Alright, so I now have a new Samsung Galaxy S2 from Bell (GT-I9100M) and I want to play around with it. However, I'm pretty anal about getting the phone back to it's original state, just in case I'd like to.
I want to be able to backup everything from the phone in its current state so that I can restore it.
I'm currently getting the source for android and I'll be compiling zergrush from source in order to gain root access to the phone.
1st: Can this be undone?
2nd: Once you root your phone, does everything run as root? (that would be aweful)
3rd: Is root + Rom Manager + Titanium Backup all I really need to install custom roms easily? Or am I going to have to use Heimdall and such (I'm on Linux so no Odin for me unless I pop up a VM).
Correct my assumptions if I'm wrong:
It seems like zergrush exploits a bug that will give /data/local/tmp/sh uid of root. Is that how root access works? just a copy of the shell with root uid in that path. So if I delete this file, it unroots my phone?
If I zergrush my phone, gain access, use titanium backup to backup everything to the SD card or on my PC then I can use rom manager to get cyanogenmod and flash it straight through the phone's app. In case I want to revert to my good old stock rom and everything unrooted, I use rom manager to reflash the backup I made and then how do I revert what was done by zergrush?
Cheers!
Lewis
Is anyone familiar with what I'm asking?
as far i know zergrush was till 2.3.4 doesnt wored on 2.3.5 and 2.3.6 so not sure if it works on ICS.
try to search if the stock firmware is available for your phone model, unless you doesnt care for that in that case i assume ur phone is just a i9100 so you can flash a stock rom later using odin
now to gain root simplest method is http://forum.xda-developers.com/showthread.php?t=1103399
My phone is running 2.3.3 so zergrush should work.
As for the stock firmware, I'd want to extract it from my phone so that I get the exact same version when I revert.
the CF root method isn't suitable for me because I can't backup my kernel before flashing this.
I also can't use Odin as I am running linux. I can use a VM or Heimdall but it seems like zergrush is the best method for my situation. I already have the android sdk installed. My current issue is compiling zergrush from source... my environment doesn't seem to be completely setup correctly.
Why are you compiling it yourself? You can get a binary from the source, http://forum.xda-developers.com/showthread.php?t=1296916
There was a similar request a while back for what you're trying to accomplish, see http://forum.xda-developers.com/showthread.php?t=1409484
I compiled from source cause I like to know exactly what I'm running on the phone . Not such an issue when it's in user-space but when it comes to granting root access to anything...
Which is why I'm asking about what happens after rooting the phone. I suppose any app will have root access unrestricted... How does Cyanogenmod works for that? Can I explicitly grand root to applications, like on a linux desktop where you put your password when an app needs root.
So, can I undo zergrush's root by just deleting /data/local/tmp/sh ? (or just the setuid?)
ldiamond2 said:
I compiled from source cause I like to know exactly what I'm running on the phone .
Click to expand...
Click to collapse
So you've presumably peer-reviewed their code prior to compiling?
ldiamond2 said:
I suppose any app will have root access unrestricted... How does Cyanogenmod works for that? Can I explicitly grand root to applications, like on a linux desktop where you put your password when an app needs root.
Click to expand...
Click to collapse
There are currently two choices for managing root requests, SuperSU, and Superuser.
https://play.google.com/store/apps/details?id=eu.chainfire.supersu
https://play.google.com/store/apps/details?id=com.noshufou.android.su
AFAIK, neither of which publish their code publicly - so considering your earlier point, you won't be wanting them on your phone either.
oinkylicious said:
So you've presumably peer-reviewed their code prior to compiling?
Click to expand...
Click to collapse
Yep for sure.
oinkylicious said:
There are currently two choices for managing root requests, SuperSU, and Superuser.
Click to expand...
Click to collapse
At least having a single app that I can't see the code is safer than a bunch of them... I'll give it a shot.
But doesn't cyanogen mod offer superuser access management?
Found the source code for superuser
https://github.com/ChainsDD/Superuser
Related
Hi, I would like to have root access to my phone, but not necessarily with a custom ROM. I would also prefer to not change my bootloader.
