Steps necessary to permanently enable user root?
Let's say I have remote root access to my CID 11 G900V phone on the stock android 6.0.
What do I need to do to allow user to have root and persist through reboots/checks?
No promises yet,
only have uid=0(root) gid=0(root) context=u:r:init:s0
on the remote side accessing the phone.
R&D:
5.0 post-root performs:
Set permissive for init
Set permissive for init_shell
Set permissive for s_init_shell
type s_init_shell does not exist
Set permissive for kernel
Set permissive for shell
Set permissive for toolbox
type toolbox does not exist
Set permissive for toolbox_exec
type toolbox_exec does not exist
TOY
smokerbond said:
Steps necessary to permanently enable user root?
Let's say I have remote root access to my CID 11 G900V phone on the stock android 6.0.
What do I need to do to allow user to have root and persist through reboots/checks?
No promises yet,
only have uid=0(root) gid=0(root) context=u:r:init:s0
on the remote side accessing the phone.
Click to expand...
Click to collapse
There are essentially two ways: one requires modification of the kernel and one requires modification of the /system partition. Neither can work for Android 6.0 with a locked bootloader. The reason we don't have root available for 6.0 ROMs on locked bootloader phones is not because we can't get root, but because there is no way to keep it. Your method may still be helpful though to accomplish small tasks with temporary root.
Edit:
If you can manage to disable dm-verity like has been done in the link below, the /system partition can be modified and superSU/permanent root can be theoretically installed.
http://forum.xda-developers.com/lg-g5/how-to/guide-adb-root-rw-dm-verity-off-sprint-t3523499
Hariiiii said:
There are essentially two ways: one requires modification of the kernel and one requires modification of the /system partition. Neither can work for Android 6.0 with a locked bootloader. The reason we don't have root available for 6.0 ROMs on locked bootloader phones is not because we can't get root, but because there is no way to keep it. Your method may still be helpful though to accomplish small tasks with temporary root.
Edit:
If you can manage to disable dm-verity like has been done in the link below, the /system partition can be modified and superSU/permanent root can be theoretically installed.
http://forum.xda-developers.com/lg-g5/how-to/guide-adb-root-rw-dm-verity-off-sprint-t3523499
Click to expand...
Click to collapse
Interesting, thanks for the info.
Still working on disabling SELinux right now.
I understand why the kernel cannot be modified (the bootloader checking for specific kernel) but why can I not change /system?
smokerbond said:
Interesting, thanks for the info.
Still working on disabling SELinux right now.
I understand why the kernel cannot be modified (the bootloader checking for specific kernel) but why can I not change /system?
Click to expand...
Click to collapse
Dm-Verity. I believe it works through the kernel checking several key directories including /system for any modifications on boot.
Hi lovers of root. I worked on change android mode to Permissive. But it didn't work. I installed selinuxmodechanger and selinux switcher . Both of them didn't work. Also I tried shell terminal emulator writing su and setenforce 0 but it replied me to as " couldn't set enforcing status to '0' ; permission denied". My device has a root(supersu). I read a lot about this. Some places are saying init.d method but i made it, too. It didn't work or I couldn't it. So I want to change mode to Permissive. Thank you for your Helps.
You need a custom kernel with SELinux disabled to be able to disable the SELinux on Samsung devices.
forumber2 said:
You need a custom kernel with SELinux disabled to be able to disable the SELinux on Samsung devices.
Click to expand...
Click to collapse
Where can i find custom kernel and how to install it?
Hi all,
I've followed the threads at https://forum.xda-developers.com/showthread.php?t=2003836 and https://forum.xda-developers.com/showthread.php?t=2502559 to the best of my ability but can't seem to get this to work for the life of me! I'm stuck on the part where insmod is used to load the md4.ko and cifs.ko modules. I get "insmod: failed to load /system/lib/modules/<module name>: Permission denied" errors in either case.
I have ensured that I am properly rooted, BusyBox 1.26.2 is installed to /system/bin and /system is mounted as read-write. All relevant files/directories have 777 permissions and I am running these commands as root. So what else could be the problem??
I've tried this from both Terminal Emulator on the phone itself, and also from an adb shell on my PC. Can't use adb localhost on the phone as it doesn't seem to be installed (I get "sush: adb: not found" when trying to run "adb").
