Secure Settings (for Tasker) with Systemless Root... - Google Pixel Questions & Answers

I want to use Secure Settings with Tasker to accomplish things that Tasker won't allow. My issue is that Secure Settings won't "see" that I'm rooted. I Googled this and found a solution (see attached image and this link: https://dammit.nl/p/962). But it won't work. If I do it through terminal emulator, it says /system is busy. If I go through TWRP and mount the /system, It just says the location wasn't found (for the touch command), specifically the /xbin and the /bin folders. Anyone else done this? Or found another way to make Tasker do things like change location mode (high accuracy to battery saver, or vice versa)?

Forgot to attach image. Here it is.

Ugh. This is the one without SU getting in the way...

Remount /system rw
Create two symlinks
Run Secure Settings
Grant root when asked
Done

PsiPhiDan said:
Ugh. This is the one without SU getting in the way...
Click to expand...
Click to collapse
Not sure that just touching 'su' files work. Preferred to create symlinks to actual 'su' utility (see above)

Related

AdFree Hosts file

Since we currently can't write to /system while Android is running, the AdFree app is unfortunately unusable. However, here is the hosts file that the app supplies you with, so you can still put it into your phone manually.
Download the attached file, unzip it and place the hosts file on your sdcard. Then, open up a command prompt, load up your recovery menu (using the instructions in toastcfh's guide) and type:
Code:
adb shell
mount /system
mount /sdcard
cp /sdcard/hosts /system/etc/hosts
exit
Now you're AdFree
As in AD free while on the web only? Or does this block the ADs that are displayed within certain programs? Like Spare Parts for example.
VoXHTC said:
As in AD free while on the web only? Or does this block the ADs that are displayed within certain programs? Like Spare Parts for example.
Click to expand...
Click to collapse
Everytime the phone goes to download an ad, it gets blocked. So in both the browser and inside apps.
a) not development
b) i already did this thread
http://forum.xda-developers.com/showthread.php?t=695196&highlight=adfree
I'm guessing this requires root?
Also, those commands can't work AFAIK, because mount needs two arguments.
Or am I missing something here? I'm new.
I have actually had 0 problems running adfree right out of the box. Installed, ran and bam no ads. Didn't have to modify nothing through ADB.
superevilllama said:
I have actually had 0 problems running adfree right out of the box. Installed, ran and bam no ads. Didn't have to modify nothing through ADB.
Click to expand...
Click to collapse
U running 2.2? BC I see lots more adds since 2.2, it blocks some but not most.
Sent from my PC36100 using XDA App
You know, to my embarassing discovery, I never noticed (as I found this thread from google) but this is the forum specifically for EVO.
I'm running a DX (so 2.1), so that may be the problem. But still, I wouldn't think such things would be different in the OS. Guess the package it differently. Oh well. Not gonna bother rooting my toy just yet, hehe. Sorry bout the confusion.
AdFree is working perfect on CM7 nightly 23 & 25 & MikFroyo 4.5 but it does not work if you have BusyBox 1.18.3 but works perfect with BusyBox 1.17.1. I did not test other versions but I think the problem is related to BusyBox 1.18.3 by today 03/19/11.
Still there are ads running on some apps
like moneycontrol, and more.
Gregalous said:
Since we currently can't write to /system while Android is running, the AdFree app is unfortunately unusable. However, here is the hosts file that the app supplies you with, so you can still put it into your phone manually.
Download the attached file, unzip it and place the hosts file on your sdcard. Then, open up a command prompt, load up your recovery menu (using the instructions in toastcfh's guide) and type:
Code:
adb shell
mount /system
mount /sdcard
cp /sdcard/hosts /system/etc/hosts
exit
Now you're AdFree
Click to expand...
Click to collapse
earth08 said:
Still there are ads running on some apps
like moneycontrol, and more.
Click to expand...
Click to collapse
Its not updated, try absolute system tools from the Android Market. It downloads an updated script
If anyone is interested I created an app (Warning: requires ROOT) that allows you to enter one or more URLs and/or file paths and merges them and installs them as hosts. You may find the source-code here: https://code.google.com/p/android-ad-blocker/
I'll try to fix bugs for it but I can't promise I'll have time.
Edit: I made a new version because the old one had some issues transferring large files. You may find it here: http://dl.dropbox.com/u/8443626/android-ad-blocker.apk
Adfree works fine, Am I missing something? I just ran it, it updated my host file. I checked again and it said it's the latest version
Sent from my PC36100
karilofyore said:
If anyone is interested I created an app (Warning: requires ROOT) that allows you to enter one or more URLs and/or file paths and merges them and installs them as hosts. You may find the source-code here: https://code.google.com/p/android-ad-blocker/
I'll try to fix bugs for it but I can't promise I'll have time.
Click to expand...
Click to collapse
Can u help me... on how to use ur app
Sent from my °•EvO HD•°
Can u explain this process... where is the guide from toast...
Sent from my °•EvO HD•°
acme64 said:
Adfree works fine, Am I missing something? I just ran it, it updated my host file. I checked again and it said it's the latest version
Sent from my PC36100
Click to expand...
Click to collapse
x2 im confused
@ acme64 : Some people in market comments complained that it doesn't work fine anymore and it's a root app with closed source. Since it was simple to write a similar tool I did it for myself mainly.
@ Don74y3 : The way to use the application is to put a URL to a hosts file. You may use for example the one in the screenshot (I can't put the link here because of forum rules but use Google to search for "hosts file winhelp2002" and from the first link, take the address from "To view the HOSTS file in plain text form") and then click "Apply". What the program does is get that file and put it in your (rooted) Android phone. That file in turn lets the phone avoid domains that serve ads or malware. The app can take more URLs and merge them, but that's not necessary. After clicking "Apply" it is recommended to reboot the phone to make sure the changes go into effect. You will see that the pages load faster and without ads.
P.S. I'm not affiliated with the guys that make that hosts file, though I'm grateful for their work.
Unable to figure out system mount point.
Can you please help with this?
MattSkeet said:
Unable to figure out system mount point.
Can you please help with this?
Click to expand...
Click to collapse
Hi, the programs tries to figure out where the /system partition is mounted on your phone (this is because it has to switch it to read-write, put the hosts file and switch it back to read-only). I wrote the program to parse the output of the "mount" command.
Unfortunately it seems that on your phone the output is far different than what I expected. I don't know how to fix this unless you can send me the output of that command on your phone - by PM for example. To do this use adb (try to Google for how to get Android Debug Bridge) with your phone connected: run "adb shell" from a command prompt and at the shell prompt type "mount" without quotes and send me the output - at least the line that contains "/system".
Hi,
I have a different question.
I used adFree but then decided that I actually wanted see the ads on my apps.
I removed AdFree but the ads are still gone.
Is there a way to bring them back?