What exactly is rooting? Is it replacing the whole system image with an image that gives the user root access? Or is it just like enabling sudo for the user? Or is a smaller part replaced? (I am somewhat familiar with electronics, computers and Linux, but I find the Android hacking a bit confusing )
Also, is it possible to run stock Android, only with root access? Will the access be lost when upgrading?
c3c0l0n said:
Hi, I would like to have root access to my phone, but not necessarily with a custom ROM.
DEV section rooting post /
What exactly is rooting?
root is the user account in Linux with all privileges. The root user can edit anything on the system. For safety reasons, users do not have all those privileges. When you root your phone, you will gain write access to areas of the phone you couldn't previously access and are allowed to run more commands in the terminal. Because applications do not get a lot of privileges, some of them require you to root the device in order for them to function properly (or fully).
Also, is it possible to run stock Android, only with root access?
Yes and Yes lost root on upgrade usually .
jje
Click to expand...
Click to collapse
Thank you. How is the rooting performed? Is only an ACL modified, or is a more fundamental part of the system changed (like the kernel, bootloader etc)?
I know that a custom ROM might be unstable/experimental, but does the same apply for rooting, or is the modification so small that one could expect the exact same stability as in the stock ROM?
c3c0l0n said:
Thank you. How is the rooting performed? Is only an ACL modified, or is a more fundamental part of the system changed (like the kernel, bootloader etc)?
I know that a custom ROM might be unstable/experimental, but does the same apply for rooting, or is the modification so small that one could expect the exact same stability as in the stock ROM?
Click to expand...
Click to collapse
All your questions are explained in detail in the Development section
Sorry, I did not find it. However, I read this without getting smarter. This video suggests that rooting is a process that does something with your phone without replacing everything. An exact list of what the rooting tools do would be perfect
Not all tools do the same thing. To get a specific answer, you will have to ask the person that came up with whatever rooting tool you are referring to. Some phones take more to root than others.
hi. i can't believe i'm the first person to ask this but i've searched as best i can through these forums, and on google, and cannot find a definitive answer. there are lots of pages giving high level descriptions of rooting a phone like "gives admin access", "allows access to the root filesystem", etc. but, when you root a phone, what actually happens ? does it simply make the "su" binary available so that apps can call it to access the root user ? eg. i've got a samsung galaxy s2, if i install an insecure kernel, then add su to /system/xbin, and then reinstall a stock kernel, is that technically a rooted phone ? this is actually what i did on my phone, although i installed superuser and busybox from the market after adding su. i am aware that there are various threads in the sgs2 forums on how to root, i'm just using my phone as an example, i'm just trying to understand generically what is meant when someone says a phone has been rooted. cheers.
Full control over your system
Ability to alter system files. You can replace many parts of the "Android Core" with this including:
Themes
Core apps (maps, calendar, clock etc)
Recovery image
Bootloader
Toolbox (linux binary that lets you execute simple linux commands like "ls") can be replaced with Busybox (slightly better option)
Boot images
Add linux binaries
Run special apps that need more control over the system
SuperUser (lets you approve or deny the use of root access to any program)
Task Manager For Root (Lets you kill apps that you otherwise could not kill)
Tether apps (like the one found at [android-wifi-tether.googlecode.com])
<there are more but I cannot think of any right now>
Backup your system
You can make a folder on your sdcard and backup all of your .apk files to your sdcard (helps if an author decides to "upgrade" you to a version that requires you to pay to use the version you just had)
Relocate your (browser/maps/market) cache to your /sdcard
Relocate your installed applications to your /sdcard
Reboot your phone from the terminal app easily (su <enter> reboot <enter>)
Copied and pasted from google... it is your friend.
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Carrot Cruncher said:
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Click to expand...
Click to collapse
Unrooted phone is like logging on as user in a computer. By rooting you have "administrative" rights, just like using sudo command in Ubuntu. Some binaries which are important in gaining administrative rights are installed in the phone.
sent from my nokia 3210
If you come from Windows, you're familiar with the Administrator account. A user that can do everything on the system, as opposed to other users than only have limited privileges. In Linux, that account is called "root". That's all there is to it. It's a user that can do everything on the system.
