SELinux Issue? Modifying System CACERTS On Nougat Emulator - Nexus 5 Q&A, Help & Troubleshooting

I'm trying to modify the cacerts file on the system partition of a non-Google Play emulator to avoid annoying messages during development / Pen Testing on Nougat, related to an app I'm working with and I'm running into some issues. Even though I successfully copy the file to the /etc/security/cacerts/ directory and have confirmed the certificate is in the same format, its not showing as a Trusted Credential and gives a permission denied error when utilizing ls -al as a regular user (but displays fine as root). Permissions and file ownership are the same on all certificates, including mine; but my certificate shows up as "unlabeled" when I do an ls -aZl, verses all the working certificates show a label of "system_file". As a result, I'm assuming this is due to SELinux on the emulator, but I'm new to SELinux and I can't figure out what is setting that label. I utilized the following tool to convert file_contexts.bin, but nothing in there appears to reference cacerts. I'm not quite sure where to poke next.
In case it matters, and from a techniques standpoint in case anyone wants to get as far as I have in this:
I utilized Arsenal Image Mounter to mount the system.img file as writeable that was found in the following location:
%USERPROFILE%\AppData\Local\Android\Sdk\system-images\android-25\default\x86_64
Utilizing that I copied my certificate to /etc/security/cacerts/9a5ba575.0 (A copy of this cert is attached as 9a5ba575.0.txt ) . (I did this both as a copy & paste of the local file in Windows, and by duplicating an existing working certificate file utilizing a cygwin bash, and replacing the file contents. Neither method made a difference)
I then built an Android Virtual Device (AVD) and booted it up.
The command ' adb shell "ls -aZl 9a*" as non-root yields (First result is my cert, 2nd is another cert):
Code:
ls: /etc/security/cacerts/9a5ba575.0: Permission denied
-rw-r--r-- 1 root root u:object_r:system_file:s0 7537 2018-08-03 14:57 /etc/security/cacerts/9ab62355.0
The same command run as root yields:
Code:
-rw-r--r-- 1 root root u:object_r:unlabeled:s0 4246 2022-07-06 10:50 /etc/security/cacerts/9a5ba575.0
-rw-r--r-- 1 root root u:object_r:system_file:s0 7537 2018-08-03 14:57 /etc/security/cacerts/9ab62355.0
This shows my certificate is being loaded properly, but has "permission" issues. As you can tell from the ls -aZL output though, the only difference is the security label.
Thanks for your help!

Related

Xperia E Root Problem..Help Please

Hi people,
i have a problem with my xperia E, branded by vodafone portugal and is in warranty,
but i have rooted the phone with a program in the pc, works fine after but some time ago,
i decided to make a factory reset, because some problems , after that i tried to root again, not with the same program, but
with Unlock Root, SuperOneClick v2.3.3 and do not root, i tried apps in the phone like framaroot 1.8.1, GingerBreak, UniversalAndroot 1.6.2 beta 5,
and still nothig, so i installed Root Checker pro and i have this result:
Code:
Root Access is not properly configured or was not granted.
Detailed results:
Superuser Applications Status:
Superuser application - version 3.0.7 - is installed!
SuperSU application - version 1.00 - is installed!
System File Properties for Root Access:
Standard Location
Check Command: Is -I /system/xbin/su: No such file or directory
Result: /xbin/su: No such file or directory
Analysis: File /system/xbin/su does not exist.
Standard Location
Check Command: Is -I /system/bin/su:
Result: /system/bin/su: No such file or directory
Analysis: File /system/bin/su does not exist.
Alternative Location
Check Command: Is -I/sbin/su:
Result: /sbin/su: Permission denied
Analysis: File system permissions restricted and denied access.
Alternative Location
Check Command: Is -I/system/xbin/sudo:
Result: /system/xbin/sudo: No such file or directory
Analysis: File /system/xbin/sudo does not exist.
Root User ID and Group ID Status:
SU binary not found or not operating property
System Environment PATH: /sbin /vendor/bin /system/sbin /system/bin /system/xbin
ADB Shell Default User:
ADB shell setting for standard access, stored in default.prop, is configured as:
shell (Non root) user - ro.secure=1
so you have any solution to restore root access without void the warranty?
install the stock rom resolve the bug?
what is my options?
Regards..
Hi Again,
i resolved (i Think) the problem,..
the root checker pro give-me this now:
Code:
Congratulations! You have root access!
Super User Application Status:
Superuser application - version 3.1.3 - is installed!
SuperSU application - is NOT installed.
System File Properties for Root Access:
Standard Location
Check Command: ls -l /system/bin/su:
Result: /system/bin/su: No such file or directory
Analysis: File /system/bin/su does not exist.
Standard Location
Check Command: ls -l /system/xbin/su:
Result: -rwsr-sr-x root root 100452 2014-07-06 13:42 su
Analysis: Setuid attribute is present and root user ownership is present. Root access is correctly configured for this file! Executing this file can grant root access!
Alternative Location
Check Command: ls -l /sbin/su:
Result: /sbin/su: Permission denied
Analysis: File system permissions restricted and denied access.
Alternative Location
Check Command: ls -l /system/xbin/sudo:
Result: /system/xbin/sudo: No such file or directory
Analysis: File /system/xbin/sudo does not exist.
Root User ID and Group ID Status:
Root user id:
uid=0(root)
Root group id:
gid=0(root)
System Environment PATH: /sbin /vendor/bin /system/sbin /system/bin /system/xbin
ADB Shell Default User:
ADB shell setting for standard access, stored in default.prop, is configured as: shell (non root) user - ro.secure=1
Results provided on your C1505 device by Root Checker Pro version 1.3.6 from joeykrim in the Android Market -
i make the root with Impactor_0.9.14 and resolve-it, but the superuser dont ask for permissions for apps, so dont give access,
i have already unninstall an system app and removed startup apps after this root and the application is unninstalled...
i want acces for usb tunnel from ReverseTethering 3.19 and the superuser dont give me the permissions...
the superuser app list is empty...
any solution?
Regards