mini how-to to _fake_ front camera for Google+ Hangouts

all you need to do, is get the permission XML for from face camera device rom (used the one from VIVO), and push it system, via recovery.
adb reboot recovery; adb shell mount -a; adb push android.hardware.camera.front.xml /system/etc/permissions/; adb shell fix_permissions; adb reboot
done
....
PROFIT
PS: this is NOT a flashable zip. but anyone wants to make one, be my guest
thanks to Kali- for the tips
Pushed the xml to the permisions folder with no problems. Ran fix_permissions and rebooted, doesn't appear to have done anything. I can verify that the xml is in the correct folder but google + just doesnt want to do hangouts.
Nexus One running CM7
Any ideas?
EDIT: I was wrong, I thought I would be able to start a hangout but once I found an existing one I was able to join no problem. THANKS!
Qestion
Will it happen if you copy the "android.hardware.camera.front.xml" in folder "/ system / etc / permissions /" by Root Explorer, and then restart the phone?
jossna said:
Will it happen if you copy the "android.hardware.camera.front.xml" in folder "/ system / etc / permissions /" by Root Explorer, and then restart the phone?
Click to expand...
Click to collapse
Yes, you'll either need to manually change the permissions in root explorer to match all the other files in there, or run fix permissions as per the guide
Smtih said:
Yes, you'll either need to manually change the permissions in root explorer to match all the other files in there, or run fix permissions as per the guide
Click to expand...
Click to collapse
Thanks, I try it, but doesn't work
This is how I got mine to work
There were some permissions issues and my phone can't adb anymore for some reason (seems common with the Captivate), so I did the following from Terminal Emulator:
su
# mount -o rw,remount -t yaffs2 /dev/block/mtdblock2
# chmod 777 /system
# cp /mnt/sdcard/Downloads/android.hardware.camera.front.xml /system/etc/permissions/.
# chmod 644 /system/etc/permissions/android.hardware.camera.front.xml
[Restart into recovery mode]
[Advanced]
[Fix Permissions]
And it worked! You just can't create your own Hangouts from the phone. You can join others though using your back-facing camera!
Thanks OP!
Jason Schoenbrun
jason schoenbrun gmail
-------------------
Why does xda developers require we create user names? If there's anyone who knows this, please let me know as I'm curious.
I haven't created a non-email username since the days of AOL. Now I have to make a dumb-sounding faux name like "hotmama2385" all over again? I really wish I could use my e-mail address as my persona. If I can't, at least I'd like to know out of curiosity why the design decision was made to exclude that possibility. of course as a protection from spambots I'd want some of my e-mail address hidden behind a CAPTCHA.
I know some people are privacy focused and/or want to be able to troll anonymously. So why not allow a username which can take whatever form we chose - AOL-esque IDs or an e-mail address - as most login services allow?
As an aside, I have the same question for Twitter, which is the reason I haven't signed up for it. I pushed off signing up for XDA by a couple of years until I absolutely had to because of this, and rarely log in because I can't remember that stupid username. (I just started to a little more because of LastPass.)
Nice work... I'll try this one...
hello,
how to fix permission?
with a terminal
I'm not sure what command that is specifically from a terminal, but you can type adb reboot recovery and then fix permissions via menu option once in recovery.
yep, but the problem I haven t a recovery mode. I want to say no menu.
I have an HTC evo 4g with CM 7.2RC1.
I implemented this fix, and rebooted, but still, when trying to do a video call, it stays on "video initializing" and never seems to finish. I have the latest skype from market.
What to do?
just maybe
So I installed the sdk tools, and opened cmd, and then cd to where adb is. I then copy and pasted the entire string "adb reboot recovery; adb shell mount -a; adb push android.hardware.camera.front.xml /system/etc/permissions/; adb shell fix_permissions; adb reboot" and pasted that into cmd is that all I do. I tried dong just "adb reboot recover" and waiting till it entered recovery, but then I couldn't do anything. after I pasted the entire string, my phone rebooted, and took a sec then started back up normally it seemed. So I think I did it correctly.
Perfect!!! Thanks, works like a charm on my Nexus One
great on arc s for hangouts
It's working great on arc s to create hangouts, but it still does not enable video chat in google talk.
I really don't understand why front camera is a pre-requisite for it. I shall be able to see at least the other's video if he has a front cam, even if they don't see me. Any way to workaround this issue of googletalk? (either to trick it to use front cam or just to display an empty frame, but receive other end's video).
I tried the same to see if it would work for Talk on my Defy, but no success

