if it ain't broken don't fix it, but I'm also a noob and got the best of both worlds now!
Sent from my SCH-I605 using xda app-developers app
Click to expand...
Click to collapse
Truth be told, i'm not sure what happened. Flashed the ROM, installed connectbot, ran the scripts; nothing happened. Searched for the scripts in system/xbin but couldn't find them.
This was at the end of two days of battling with connection problems with Odin, phone getting stuck in Download mode, SD card not being recognised with the nightly build of CM 10.1 I was using, and a few other things.
I could probably have made it work, but being as my primary goal was to get rid of TouchWiz and all the Vodafone clag on the phone, that has been achieved.
At some point in the future, i might have another go. But as I'm someone who loves technology but isn't a techie, the instructions on most of these blogs are a bit difficult for my small brain to follow.
That's obviously my problem, not anyone else's, but it takes me a while to penetrate the language and understand what people mean. So, unless I really, really need to be switching back and forth between root and no root, I'll probably leave well alone for a while now.
Thanks, though, to everyone who is clearly a lot, lot cleverer and more persisten than I am for making all this wonderful stuff available.
I have an SGS3 with cm 10.2 and the secure settings has updated and uses the new system+ but I can't remove the helper. It gives me invalid configuration in the screen to install the system+. When I browse to the system/app folder I can't delete because of wrong permissions. When I try to change permissions on the folder it already has fuel permission for owner but I can't add write for the other options. I do have root access.
Anyone have any ideas?
Sent from my SCH-I535
I've got the exact same problem on my Nexus 4 with CM 10.2.
Edit: I just played around a bit and had the new version of System+ uninstalled.
I deactivated Secure Settings Helper in Android Settings -> Apps -> All. Tried to remove the securesettings.apk under system/app via terminal and adb without success. I deleted everything relating to secure settings using Titanium Backup. When I was unsuccessful, I opend up Tasker and unsurprisingly got a couple of Plugin Error messages.
Then I thought I might as well reactivate Secure Settings Helper again, so I did and also installed the new System+ Secure Settings app. For some reason via this app, I could now remove the helper granting root permissions again in the process and enable System+.
tl;dr: Try deactivating and reactivating Secure Settings Helper in Android Settings -> Apps -> All and then remove it via the new System+ Secure Settings app.
I have the same problem, also on a Nexus 4 but with stock KitKat. I have root, but I can't uninstall Secure Settings Helper either through the app or manually.
Mepsipax said:
I've got the exact same problem on my Nexus 4 with CM 10.2.
tl;dr: Try deactivating and reactivating Secure Settings Helper in Android Settings -> Apps -> All and then remove it via the new System+ Secure Settings app.
Click to expand...
Click to collapse
I'm not sure how this worked for you, because the System+ module supposedly can't be installed unless the Helper is gone. I did try uninstalling with TiBu, and it said it was successful, but I think that only removes updates to the Helper, and not the original apk.
****EDIT****
Please see http://forum.xda-developers.com/showpost.php?p=56539897&postcount=9 for the Answer
*************
Hi all ,
I'm wanting to use NowTV (like SkyGo) on my OnePlus , however they are using a type of Root check that most root hiders cannot bypass.
Therefore I'm looking for a way to temp unroot and then root back again with ease.
just wondering if there are any tools or easy to follow guides?
thanks
Disable Superuser in SuperSU settings.
zoro25 said:
Hi all ,
I'm wanting to use NowTV (like SkyGo) on my OnePlus , however they are using a type of Root check that most root hiders cannot bypass.
Therefore I'm looking for a way to temp unroot and then root back again with ease.
just wondering if there are any tools or easy to follow guides?
thanks
Click to expand...
Click to collapse
Or if you are on a Cm nightly you can turn them off in the developer option
Disabling super user doesn't work, their detection method is unknown and they check more than the su binary.
I might try the nightlies, however I need stability.
Thanks for the responses so far
Outside of the nightly wing if you want stability use the M releases, they are designed to be more stable than the nightly branch
zoro25 said:
Disabling super user doesn't work, their detection method is unknown and they check more than the su binary.
I might try the nightlies, however I need stability.
Thanks for the responses so far
Click to expand...
Click to collapse
The problem isn't really the SuperSU as such, it's CM. They flag CM as a rooted ROM, it'll even happen if you're on stock un-rooted CM11S.
Transmitted via Bacon
I'm pretty sure that I saw an xposed module that could hide superuser completely. Might want to give that a try
skyguy126 said:
I'm pretty sure that I saw an xposed module that could hide superuser completely. Might want to give that a try
Click to expand...
Click to collapse
As per my post right above yours, it isn't SU that's the problem, it's that the ROM is CM.
Transmitted via Bacon
Timmaaa is correct and that's the info I wanted, I had tried the xposed modules but none worked and now I know why.