[Completed] CANNOT GET ROOT ACCESS: GALAXY i317 NOTE 2

I'm an absolute newbie. Please help.
I went through the rooting process and cannot access it. After running Root Checker Pro, I have the following Analysis on my phone.
Setuid attribute is present and root user ownership present. Root access IS correctly configured for this file! Executing this file can grant root access!
I just don't know what to do from here. I would be grateful for any assistance someone could give me.
Here are the results from Root Checker Pro:
Root Access is not properly configured or was not granted.
Super User Application Status:
SuperSU application - version 2.01 - is installed!
System File Properties for Root Access:
Standard Location
Check Command: ls -l /system/bin/su:
Result: null
Analysis:
Standard Location
Check Command: ls -l /system/xbin/su:
Result: -rwsr-sr-x root root 91980 2008-08-01 08:00 su
Analysis: Setuid attribute is present and root user ownership is present. Root access IS correctly configured for this file! Executing this file can grant root access!
Alternative Location
Check Command: ls -l /sbin/su:
Result: /sbin/su: Permission denied
Analysis: File system permissions restricted and denied access.
Alternative Location
Check Command: ls -l /system/xbin/sudo:
Result: /system/xbin/sudo: No such file or directory
Analysis: File /system/xbin/sudo does not exist.
Root User ID and Group ID Status:
SU binary not found or not operating properly
System Environment PATH: /sbin /vendor/bin /system/sbin /system/bin /system/xbin
ADB Shell Default User:
ADB shell setting for standard access, stored in default.prop, is configured as: shell (non root) user - ro.secure=1
Results provided on your SAMSUNG-SGH-I317 - Android 4.4.2 device by Root Checker Pro version 1.3.7 from joeykrim in the Android Market
Thank you,
Check out THIS thread. Specifically the post HERE. Another thread I would suggest checking out is the one HERE.
Reply
prboy1969 said:
Check out THIS thread. Specifically the post HERE. Another thread I would suggest checking out is the one HERE.
Click to expand...
Click to collapse
I posted my Root Checker Pro Analysis.
I followed the other threads and don't understand what I'm supposed to learn from them.
Please direct me relative to my posted Analysis. If I can't figure it out after that, I guess I'm stuck.
I appreciate the help.
In THIS thread that I linked you to it gives you the answer. I would suggest you post your query in the thread linked for further assistance.

[Q] Re-Root - Desprate for some help

Hello Everyone!
I have spent the last 4 full days trying to fix device and every road I go down leads to a dead end. At this point my frustration and exhaustion has got to the point where I am afraid to proceed for fear I will destroy my phone making the whole ordeal pointless. I will spare you all the details as they are comical at this point and try to provide only the basic information. I used the nexus 5 root kit to gain root access in order to repair an issue with my phone and this is what root checker pro said...
Congratulations! You have root access!
Super User Application Status:
SuperSU application - version 2.02 - is installed!
System File Properties for Root Access:
Standard Location
Check Command: ls -l /system/bin/su:
Result: /system/bin/su: No such file or directory
Analysis: File /system/bin/su does not exist.
Standard Location
Check Command: ls -l /system/xbin/su:
Result: -rwxr-xr-x root root 125424 1970-01-05 10:08 su
Analysis: Setuid attribute is not present BUT root user ownership is present. Root access IS correctly configured for this file! Executing this file can grant root access!
Alternative Location
Check Command: ls -l /sbin/su:
Result: /sbin/su: Permission denied
Analysis: File system permissions restricted and denied access.
Alternative Location
Check Command: ls -l /system/xbin/sudo:
Result: /system/xbin/sudo: No such file or directory
Analysis: File /system/xbin/sudo does not exist.
Root User ID and Group ID Status:
Root user id:
uid=0(root)
Root group id:
gid=0(root)
System Environment PATH: /sbin /vendor/bin /system/sbin /system/bin /system/xbin
ADB Shell Default User:
ADB shell setting for standard access, stored in default.prop, is configured as: shell (non root) user - ro.secure=1
Results provided on your Nexus 5 - Android 4.4.4 device by Root Checker Pro version 1.3.7 from joeykrim in the Android Market
If someone could provide me with instructions on how to proceed I would be eternally grateful, I have become a wash in all the information out there as well as paralyzed by it. Even better if anyone has a spare few moments having a skype buddy there while I execute the instructions would be so very comforting although I realize people have better things to do with their time.
The one good thing to come of this is I now have a keen interest in Android development and look forward to finding and taking classes so in future I am not such a lost fool.
Very grateful for any help offered,
Garrett
[email protected]
Skype ID: thisguyto
1. using fastboot, unlock your bootloader. if its unlocked, ignore this step.
2. flash a custom recovery via fastboot.
3. flash SuperSU via your custom recovery.
4. boot up with root.
no root toolkit needed.
or, read the stickie threads here on xda to get detailed instructions http://forum.xda-developers.com/goo...urce-guides-info-threads-linked-read-t2784527