[ROOT][ALL] Android Scripts Toolkit (AST)

My thread and project are inactive now. Please accept my apologies for this inconvenience.
ast.ls
Blackout
ast.np
Blackout
ast.pm
Blackout
ast.ops
Blackout
ast.settings
Blackout
ast.storage
Blackout
2nd Feedback
Thanks for the dedicated thread. If I may, some more nitpicking about rudimentary things.
ast.install has hard coded file names of ast scripts, that's not very portable:
l_Scripts=( "ast.ls" "ast.np" "ast.pm" "ast.ops" "ast.settings" "ast.storage" "astcore" )
I have packages ( "ast.ls" "ast.net" "ast.pm" "ast.ops" "ast.set" "ast.sto" "astcore" )
so more generic pattern for handling like ast* may be considered. In case of renaming, ast.install could have a file renaming template (ast.rename) with say key value rows for generic renaming procedure before starting the actual transfer/installation. Another thing it could try to perform chmod 755 after installation.
EDIT: Looks like you have it but it doesn't work as system is read-only for say /system/xbin installation directory. So installation can be performed either by hand from a file manager with root access or TWRP recovery (install script for easy TWRP install may be a solution).
Do you have any comparative performance observations regarding background network access?
2a. The interesting are the influence of size of the blacklist on system/apps behaviour (fluency, speed, memory usage or possibly noticed negative consequences re some specific apps). By default whitelist contains less than a dozen of items, blacklist is empty. What packages would you consider safe to remove from the whitelist, like LG weather widget? Will 300 blacklisted items be completely practical to have?
2b. Battery consumption changes and practical benefits measured re having hundreds of packages blacklisted vs normally empty blacklist.
2c. I remember you mentioned a FW app you installing on the end of device restoration process, what functionality separate FW app provides for your use case, or is that just an app like AdAway?
hotcell said:
Thanks for the dedicated thread. If I may, some more nitpicking about rudimentary things.
ast.install has hard coded file names of ast scripts, that's not very portable:
l_Scripts=( "ast.ls" "ast.np" "ast.pm" "ast.ops" "ast.settings" "ast.storage" "astcore" )
I have packages ( "ast.ls" "ast.net" "ast.pm" "ast.ops" "ast.set" "ast.sto" "astcore" )
so more generic pattern for handling like ast* may be considered. In case of renaming, ast.install could have a file renaming template (ast.rename) with say key value rows for generic renaming procedure before starting the actual transfer/installation. Another thing it could try to perform chmod 755 after installation.
EDIT: Looks like you have it but it doesn't work as system is read-only for say /system/xbin installation directory. So installation can be performed either by hand from a file manager with root access or TWRP recovery (install script for easy TWRP install may be a solution).
Do you have any comparative performance observations regarding background network access?
2a. The interesting are the influence of size of the blacklist on system/apps behaviour (fluency, speed, memory usage or possibly noticed negative consequences re some specific apps). By default whitelist contains less than a dozen of items, blacklist is empty. What packages would you consider safe to remove from the whitelist, like LG weather widget? Will 300 blacklisted items be completely practical to have?
2b. Battery consumption changes and practical benefits measured re having hundreds of packages blacklisted vs normally empty blacklist.
2c. I remember you mentioned a FW app you installing on the end of device restoration process, what functionality separate FW app provides for your use case, or is that just an app like AdAway?
Click to expand...
Click to collapse
I "liked" your post because your nitpicking is only indication of your care and liking AST scripts, I respect that.
Now, onto addressing your 2nd phase of nitpicking, mildly jocking. As I mentioned previously, perhaps in Info Bank thread, once I get a question, in order not to repeat myself I would cover it, thoroughly, in its relevant post/tool. Please read post #3 for everything I could share on Netpolicy.
Naming issues: Please rename/copy ast.install to ast.setup or anything you wish then update the array list to your liking. This is a quick solution for anyone with the same issue. The beauty of AST is you can modify its scripts in any way you wish in a text editor, on any platforms. Please kindky, don't ask me and provide me with the solution when is not practical. I'm referring to your copying idea instead of hardcoded list of scripts. I know what I'm doing in this instance.
ast.install automatically mounts /system to 'rw' if it was 'ro'. If it was 'rw' already it never set it back to 'ro' to avoid causing problems to the process which set it to 'rw' before ast.install was executed. There are times, /system cannot be mounted as 'rw'. I can guess why, but don't wish go into details for now. A reboot often solves the problem. ast.install will show an error message if it fails but you didn't mention that in your post. So I have no idea what you have complained about at the end.
You have mentioned TWRP before as well. In order to avoid confusion to other users, AST has nothing to offer in TWRP and I don't know why you think it does. I have installed AST to /system/xbin on two LG V20 phones with the same script with no issues. If it is easier to do this manually please do by all means. When you mention installing AST from TWRP, you would give the wrong impression to users, as if AST is an overly complicated thing.
I don't have the time nor the patience to measure battery consumption. Battery consumption is very subjective, as you know. However, I would appreciate it if you like to share your future findings with the community in here.
I'm sorry, I don't recall what was exchanged in reference to 2.c.
Since I know you like AST, how about sharing something with the community about how it made things easier for you? That is a feedback too. No one would take my word for it because they think I'm on my way to become a millionaire.
3rd Feedback
xdav20 said:
I "liked" your post because your nitpicking is only indication of your care and liking AST scripts, I respect that..
Click to expand...
Click to collapse
I never do posts asking or hoping for likes. That would be rather strange assumption. Regarding your obviously negative connotation here, it would be more appropriate if you simply remove the "like" you made.
Now, onto addressing your 2nd phase of nitpicking, mildly jocking. As I mentioned previously, perhaps in Info Bank thread, once I get a question, in order not to repeat myself I would cover it, thoroughly, in its relevant post/tool. Please read post #3 for everything I could share on Netpolicy.
Click to expand...
Click to collapse
Thank you for more detailed explanation. I have to note that you added the explanations in your post #3 after I asked the relevant net policy questions. Either way, IMHO your statement "I think the performance loss or gain is debatable, totally dependant on how Android internally implemented it, and, frankly, this is something I don't wish to get heavily involved with. Please kindly, keep me out of future debates." is not very encouraging. To me it seems that you aren't interested in the discussion of benefits in performance or possible battery savings here, thus logically negating the major possible purpose of using your tool from users perspective. That's strange indeed, but I do respect your wish, so that's it.