@Panos_dm: Actually, it's *not* like using sudo. Sudo gives elevated privileges to your existing user account, whereas "root" is a whole separate account.
Nope, sudo actually switches users
i'm a linux user and have been a linux admin in the past so understand the difference between su and sudo. sorry to sound pedantic but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
It opens your phone to a whole new array of possibilities.
Sent from my HTC Sensation 4G using xda premium
Carrot Cruncher said:
but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
Click to expand...
Click to collapse
In a gist? The "su" binary and the Superuser.apk app get installed. Sometimes doing so requires exploiting a vulnerability via a trigger. Rageagainstthecage is a common trigger. I once had a link that explained what exactly rageagainstthecage does, but I don't have it anymore.
If you really want to know all the details, here's the script I used to root my Defy: http://pastebin.com/G3m9v4FQ
Hmm, I see the script contains a link to the explanation of what rageagainstthecage does. Cool.
many thanks for confirming my understanding of the process.
Android Version:-2.3.5
Kernel Ver:-2.6.35.7-I9100XWKJ1-CL647431 [email protected] #2
Doesnt have SU or recovery so i dont think it is but the ROOT portion of the Kernel version is throwing me here.
Does anyone know?
TheBlueRaja said:
Android Version:-2.3.5
Kernel Ver:-2.6.35.7-I9100XWKJ1-CL647431 [email protected] #2
Doesnt have SU or recovery so i dont think it is but the ROOT portion of the Kernel version is throwing me here.
Does anyone know?
Click to expand...
Click to collapse
Install the SuperSU app or the SUperUser app from the Android Play Store/ else, install any app that requires root.
once you run the app the app will request for root permissions, if it works, then you have root. if not, you will need to root the phone.
the ROOT portion in the kernel is almost usually there.. even if the kernel is not rooted.
Thanks for the quick reply, it doesnt look like it is, SU complains and adaway doesnt install.
Samsung actually compile their kernels as root (!). The root part of the kernel name is just the username it was compiled under.
Sent from my GT-I9100 using XDA
maybe install voltagecontrol via playstore and look if u can change ur voltages and if the programs ask u to grant root rights, if not then its unrooted!
Just read the FAQS and GUIDES
Install CWM and root kernel.
Root + CWM .
http://forum.xda-developers.com/showthread.php?t=1103399
jje
The Reverend is right on the money (Sorry Rev, out of thanks. Will hit you up tomorrow).
That '[email protected]' thing is in every kernel under settings/about phone, and as the Rev said is simply the name of the user account/machine that the kernel was compiled on.
It has nothing whatsoever to do with root.
So there are two populair methods of rooting the galaxy s3:
- The Samsung galaxy s3 toolkit
- Chainfire's CF-ROOT
My questions are as follows:
What are the technical differences between the two rooting methods?
Do the methods have any drawbacks? (cf-root for example is incompatible with rommanager)
disclaimer:
I am not interested in what you think is the best method, I want to know the technical differences between the two methods used.
I know that the toolkit itself is not a rooting method, it does however include 4 different methods you can use, I am referring to those.
The toolkit uses cfroot I think. Not sure if it's as up to date as the latest cfroot via Odin. They both work well enough. There is no other method I know of. And I haven't had any drawbacks.
That's all I can say really
Sent from my GT-I9300 using xda premium
Also The toolkit uses Odin too. It has other options and clear instructions. Drivers. Modems etc so this would be the best option for an casual user.
Latest cfroot via Odin is probably your best option if u know what your doing
But it's up to you mate, it doesn't really need analyzing so deeply...
Sent from my GT-I9300 using xda premium
slking1989 said:
But it's up to you mate, it doesn't really need analyzing so deeply...
Click to expand...
Click to collapse
Well it is personal but I like to know or at least have a general idea of what I am doing to my phone. So yes it does
Tnx for the reply
Anyone else who can give me some more insight?
Unfortunately I don't have an answer for you, but I also am interested in the answer to your question..
I think certain methods of rooting use SuperSU (is this the CF one?) and then another method uses Superuser. I think both install busybox (that seems to be the same?)