Curiously, running the insmod command and having it fail seems to remount /system as read-only again (prompt changes from "zeroflte:/ #" to "1|zeroflte:/ #", which it was before the first remount). Could this have anything to do with the issue?
MTIA as I've been tearing my hair out for the best part of a day trying to figure out what the %$#& I'm doing wrong!
Kernel modules needs to be compiled for the specified kernel that you are currently using on your phone. If the insmod detects that the module is not compiled for the kernel that the device currently running on, it wont allow to load them. But in that case, if I remember correctly, a different error should be shown instead of "Permission denied" error (at least it was like that on kernel 2.6.xx, may it had been changed on 3.xx).
Or with a very low chance, maybe the SELinux prevents the insmodding the modules.
forumber2 said:
Kernel modules needs to be compiled for the specified kernel that you are currently using on your phone.
Click to expand...
Click to collapse
OK, how would I go about rebuilding the kernel myself? I have TWRP installed and know how to flash the resulting image, but have no idea where to even start with kernel modification and haven't been able to find much on the subject for my specific device.
forumber2 said:
But in that case, if I remember correctly, a different error should be shown instead of "Permission denied" error (at least it was like that on kernel 2.6.xx, maybe it has been changed on 3.xx).
Click to expand...
Click to collapse
Does that mean that even if I could bypass the permission denied error, I would be likely to get other errors? If so, should I simply give up on trying to get those modules to work?
forumber2 said:
Or with a very low chance, maybe the SELinux prevents the insmodding the modules.
Click to expand...
Click to collapse
I have tried "setenforce 0" and "setenforce Permissive" just in case those commands might help, but neither one did (getenforce returned "Enforcing" after running either command as root).
Hello,
I have rooted my pixel 3 by using Magisk,
my version is still Android pie,
it has successfully rooted but then when I type "adb root" it returns adbd cannot run as root in production builds,
I found out it might because I need to disable the verity, but when I type adb disable-verity it shows "verity cannot be disabled/enabled - USER build",
I have tried to follow the steps from https://android.stackexchange.com/q...dm-verity-on-android-with-user-build-type-rom but I don't quite understand how to do it,
I was wondering if anyone have more specific steps that will be able to disable the verity.
Thanks!
Skylar514 said:
Hello,
I have rooted my pixel 3 by using Magisk,
my version is still Android pie,
it has successfully rooted but then when I type "adb root" it returns adbd cannot run as root in production builds,
I found out it might because I need to disable the verity, but when I type adb disable-verity it shows "verity cannot be disabled/enabled - USER build",
I have tried to follow the steps from https://android.stackexchange.com/q...dm-verity-on-android-with-user-build-type-rom but I don't quite understand how to do it,
I was wondering if anyone have more specific steps that will be able to disable the verity.
Thanks!
Click to expand...
Click to collapse
In magisk advanced settings untick preserve adb verity and reinstall.
wangdaning said:
In magisk advanced settings untick preserve adb verity and reinstall.
Click to expand...
Click to collapse
Hello,
Thank you for your respond.
I have done that and it still doesnt let me disable the verity.
Is there any other way I can disable the verity?
Thanks!
Skylar514 said:
Hello,
Thank you for your respond.
I have done that and it still doesnt let me disable the verity.
Is there any other way I can disable the verity?
Thanks!
Click to expand...
Click to collapse
Use proton kernel!
pheco said:
Use proton kernel!
Click to expand...
Click to collapse
Hello,
I just installed the proton kernel,
and I checked my kernel version it is "Linux version 4.9.191-Proton-v19-g225054cc ([email protected]) (GCC 9.1.0) #20 SMP PREEMPT Sun Sep 8 21:50:57 PDT 2019",
but when I tried adb dm-verity it still shows verity cannot be disabled/enabled - USER build.
I was wondering if you have any idea?
Thank you.
I think you might have to do it to both slots. If it is still enabled on one of them I think it still checks.
Hello,
I upgrade my phone to android 10, and I can't flash the proton kernel,
I have done it to both slots and its still unable to disable.
Any idea?
Thank you!
Skylar514 said:
Hello,
I upgrade my phone to android 10, and I can't flash the proton kernel,
I have done it to both slots and its still unable to disable.
Any idea?
Thank you!
Click to expand...