Naming issues: Please rename/copy ast.install to ast.setup or anything you wish then update the array list to your liking. This is a quick solution for anyone with the same issue. The beauty of AST is you can modify its scripts in any way you wish in a text editor, on any platforms. Please kindky, don't ask me and provide me with the solution when is not practical. I'm referring to your copying idea instead of hardcoded list of scripts. I know what I'm doing in this instance.
Click to expand...
Click to collapse
Here you are contradicting yourself. As you previously mentioned, you made a deliberate effort to ensure any script can be renamed and still maintain its integrity thus boosting flexibility of usage even more. But here you are basically insisting such move would not be practical. In previous post I suggested you to maintain this flexibility by introducing renaming templates file, so updating the tool will be a simple seemless step/command, without manual intervention required, regardless of a chosen naming scheme. Well, again, it's your call. Perhaps you'd reconsider, just like you did with the inner AST folder in the distribution archive (Thanks BTW for that!).
ast.install automatically mounts /system to 'rw' if it was 'ro'. If it was 'rw' already it never set it back to 'ro' to avoid causing problems to the process which set it to 'rw' before ast.install was executed. There are times, /system cannot be mounted as 'rw'. I can guess why, but don't wish go into details for now. A reboot often solves the problem. ast.install will show an error message if it fails but you didn't mention that in your post. So I have no idea what you have complained about at the end.
Click to expand...
Click to collapse
Indeed I mentioned this due to failure to obtain the expected result on execution of ast.install. Note this script can't be run from ext SD card due to the obvious permission / media format issue. But, normally the /system is in RO state, so even if jackterm has required root permission, the ast.install still would fail when run from internal storage:
elsa:/storage/emulated/0/Download/ast #sh ast.install /system/xbin
cp: /system/xbin/ast.ls: Read-only file system
chmod: chmod '/system/xbin/ast.ls' to 100755: Read-only file system
cp: /system/xbin/ast.net: Read-only file system
chmod: chmod '/system/xbin/ast.net' to 100755: Read-only file system
cp: /system/xbin/ast.pm: Read-only file system
chmod: chmod '/system/xbin/ast.pm' to 100755: Read-only file system
cp: /system/xbin/ast.ops: Read-only file system
chmod: chmod '/system/xbin/ast.ops' to 100755: Read-only file system
cp: /system/xbin/ast.set: Read-only file system
chmod: chmod '/system/xbin/ast.set' to 100755: Read-only file system
cp: /system/xbin/ast.sto: Read-only file system
chmod: chmod '/system/xbin/ast.sto' to 100755: Read-only file system
cp: /system/xbin/astcore: Read-only file system
chmod: chmod '/system/xbin/astcore' to 100755: Read-only file system
I) ast.install: Installation completed.
elsa:/storage/emulated/0/Download/ast #
Why and how reboot supposed to resolve that?
EDIT: Looks like it works fine when performed right after reboot! It would be nice if install script would try to perform a mount, cp, chmod and report about the failure. Instead of showing the (fake) message "Installation completed." the hint to reboot and retry would be much more useful.
You have mentioned TWRP before as well. In order to avoid confusion to other users, AST has nothing to offer in TWRP and I don't know why you think it does. I have installed AST to /system/xbin on two LG V20 phones with the same script with no issues. If it is easier to do this manually please do by all means. When you mention installing AST from TWRP, you would give the wrong impression to users, as if AST is an overly complicated thing.
Click to expand...
Click to collapse
It has nothing to do with wrong impressions. All I tried to suggest was an attempt to provide a path to easy and working solution to install/update AST and have a workaround for system RO state issue as described above. One still will have to ensure the system partition is mounted in TWRP before doing AST install/update. Sure if ast.install or its exec environment can be fixed, there would be no need to reboot to recovery or perform manual steps with a file manager.
I don't have the time nor the patience to measure battery consumption. Battery consumption is very subjective, as you know. However, I would appreciate it if you like to share your future findings with the community in here.
Click to expand...
Click to collapse
If and when I'll proceed with net policy customisation and start to have some comarative data on battery consumption, I'll try to post here without involving you to the subject as per your wish to keep you out of future debates.
@hotcell
I have attached a modified version of ast.install that would double check if 'mount' command remounted /system rw or not. If the script still fails to copy your scripts, without displaying an error message, then, and previously, the problem has nothing to do with my script. I haven't developed 'mount' binary nor know why on your particular system things doesn't work normally. There is no 'fake' message, because of what happens the script assumes everything went well. If the scripts were previously copied to the target location, there is no easy way to know if the copy was successful or not. For such non-critical job, doing more is waste of time.
"ast.storage -lb online" displays the mounted partitions. The very last data is the current read/write status of the partition. After a reboot, could you run the above command to see what it prints about /system partition before and after running ast.install please.
I'm a tool maker, I'm not going to tell anyone where you can use my tool. I can provide guidance how the tool should be used, for productivity purposes only. What thing you have forgotten was, ast.np is a helper tool for Android Netpolicy tool. Without ast.np it is, literally, impossible to use it due to the input format it takes. Knowing how over analytical you can be, I made it clear I wish to stay away from any future debates myself. I have not stated, no one else can debate about it on my thread. I'm sorry, if you took my statement personally and I encourage you to use my thread to discuss anything related to AST. I would response, if I had to.
I thought for a while, how can I prove to @hotcell I wasn't being sarcastic when I "liked" his post? My proof is at the very end of that post when stated: "Since I know you like AST, how about sharing something with the community about how it made things easier for you?" If I didn't mean it, I wouldn't have stated a factual thing, I would had said; "If you like AST then why don't you...". Since I meant what I said without a menacing connotation, I stand by my previous decision. However, I do share your sentiment about the "like" system in place.