In my experience, using the Superuser.apk app was faster than SuperSU..
I don't even have the Busybox app installed (but I am sure my phone has busybox, so this also confuses me??)
CF root gets the job done in 20-25 seconds. It installs superSU, busybox and cwm recovery. I would allways recommend rooting with CF Root over the Toolkit.
But that`s my opinion off course
gee2012 said:
CF root gets the job done in 20-25 seconds. It installs superSU, busybox and cwm recovery. I would allways recommend rooting with CF Root over the Toolkit.
But that`s my opinion off course
Click to expand...
Click to collapse
Yes go with the CFroot if u just want to root ur phone.
Sent from my GT-I9300 using Tapatalk 2
'K, I'll bite. I'm not going to give an overall recommendation - at the end of day, they both install an APK and put a new binary in /system/xbin.
Note: I used CF-Root to root my phone. When I talk about how the the toolkit does what it does, I'm basing my words on this image. I've seen the things in that image before, even though I haven't used the toolkit. This also means that my toolkit observations may not be entirely accurate but it's a batch script, anyway; you can just read through it and find out how it works. I'm also primarily a Windows user, but I used to use GNU/Linux quite a bit to write programs for a phone that I once had.
Rooting is, when broken down, the installation of a "su" binary installed to /system/xbin, that is owned by root and carries the setuid flag. This flag is important as the Linux kernel will then run the process whenever it's invoked as the person who owns it, root. This process can then, in turn, start other programs and they inherit the user ID (something like this - I'm taking my time reading TLPI...) so they are then running as root. There's also a "manager" app (Superuser or SuperSU) that will be installed; this app is talked to by the su binary (through the Android Binder AFAIK, though Superuser's source is available so if you really wanted to find out you could read that) to see, for example, if the program that is invoking "su" is allowed to do so. CF-Root installs the SuperSU apk to /system/app, which means that it survives factory resets. The toolkit, from a quick look at the Superuser ZIP in its folder and its batch file, also installs the Superuser apk to /system/app. When sideloading apps or installing from the Google Play Store, they usually get installed to /data/app.
Not all "su" implementations for Android need a manager app, I've seen implementations where su does not place restrictions on who is allowed to run it; uid=0 for everyone without discrimination! (Yes, that also includes you, Super Smilies Pack 3000 with boob smilies) Thankfully, neither the toolkit nor CF-Root do this. I lie a little. Superuser's su binary will automatically reject any request to become root if the Superuser.apk is not installed but SuperSU's su binary will automatically accept all requests to become root if the SuperSU apk is not installed. Personally, I prefer SuperSU's behaviour as there have been too many times with my old phones where I'd have to sign into Google Play after wiping /data just to install the Superuser APK when all I wanted was to run a simple command.
ext* filesystems along with other *NIX filesystems have the concept of file permissions, a concept shared by other *NIX filesystems. In order to actually place this su binary owned by root into a folder owned by root, you need to be root. (Actually, the folder is also owned by the shell group so a user which is a member of that group could do it too, but they wouldn't be able to set the all-important setuid flag as they're not the user root [perhaps a member of group root could do it but I don't know]) Usually, exploits in other programs running/can run as root or in the kernel are searched for so that you can temporarily root in order to install the su binary correctly. The GSIII (with the exception of Verizon's) has an unlocked bootloader, though, so programmers don't need to search for any of these: it's able to flash unofficial, unsigned recoveries and kernels.
CF-Root does this:
* it flashes a new CWM-based recovery in the recovery partition of the phone. If you've seen the stock Android recovery, you'll know that it just can't match the features of CWM. The important thing about CWM is that it runs as root, just like the stock recovery, but it also lets you place any file anywhere on the phone without requiring that the the ZIP file containing the files are not signed with a Samsung private key. Remember what I said about file permissions?