Click to collapse
As far as I know you cannot do it in 10. I have never updated and tried, but that is what I have heard. There is no way to modify system except systemlessly with magisk modules. What exactly are you trying to do, might help get more suggestions if you tell us.
wangdaning said:
As far as I know you cannot do it in 10. I have never updated and tried, but that is what I have heard. There is no way to modify system except systemlessly with magisk modules. What exactly are you trying to do, might help get more suggestions if you tell us.
Click to expand...
Click to collapse
I am trying to run python script on the phone, so I have found this website https://medium.com/swlh/python-on-android-root-4aa56f22070a
and I was trying to follow the step to install python on the phone, but I am stuck at the adb remount command step.
It shows that I need to type adb root, but when I typed adb root it shows "adbd cannot run as root in production builds",
and I have try mount -o rw,remount /system, it gave me error "mount: '/system' not in /proc/mounts".
I checked mount and for some reason it shows system_root instead of system for "/sbin/.magisk/block/system_root on /sbin/.magisk/mirror/system_root type ext4 (ro,seclabel,relatime,block_validity,delalloc,barrier,user_xattr)", so I did some research and found out that I need to disable the verity, but when I tried to disable it it gave me the error which is "verity cannot be disabled/enabled - USER build".
Skylar514 said:
I am trying to run python script on the phone, so I have found this website https://medium.com/swlh/python-on-android-root-4aa56f22070a
and I was trying to follow the step to install python on the phone, but I am stuck at the adb remount command step.
It shows that I need to type adb root, but when I typed adb root it shows "adbd cannot run as root in production builds",
and I have try mount -o rw,remount /system, it gave me error "mount: '/system' not in /proc/mounts".
I checked mount and for some reason it shows system_root instead of system for "/sbin/.magisk/block/system_root on /sbin/.magisk/mirror/system_root type ext4 (ro,seclabel,relatime,block_validity,delalloc,barrier,user_xattr)", so I did some research and found out that I need to disable the verity, but when I tried to disable it it gave me the error which is "verity cannot be disabled/enabled - USER build".
Click to expand...
Click to collapse
System partition is under /system_root on Pie. I wonder if you could create a magisk module to install the app systemlessly.
wangdaning said:
System partition is under /system_root on Pie. I wonder if you could create a magisk module to install the app systemlessly.
Click to expand...
Click to collapse
Hi,
So now I am trying to unpack the boot.img file that I downloaded from google firmware website in order to try the method that provided by https://android.stackexchange.com/q...dm-verity-on-android-with-user-build-type-rom.
But I was wondering instead of editing boot.img, should I just edit the magisk_patched.img?
Thanks!
Skylar514 said:
Hi,
So now I am trying to unpack the boot.img file that I downloaded from google firmware website in order to try the method that provided by https://android.stackexchange.com/q...dm-verity-on-android-with-user-build-type-rom.
But I was wondering instead of editing boot.img, should I just edit the magisk_patched.img?
Thanks!
Click to expand...
Click to collapse
You are going to need root so better to modify the magisk boot image.
wangdaning said:
You are going to need root so better to modify the magisk boot image.
Click to expand...
Click to collapse
Hello,
Thank you for your respond!
Do I need to modify boot.img as well?
Or just the magisk_patched.img?
Thank you!
I think there is a way to disable verity before installing the magisk boot img, but you would have to look at the magisk github information.
Sounds good!
Thanks for your advice!
Beside that I was wondering if you know that is there anyway we can access the battery data through abd command?
I know that we can gather cpu frequency info, but I am not sure if we can get the battery data as well.
Thanks in advance!
Maybe check this thread about battery
https://forum.xda-developers.com/pixel-3-xl/themes/looking-mod-to-make-battery-indicator-t3913080
Things I have tried;
1. Setenforce 0(terminal)
2. Selinux mode changer
3. Magisk permissive module
4. Adb shell setenforce 0
Device: SM:A127F
ROM: CrDroid 9.2
Any help would be greatly appreciated. Thanks
Why would you want to do this? Root access is generally enough, and SELinux permissive makes your device more vulnerable to external attack.
https://twitter.com/i/web/status/1359054107592466432
V0latyle said:
Why would you want to do this? Root access is generally enough, and SELinux permissive makes your device more vulnerable to external attack.
https://twitter.com/i/web/status/1359054107592466432
Click to expand...
Click to collapse
This app can't run with selinux enforcing
[email protected] said:
This app can't run with selinux enforcing
Click to expand...
Click to collapse
Use a different app. There's no reason for an app to need SELinux permissive unless it's either badly written, or is actually a trojan.