I have a serious issue with you or anyone else who think I have to accommodate to their specific needs in the same release that is meant for the public and no matter how accommodating I have been to you, you still have an approach that I don't feel comfortable with it. I will response equally to anyone who would want to dedicate terms to me. Once you renamed the scripts, I do not have to change the installer with your suggestion method, period. Have you thought, in the same directory users might have scripts or files starting with the "ast" prefix? That was the reason I hard-coded the script names to avoid potential disasters.
Edit: Noticed your edited comment about everything started working after a reboot. I do not like to discuss about something, specially in a public forum, when I do not have factual information. I'm normally good at observing patterns. I'm purely guessing, the reason behind the failure of mount command is to do with how certain file managers that support root handle mounting /system partition. Of course, there is always more than one reasons to such conditions.
Here is what you can do to see if that is the caase or not. Do everything as you would do after a reboot. Use the file managers you use and access the /system partition and copy something over to force the file manager to make the /system partition rw. Exit the file manager and then try the installer script again. Repeat the same thing, this time don't use the same file managers and after the system has been up and running for awhile, try the installer script again. What did you observe?
4th Feedback
Yes, you were right. After writing to the /system with MiXplorer file manager, the ast.install script fails. See screenshots: first made befre using MiX on /system, after that script worked; the second pic shows the ast.install.sh failure after using MiX, please note the (fake because of actual failure to mount and errors reported before) success report on the last line; the trird pic was made after the failed install. Also, with Root explorer, it asks to remount the system partition as R-W for operation, after that the ast.install(.sh) fails exactly as shown on the middle pic.
xdav20 said:
There is no 'fake' message, because of what happens the script assumes everything went well. If the scripts were previously copied to the target location, there is no easy way to know if the copy was successful or not.
Click to expand...
Click to collapse
The easiest way to know is probably to try to write an empty file into installation dir and check for its existance. Another way would be checking file timestamp.
I have a serious issue with you or anyone else who think I have to accommodate to their specific needs in the same release that is meant for the public and no matter how accommodating I have been to you, you still have an approach that I don't feel comfortable with it. I will response equally to anyone who would want to dedicate terms to me. Once you renamed the scripts, I do not have to change the installer with your suggestion method, period. Have you thought, in the same directory users might have scripts or files starting with the "ast" prefix? That was the reason I hard-coded the script names to avoid potential disasters.
Click to expand...
Click to collapse
Of course you don't have to accomodate or appease anyone. If maintaining renaming flexibility and extending that to install script is not you goal AST tool may benefit in terms of flexibility, just forget about this. And yes, I thought about ast prefix oversimplicity. That is the exact reason why I suggested ast.rename file template where one can explicitly define source-destination name pairs. So having a single fixed named file name for such template is all needed to avoid any possible clash.
hotcell said:
Yes, you were right. After writing to the /system with MiXplorer file manager, the ast.install script fails. See screenshots: first made befre using MiX on /system, after that script worked; the second pic shows the ast.install.sh failure after using MiX, please note the (fake because of actual failure to mount and errors reported before) success report on the last line; the trird pic was made after the failed install. Also, with Root explorer, it asks to remount the system partition as R-W for operation, after that the ast.install(.sh) fails exactly as shown on the middle pic.
The easiest way to know is probably to try to write an empty file into installation dir and check for its existance. Another way would be checking file timestamp.
Of course you don't have to accomodate or appease anyone. If maintaining renaming flexibility and extending that to install script is not you goal AST tool may benefit in terms of flexibility, just forget about this. And yes, I thought about ast prefix oversimplicity. That is the exact reason why I suggested ast.rename file template where one can explicitly define source-destination name pairs. So having a single fixed named file name for such template is all needed to avoid any possible clash.
Click to expand...
Click to collapse
Thank you for the quick response. Of course, if my script fails, so as everything else from command line. Now that we established my guess is an actual fact, I have another immediate concern.
Thanks to your screenshots, I have noticed storage.ast -lb command is not displaying the partition fs type and partition read&write status of /system and /userdata and there were errors. I installed Mixplorer and navigated to xbin and created a file. Went back to terminal and used ast.storage -lb online again and it reported everything correctly. You either have a corrupt fs table or there is a condition that I haven't seen before. To make sure, I would like to ask you to send me the following files by running these commands please:
Code:
cat /proc/mounts > mounts
cat /proc/self/mountinfo > mountinfo
cat /proc/self/mountstats > mountstats
Please make sure you have used Mixplorer or the usual things you do that may cause the problem first.
Edit: After a reboot, please run the ast.storage -lb online again and please report back if there were errors. I'm guessing if you do, there is something wrong on your end.
Disclaimer: At the time of publication of this article, I have not found a way to remedy the problem with the application mentioned in this article. If you did, please notify me to make the appropriate changes to this article.
This article came to existence after exchanging messages with @hotcell to which my further investigation revealed a problem with MIXplorer app. I understand MIXplorer has a thread on XDA so there is a chance the developer to be contacted to rectify the problem.
The problem is after /system partition is remounted 'rw' (Read & Write) MIXplorer does not set the partition back to 'ro' (Read-only) even after the application is closed explicitly. This can leave you extremely vulnerable in case a malicious app awaits for such opportunity. Fortunately, after a reboot all partitions will be set back to their default status. However, users might not reboot their phones for days.
Root Explorer from SpeedSoftware has a mount toggle (rw,ro) button for each partition you use which it gives you the control to change the status at will. Then I tested ES File Explorer, as soon as I closed the app the /system was remounted back to 'ro'.