* there's also a param.bin file. I don't know anything about this file, but I suspect it's flashed to get the phone to boot up into recovery mode the next time it's started so that CWM runs before anything else
* it also flashes the cache partition (I'm not sure whether it overwrites or appends as I don't know how [and probably never will] know how ODIN works with two ZIP files: SuperSU, which contains the su binary, the SuperSU apk and a script that is run by CWM to set the required permissions on the su binary among other things, and the CWM app which lets you tell the recovery what actions you want it to perform in Android without having to navigate through the awkward interface of CWM itself. While I don't know how to do this myself, CWM recovery can be told to automatically run commands from an external source. I'm not talking about random websites on the Internet, but (I think) through files that have to be placed somewhere by root. This is what apps like the CWM app and ROM Manager do. This is also what CF-Root does to tell the recovery that the next time it's booted that it should install both the CWM ZIP and SuperSU ZIP. That's it in the case of CF-Root: you now have a phone with the two files required for root access, and a CWM recovery and an app to control it.
The toolkit:
(I only talk about the "insecure boot" options as I imagine the recovery option does something similar to the above and do remember that I haven't used the toolkit to root my phone so some assumptions are made. I also assume you know what ADB is as I won't be explaining it)
* it gets you to flash a kernel image with a patched adbd that runs as root, so adb on your computer, in turn, is able to place files anywhere on the phone's /. File permissions make it so you can't just place adbd in its expected place (/sbin) as any user and /sbin is also mounted on a ramdisk part of the flashable kernel image so it would be replaced on the next reboot, anyway.
* When the phone is running again with the new kernel, it then tells adb (now running as root) to push the Superuser APK and the su binary into their rightful place and sets the correct permisions on the su binary so that it runs as root
* if you've told it to install busybox, busybox is pushed and a bunch of symlinks for all the applets that BusyBox supports are set up
CF-Root installs, naturally, Chainfire's SuperSu whereas the toolkit installs Superuser. I much prefer SuperSU (and I bought a pro license for Superuser long before I did for SuperSu). Superuser's interface is much better than SuperSU's and it's also open-source but I find that SuperSU works much quicker for me (Root Explorer actually popped up a message on my sister's freshly-flashed Xperia Arc S saying that Superuser can be slow if Superuser hasn't granted it root access quick enough - I've never encountered that on my Huawei U8800pro with SuperSU which has pretty much the same specs as the Xperia) and it can also log the commands an app is running as root if you're suspicious of an application.
You'll notice that ADB still runs as a normal user with CF-Root. You can use Chainfire's adbd Insecure app which will replace /sbin/adbd everytime the phone is started with his patched adbd which always runs as root, or you can just flash one of the many kernels available that already include a patched /sbin/adbd.
CF-Root also does not install BusyBox. You can grab one of the installers from the Play Store but what I do personally is kang a CM9 nightly build for the I9300 and take the META-INF folder and the /system/xbin/busybox binary and strip out most of the lines in the update-script leaving only the lines that mount, extract and create the symlinks for busybox and place the result in a new ZIP which is then flashed with CWM.
Your "cf-root for example is incompatible with rommanager" gripe is easily solved - just flash another recovery. CF-Root just packages a CWM Recovery, an app to control CWM and SuperSU. CF-Root itself is not a resident component, but the recovery and SuperSU etc. are, if that makes sense.
qwerty12 said:
A long story with a lot of interesting and valuable information
Click to expand...
Click to collapse
Tnx! This is precisely what I have been looking for! A lot of the information I already found in seperate pieces but this made it click in my head. I used cf-root to root the phone and am currently deciding if I want to work with the included tools and cwm recovery or flash CWM touch
I got a busybox installer from the market and it works like a charm (Well Titanium backup seems to do its job anyway).
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
The only advantage i can see to using toolkit is it will get updated quicker and it has loads of other options. If you just want to Root and flash a Rom cf root is way to go
Sent from my GT-I9300 using xda app-developers app
creesch said:
Tnx! This is precisely what I have been looking for! A lot of the information I already found in seperate pieces but this made it click in my head. I used cf-root to root the phone and am currently deciding if I want to work with the included tools and cwm recovery or flash CWM touch
Click to expand...
Click to collapse
Glad it helped
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
Click to expand...
Click to collapse
Yeah, HTC's locked bootloaders and the S-ON/S-OFF rubbish is one of the reasons I decided to skip the One X and go for the Galaxy S3.
creesch said:
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
Click to expand...