Toshiba AT100 with Terminal, is some expert able to understand what happens?

Hi all,
I am trying to execute a file named 4 on a tablet Toshiba AT-100 (Android 4.4 not rooted) within Terminal, file has to be moved in the home of the Terminal app but does not cp or mv. Note I have done this without a glitch on various phones NOT rooted, I do not understand why not on the Toshiba AT-100. The file is in /sdcard
>ls /sdcard/4 and the file 4 is there
>ls -al
-rwxrwxr-x root sdcard_rw 95550 2021-11-21 17:00 4
>cd [I move to the dir /data/data/jackpal.androidterm/app_HOME (this should allow to change the execution rights without being root)]
>cp /sdcard/4 .
/system/bin/sh: cp: not found
[************************is it unable to find the command cp or what?]
>mv /sdcard/4 .
failed on '/sdcard/4' - Cross-device link
>cd /sdcard
>./4
/system/bin/sh: ./4: cannot execute - Permission denied
Is anybody able to understand? Maybe Terminal emulator is not working properly, is there any other terminal for Android 4?
Thanks in advance to whomever will explain

Pixel 5a sdcard folder does not exist anymore

Out of nowhere the screen went black and started flickering without being dropped.
I can interact with the phone via adb commands and was trying to recover data.
I ran the commands below and it's as if the /storage/emulated/0 folder is nonexistent.
Is the phone's storage permanently damaged? I can't adb backup or reset the phone since the screen does not work
I was thinking of booting twrp and using the command line to perform a backup but to my knowledge there is not a twrp image for the Pixel 5a on Android 13.
Code:
barbet:/storage/emulated/0 $ du -ms *
du: *: No such file or directory
barbet:/storage/emulated/0 $ ls -la
total 0
drwxr-xr-x 2 root root 40 1971-07-28 00:58 .
drwxr-xr-x 3 root root 60 1971-07-28 00:58 ..
barbet:/ $ ls
acct cache data_mirror etc lost+found odm_dlkm proc storage system_ext
apex config debug_ramdisk init metadata oem product sys vendor
bin d dev init.environ.rc mnt persist sdcard system vendor_dlkm
bugreports data dsp linkerconfig odm postinstall second_stage_resources system_dlkm
$ adb push file.txt /storage/emulated/0/
file.txt : 1 file pushed, 0 skipped. 1.1 MB/s (316 bytes in 0.000s)
adb: error: failed to copy 'file.txt ' to '/storage/emulated/0/file.txt ': remote couldn't create file: Permission denied
$ adb pull /storage/emulated/0/
/storage/emulated/0/: 0 files pulled, 0 skipped.
This errror msg says
Code:
adb: error: failed to copy 'file.txt ' to '/storage/emulated/0/file.txt ': remote couldn't create file: Permission denied
says all.
Your device's Android 13 does not allow ADB to access storage /data/media/0 ,
BTW:
/storage/emulated/0/ is actually /data/media/0/ exposed through an emulated / virtual filesystem, not the actual one.
I see. I have used the prior commands before on other Android versions and it did not occur to me it was an Android 13 limitation.
I have Magisk installed. Is there a way for me to grant adb root access without being able to see the screen?
The below command works on an android 11 phone but on the Pixel 5a the storage is mounted and when I click on it it unmounts.
Code:
adb shell svc usb setFunctions mtp true
first, find your .android directory on PC and backup your adbkey.pub
then use scrcpy to mirror screen to PC via adb.
Control your Android Smartphone from your PC for free with scrcpy
A new tool called "scrcpy" allows you to display your phone screen on your computer with just a USB connection and ADB. No root required.
www.xda-developers.com
Your phone is rooted, so don't reboot or do anything to get stuck in BFU state. use the power of root instead.
type su and check data is decrypted. you can list files in /data/media/0
Thanks for the replies. I was able to get a free screen replacement at Ubreakifix through an extended Google warranty. The employee was not to knowledgeable about which specific one but I think it's this one.
I tried scrcpy and it worked to enable adb shell root access.
Interestingly, the adb command to enable mtp worked when the screen was repaired.

Categories

Resources