Thanks to ast.storage -lb command I could easily tell what was going on. My advice to you is, to either contact the developer of MIXplorer and request the partitions to be remounted as 'ro' upon exiting the app or similarly to provide a toggle button. In the mean while, I wouldn't use MIXplorer on a device that is connected to the internet.
5th
@xdav20
Although irrelevant in the thread common context, please see the attachment below (as it looks like you disabled PM functionality).
I see your AST gives formatting errors, but practically I can't see any problems with my system. Also, looks like if /system left R-W mounted by a file manager or other app, AST has no way to proceed. As you noticed about re-mounting on-the-fly from UI, reboot can be avoided by remounting the /system as RO in Root Explorer. Also, another decent file manager X-plorer doesn't need an (clean) exit as it will re-mount the system as RO after FS operation finished.
hotcell said:
@xdav20
I see your AST gives formatting errors, but practically I can't see any problems with my system. Also, looks like if /system left R-W mounted by a file manager or other app, AST has no way to proceed..
Click to expand...
Click to collapse
Thank you for the files. I will start looking into them.
I have already stated, two posts up, ast.storage's -lb command works fine on my phone even with MIXplorer installed and /system remounted rw. While I'm trying to establish if your phone has a problem or not, I have to be here correcting your incorrect statement. Also, I'm wondering why you never reported the error messages before when you did about other things?
Edit: I have attached a screenshot to prove everything works. I deliberately set the /system to rw.
6th
xdav20 said:
Thank you for the files. I will start looking into them.
I have already stated, two posts up, ast.storage's -lb command works fine on my phone even with MIXplorer installed and /system remounted rw. While I'm trying to establish if your phone has a problem or not, I have to be here correcting your incorrect statement. Also, I'm wondering why you never reported the error messages before when you did about other things?
Click to expand...
Click to collapse
Perhaps my statement is incorrect, I've no idea. But how would you explain that after Root Explorer toggling to RO state ast.install works perfectly, what Root Explorer can do that ast.install can't?
For the last question there is an easy answer: When I reported about "fake installation success" clause, it was obvious the copy failed, screenshots were attached. Timing to report wasn't/isn't critical for me. Also, looks like you are using SuperSU while I've Magisk, maybe there are some diffs/settings related?
EDIT: After playing with renaming ast.net in /system/xbin via X-plore, Root Explorer and MiX more:
1. X-plore always know how to rename the file
2. Root Explorer knows and warns when in RO state, but fails to rename after subsequent renamings in other FMs. Toggling RW->RO>RW restores renaming capability.
3. MiX fails to rename first.
hotcell said:
Perhaps my statement is incorrect, I've no idea. But how would you explain that after Root Explorer toggling to RO state ast.install works perfectly, what Root Explorer can do that ast.install can't?
For the last question there is an easy answer: When I reported about "fake installation success" clause, it was obvious the copy failed, screenshots were attached. Timing to report wasn't/isn't critical for me. Also, looks like you are using SuperSU while I've Magisk, maybe there are some diffs/settings related?
EDIT: After playing with renaming ast.net in /system/xbin via X-plore, Root Explorer and MiX more:
1. X-plore always know how to rename the file
2. Root Explorer knows and warns when in RO state, but fails to rename after subsequent renamings in other FMs. Toggling RW->RO>RW restores renaming capability.
3. MiX fails to rename first.
Click to expand...
Click to collapse
Found the cause, I think I have the solution, and I have to leave to my dentist appointment soon. I will release a fix as soon as I can. There is nothing wrong with your device but with what you use that commonly cause problems to everyone else's (not literally) code. Thanks again for the files. The future fix will not fix the mount issue, mount issue is a common issue in Android because so many processes use /system partition and bound to be conflicts.
7th
xdav20 said:
Found the cause, I think I have the solution, and I have to leave to my dentist appointment soon. I will release a fix as soon as I can. There is nothing wrong with your device but with what you use that commonly cause problems to everyone else's (not literally) code. Thanks again for the files. The future fix will not fix the mount issue, mount issue is a common issue in Android because so many processes uses /system partition and bound to be conflicts.
Click to expand...
Click to collapse
Thanks, although I have no idea what you are going to fix (as it seems the issue is in mounting)
Anyway, I thought you can try to implement an algo like this:
1. check if /system looks mounted as RW, remember the state for later restoration, if not RW, try to re-mount
2. create am empty file named as current time in installation dir
3. try to check if it exists. if yes, delete it and set flag ready=true and proceed to #5.
4. if flag tried is not set (false), try to make double re-mount RW>RO>RW, set flag tried=true, return to #2.
5. if flag ready=false, return error message asking to either reboot or mount /system as RW and exit
6. if ast.rename is absent from install dir, perform scripts copy, otherwise the same with renaming according to the template
7. set chmod on script files as required. Done.
@hotcell
I have attached a pre-release version of AST to this post. This release contains support to handle multiple mountpints on online blocks. Android by default has one single mountpoint per block. However, components/su such as Magisk creates additional mountpoints, one on /dev/block/sda14 and two on /dev/block/sda18. AST can now handle multiple mountpoints on any online blocks, referring to -lb command. Thank you again for the files and your assistance in resolving this issue.
As you have guessed by now, Magisk was the cause of errors and I'm guessing the source of your /system mount issues. Now, that '-lb' command can show correct information on your device, you can keep your eyes on read and write status of both mountpoints on /dev/block/sda14. Please kindly provide a screenshot of '-lb online' so I can make sure everything was okay before releasing it on OP. Since you have installed AST in /system/xbin, please do not run anything locally without specifying its full parh in command line. I'm updating OP about this point shortly.
One minor matter, I have to respectfully ask you to refrain from referencing to AST scripts as your renamed versions. I got confused when you referenced ast.np to ast.net. For anyone following our conversations it can workout confusing too. At this point of time, I don't wish to make a rule and publish it on OP. I hope you can understand the point I raised. Thank you for your understanding.
Edit:01
Added two screenshots. Magisk-Partitions image shows the online partitions with Magisk being installed (based on your device data files) and Default-Partitions image shows a typical device without Magisk? Have you spotted the additional entries?