Click to collapse
Its fair to say that unlike many people on this forum you did your research. Searched.. and asked a valid question. Whereas the majority of people just ask questions without being bothered to figure it out themselves. So thanks. Over analyzing? Maybe a little... but its better than flashing any old thing like many other have done and continue to do. Big thanks to qwerty who has filled me in on some useful info also.
Sent from my GT-I9300 using xda premium
You should have thanked him tho maaan
Sent from my GT-I9300 using xda premium
creesch said:
Tnx! This is precisely what I have been looking for! A lot of the information I already found in seperate pieces but this made it click in my head. I used cf-root to root the phone and am currently deciding if I want to work with the included tools and cwm recovery or flash CWM touch
I got a busybox installer from the market and it works like a charm (Well Titanium backup seems to do its job anyway).
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
Click to expand...
Click to collapse
Stick with 5.x.x.x recovery, touch(6.x.x.x) has some instability issues afaik
Sent from my GT-I9300 using xda premium
slaphead20 said:
Stick with 5.x.x.x recovery, touch(6.x.x.x) has some instability issues afaik
Sent from my GT-I9300 using xda premium
Click to expand...
Click to collapse
Alright well since it was only the touch aspect that made me consider it i'll leave it just like it is
Hey guys
Hey guys i have the internationa galaxy s3 running 4.1.2, i haven't done anything to my phone yet and im about to root it is the boot loader unlcoked and if not how do i unlock it :good:, could someone please help me:crying::crying: and give me clear instructions and links please :fingers-crossed: thanks you so much,
BTw i know this is the wrong thread but i cant find the right one, thanks alot guys
regards nick
Have a strange one I don't know how to fix. Purchased a Pyle PTBL102BCD tablet for the Mrs. to use basically as an ebook reader (according to About, running 4.2.2). When it came in I started sideloading apps to prepare it for her (I do not have a Google account), and searched on the Net about rooting the device. Found a one-click that worked with a different Pyle tablet, so I gave it a shot.
Now I have root access _only_ through the adb shell. None of the apps (including Superuser.apk itself as tested by updating /system/bin/su) can get root access, yet I have no problem running root through an adb shell - remounted file systems, even performed an su which is the only instance Superuser.apk's log shows. Root access in the shell remains between reboots, so it's not a temporary root.
If the adb shell has root, I _should_ be able to use it to grant access to everything else, and I've followed a few different "manual" root instructions (having different permission settings for su and busybox), with no joy. So long as I connect with a USB cable and type on the Windows machine, I'm god. On the tablet itself...not so much.
I hope that someone with a more intimate knowledge of Android internals can point me in the right direction for achieving root completely. Currently have Titanium Backup and ConnectBot (long java errors when I attempt to su there) installed to test root, Superuser v3.1.3 and su v3.1.1. Permissions on su are -rwsr-sr-x. And the human is confused.
Did you get anywhere with this? I have the same problem. What one-click did you use?
mfurlend said:
Did you get anywhere with this? I have the same problem. What one-click did you use?
Click to expand...
Click to collapse
Side note; REALLY hate the new forum software. With all the untrusted Google and Amazon javascript (which my company firewalls), it's a pain for me to even log in let alone post replies. (And I wonder if I'm the only person in the world sick to death of all the unnecessary ajax garbage...)
Anywho, used Kingo, rooted and unrooted a few times, until I finally acquired complete root on the thing. Once I did, I could run Samba, and once that worked, I could more easily transfer files and apks to the tablet.
Still don't understand why it was left in such a...weird...state - having root by default in adb is just a scary thing!
thanks for the information. I tried doing that but I encountered various problems. Eventually, after trying to do it manually, I totally screwed up the device. Now it won't boot.. I still have access to adb. I need to flash this thing. Do you know what the stock ROM is?
mfurlend said:
Do you know what the stock ROM is?
Click to expand...
Click to collapse
No...I can give you the Kernel version info (3.0.36+ [email protected] #48) and build number (rk3168_k11_4.2.2_v20131230), but other than that no clue.