I'll contact sky and see if I get anywhere
****EDIT****
So it seems that Timmaaa is NOT correct as there is NO CyanogenMod or any ROM check, it's all to do with the the name of your Root App
Short Version is unroot and uninstall SU app for this to work (removing SU Binary or removing Root alone is not enough)
So we need to have a new Root app with a new AppID and name , and also the SU binary to be identified as something else for this to possibly work.
I now have NOWTV working , and it's on an Unrooted One+One with no SU App installed after running full Unroot (however my SUPro app is still installed)
Note that SUPro does nothing really and just gives extra functionality when the main SU app is installed.
Thanks for everyone help and input on this.
So it seems that you would have to
1)Full UnRoot (Which also uninstalls the main SuperUser app)
2) Watch what ever you wanted to on NowTV or SkyGO
3)Go through the Rooting process again as if it were a new device. (which will again stop NOWTV/SkyGo) from working.
Do steps 1 and 2 again to watch.
This would have to be done everytime you want to watch NowTV
zoro25 said:
Timmaaa is correct and that's the info I wanted, I had tried the xposed modules but none worked and now I know why.
I'll contact sky and see if I get anywhere
****EDIT****
So it seems that Timmaaa is NOT correct as there is NO CyanogenMod or any ROM check, it's all to do with the the name of your Root App
Short Version is unroot and uninstall SU app for this to work (removing SU Binary or removing Root alone is not enough)
So we need to have a new Root app with a new AppID and name , and also the SU binary to be identified as something else for this to possibly work.
I now have NOWTV working , and it's on an Unrooted One+One with no SU App installed after running full Unroot (however my SUPro app is still installed)
Note that SUPro does nothing really and just gives extra functionality when the main SU app is installed.
Thanks for everyone help and input on this.
So it seems that you would have to
1)Full UnRoot (Which also uninstalls the main SuperUser app)
2) Watch what ever you wanted to on NowTV or SkyGO
3)Go through the Rooting process again as if it were a new device. (which will again stop NOWTV/SkyGo) from working.
Do steps 1 and 2 again to watch.
This would have to be done everytime you want to watch NowTV
Click to expand...
Click to collapse
This is just a theory... may be wrong:
Can't you move the SuperSU app into /system/app instead of /data/app. Or does the NOWTV app have perms to check the integrity of /system also. Or can you change the app id of the SuperSU app with a simple decompile tool.
I did that while using cm11s. But still had problems trying to watch skygo. In the end I had alter my buildprop to a phone which supports skygo as at the time it didn't support oneplus one. Then full unroot etc to watch then root back to get root access again.
Anyone else using Autostarts on their S6? If yes, are you able to use it?
This is the app i'm talking about:
https://play.google.com/store/apps/details?id=com.elsdoerfer.android.autostarts&hl=en
The app opens fine and the first time you try to disable something Supersu pops up to ask if you want to grant it root access, but after that a white box appears and nothing happens.
Attached a screenshot of that white box.
I've already tried several things but to no avail: flashed a custom kernel so SE is permissive instead of enforcing, deleting the root access and reauthorize it, etc.
It's not lollipop because it works on my Tab S and Note 3 (before) both running Lollipop...
Tried another app as well (forgot the name) and receive a message that root access failed (if i remember correctly). Clean Master and Elixir 2 are doing the job at the moment, but Autostarts is much easier to use for that kind of stuff.
I'm not having root access problems with another apps.
Alta1r said:
Anyone else using Autostarts on their S6? If yes, are you able to use it?
This is the app i'm talking about:
https://play.google.com/store/apps/details?id=com.elsdoerfer.android.autostarts&hl=en
The app opens fine and the first time you try to disable something Supersu pops up to ask if you want to grant it root access, but after that a white box appears and nothing happens.
Attached a screenshot of that white box.
I've already tried several things but to no avail: flashed a custom kernel so SE is permissive instead of enforcing, deleting the root access and reauthorize it, etc.
It's not lollipop because it works on my Tab S and Note 3 (before) both running Lollipop...
Tried another app as well (forgot the name) and receive a message that root access failed (if i remember correctly). Clean Master and Elixir 2 are doing the job at the moment, but Autostarts is much easier to use for that kind of stuff.
I'm not having root access problems with another apps.
Click to expand...
Click to collapse
I've not been able to get it to work on 64 bit Lollipop both on my Galaxy S6 and Nexus 9. Wish I knew why!
I will email the developer with the issue.
I the mean time I've started using Myandroidtool which has it also categorised in different events (at boot, connectivity changed, etc.). It's under Receivers Not as good as Autustarts but it's pretty decent.
Anyone get a logcat? Please.
I am adding it to mine via adding the code etc...
So please upload a catlog so I can see and maybe can figure it out.