(noob-ish) AmazonKindleFire7-2019: Where to put startup scripts eg. iptables rules.

Hi all.
I'll make my apologies if this post is in the wrong place or against any rules, if so sorry for creating more work for the mods!
I dabble in Linux, so bear with me here. I am not a complete noob, but to some of you folks here, I am certainly in the gutter of the pecking order
So I got a cheap Amazon Kindle Fire 7" 2019 model, and thanks to this forum have used diplomatic's mtk-su tool to get superuser (su/root) on adb and Termux, which has allowed me to get rid of a lot of Amazon bloat and data collection, and system apps that just aren't useful, replace the launcher and generally make this tablet useable.
I have not, as of yet, installed a modified boot loader/twrp/magisk stuff. I am trying to avoid that route, as there is quite a chance of me messing up and I am destructive when trying to take things apart (maybe unplug battery required).
On to network interface security.
I've installed NetGuard, read a lot and understand the idea behind how it works. Dump unwanted traffic to a sinkhole VPN connection.
I would like to utilise iptables. After using mtk-su in termux, I can access and create rules and these apply instantly. All seems to work as expected, however, as we all know iptables rules are not persistent and a reboot clears them all out and replaces with the stock ruleset - which is a bit too open and has strange stuff in it.
Q:
Run a my_rules script on startup.
So I can write a .sh script with the iptables rules I want applied. It won't have root permission and won't run, but if executed at boot time by another script? ( .rc ) which does have permission to do root things, the script should run, rules be applied and I can be happy.
For one thing, I am not sure quite where to add my script. I have read somewhere that the .rc files I can see are actually created from a secure/encrypted/compressed store which is uncompressed at boot time. So editing an .rc file which is freshly created is pointless.
Secondly, I guess import <name of script -no.sh extension->? won't work, and will probably need service <name of script> and oneshot or another command.
Am I going to have to go the twrp/magisk route? Do I really need to make changes to more than I can access with root and a terminal on the running device?
Thank you for your time and patience to read this post.
I am obviously not reading enough!
It seems the /system/ folder is all read-only. I can't even "cp /system/bin/install-recovery.sh /system/bin/install-recovery_bak.sh" to back up the existing.
Will try mounting /system as rw, maybe.
*edit*
OK, a major problem is that /system is not writable. mount -o remount,rw /system or /dev/block/dm-0 looks like it works but the location still cannot accept new files created or changes to existing files.
There seems to be a watchdog or something running which prevents changes to the mounting here.
So, I conclude this is what people mean by rooting - booting a modified system which allows access to these such places. Having su in a terminal /adb is all great, but still can't do everything - opens up the opportunity of going further and changing boot loader, twrp and magisk though.
Sigh, I was hoping to avoid that path.
I can, at least, launch a small shell script which would leverage mtk-su to run and write my iptables rules into the running system. But this would be a manual exercise and I am bound to forget to apply it.
If mods wish to delete this thread, I have no objection. but maybe it might help someone else in my situation to understand a little more or maybe not.
I think I am showing how much of a noob I am here. Sorry.

Magisk and /Systempartition rw???

Hey, thank you!
Yes, I really have some very important questions for someone who knows their stuff!
So: I have an almost unknown smartphone, a Beafon X5. With Android 7.0.
A great device, just for one.. "Modder" like me, a bit problematic, because absolutely no custom software can be found for it...
But now I've managed to trying Rootaccess For the device.. With your Awesome app, Mtk Easy root and magisk.
My questions :
# can I somehow change the /system/ directory to rwx 7777 for me? Because now it doesn't work, just because of the systemless root. (at least I think) The chown/chmod commands Not working.
It will be" read-only file system" every time printed. I just want to replace the boot animation.
# Question 2:
Why can I only use after every reboot, mtk-Easy-root again from new, to activate magisk?? Why didnt work magisk, Although the SU is insatlled? Only if the mtk script has been run before, I can use the superuser in the magisk Manager Serve.
Have you an idea for this Problem?
Thank you, and best wishes from germany!
by Felix
Rootbbit said:
Hey, thank you!
Yes, I really have some very important questions for someone who knows their stuff!
So: I have an almost unknown smartphone, a Beafon X5. With Android 7.0.
A great device, just for one.. "Modder" like me, a bit problematic, because absolutely no custom software can be found for it...
But now I've managed to trying Rootaccess For the device.. With your Awesome app, Mtk Easy root and magisk.
My questions :
# can I somehow change the /system/ directory to rwx 7777 for me? Because now it doesn't work, just because of the systemless root. (at least I think) The chown/chmod commands Not working.
It will be" read-only file system" every time printed. I just want to replace the boot animation.
# Question 2:
Why can I only use after every reboot, mtk-Easy-root again from new, to activate magisk?? Why didnt work magisk, Although the SU is insatlled? Only if the mtk script has been run before, I can use the superuser in the magisk Manager Serve.
Have you an idea for this Problem?
Thank you, and best wishes from germany!
by Felix
Click to expand...
Click to collapse
For question 1:
Android as a system (linux-like) mounts the system partition as ro (Read-only) by default when booting. In order to be able to modify it, you need to remount the desired partition as rw (read-write) as follows:
While being a root user (#) enter this command in adb or terminal on your phone:
Code:
mount -o rw,remount /system
To revert back to ro (you should do it after you're done), use:
Code:
mount -o ro,remount /system
For question 2:
That app is based on Mtk-su exploit. You can read an article from xda here. Basically, your device's bootloader stays locked, but root resets every reboot, because the attained privileges are only temporary. (su gets to run from /data/local/tmp).
Remember!!! You Bootloader is still locked, meaning AVB and dm-verity are still active. If you modify system (changing the total checksum), you will brick your device!!! And if you unlock the Bootloader, then what's the point of Mtk-su ..........
Hope I helped you somehow.
Schlank K:
Thank you, but I'm not a complete noobThank you, but I'm not a complete noob Thanks, really. But I tried these methods ed for a long time...
The same thing still happens, I mounted, there is no contradiction, but then nothing actually happened either...
Individual blocks can be mounted in the main directory, but not specifically the system/block. I actually only planned to do this stupid boot animation from the system/media folder. Delete/replace/rename/move zip, whatever, to finally get rid of the thing for my own ani...
And there it started. I've already spent several hours on the net to find a way. There are many options, but none have worked for me so far..
Looks like dm-verity is in effect. Disable it and then mount should work.
xXx yYy said:
Looks like dm-verity is in effect. Disable it and then mount should work.
Click to expand...
Click to collapse
Hey, thanks
I've already tried that. Detects my system Not.
AVB ( dm-verity ) is bootloader related. You typically use Fastboot to disable it.
Rootbbit said:
Hey, thanks
I've already tried that. Detects my system Not.
Click to expand...
Click to collapse
Rootbbit said:
Hey, thanks
I've already tried that. Detects my system Not.
Click to expand...
Click to collapse
In addition
xXx yYy said:
AVB ( dm-verity ) is bootloader related. You typically use Fastboot to disable it.
Click to expand...
Click to collapse
I've already tried that. My fastboot gets the same message. I have already tried the system block mounting, via dev/blocks/ but there I also get the read-only message.
Or mounting via busybox, I've already done everything.
I've googled a lot about it, and found nothing else that helps , otherwise I wouldn't have asked here on xda.
There are these read-only ROMs, how do I recognize them? Is ext4 not also read-only from manufacturer from
Thanks, guys
is your bootloader unlocked!?
you know disable-verity is adb applet, don't you?
you have been warned don't do this on locked bootloader. happy bricking..
btw there is such thing like magisk modules no need to modify system partition at all. just read the Magisk Developer Guides Module Tricks section

Categories

Resources