I've seen quite a few methods to root this phone on this forum and several others, but I couldn't menage to find a working one to give a permanent root to this model WITHOUT need to flash it or turning it into an iPhone clone (with or without the rear camera working).
So I found this batch script that seems to do the job (rooting without flashing), named Root_with_Restore_by_Bin4ry. It didn't work out-of-the-box in my case and I had to adjust the script a little bit and removed all the other options not intened to be relevant to my specific device.
It basically calls a fake restore to do "something" to the phone that will reboot it to open a brief window in which I can run some commands and remount read-write and copy/moves files around.
So, I manage to copy busybox from /data/local/tmp to /system/xbin and su to /system/xbin and /system/bin. Superuser.apk is already installed normally, not in /system/app/Superuser.apk.
Well, if I DON"T reboot after placing these files and giving them proper chmod and chown, the phone boots up with root access. However, if I reboot the phone, all the files mentioned above in /system/xbin and /system/bin folders will become 0 bytes and root functions will be lost.
I want to know if there's a way to make these files reboot-proof. Or else, I am willing to try any other non-flashing method you can suggest.
Second, when this temporary root occurs, the phone gets stupidly slow. Is it normal in rooted devices, or is it something wrong with my phone or my methods?
Thank you in advance.
Related
Question: Is your Superuser app asking for permissions from apps? Mine isn't. On my old rooted Eris, if I ran an app such as Titanium Backup or Root Explorer, I would get a dialog which would ask if I wanted to grant that app root access. This dialog was via the Superuser app. I don't get that now. It seems like any/every app on my phone has su access.
I'm wondering if it's just me or if this is the way the current root exploit works.
DeezNotes said:
Question: Is your Superuser app asking for permissions from apps? Mine isn't. On my old rooted Eris, if I ran an app such as Titanium Backup or Root Explorer, I would get a dialog which would ask if I wanted to grant that app root access. This dialog was via the Superuser app. I don't get that now. It seems like any/every app on my phone has su access.
I'm wondering if it's just me or if this is the way the current root exploit works.
Click to expand...
Click to collapse
It's just you. Try running root explorer or a screen cap program, and verify that you have root access. You may want to use an updated Superuser.apk too, I know the one I'm using (2.3.6.1) asks, (unless I told it not too).
I'm using Superuser 2.3.6.1. When I run Titanium or Root Explorer, everything works without prompting. Now, I'm concerned.
UPDATE: I opened Superuser, went to settings, scrolled to the bottom and updated the su binary. Now, I get prompted when an app needs access. Problem is, when I reboot the su binary is reset. I think this is due to me using the joeykrim root procedure, which uses a version of su that is scripted to be put in place during the boot process. I'm going to take a look at his scripts and change them so I can keep the su binary installed by the Superuser.apk.
Thanks for the info.
Confirmed my issue was due to using the joeykrim method. I backed out his procedure and used Dirrk's method (posted here: http://forum.xda-developers.com/showthread.php?t=779238) and I get a proper Superuser prompt when an application needs access.
I also noticed another flaw in the joeykrim method. Since his procedure was developed for the Epic, he has some incorrect file names in some places.
If you notice in his instructions where he says use playlogos1 instead of playlogos, this is not updated in all of his steps.
To get your boot screen back, you have to change the last line of playlogos1 or playlogosnow (based on whether you did the lag fix or not)
The file that will not show your boot animation will look like this:
Code:
#!/system/bin/sh
#joeykrim-SDX sdx-developers.com scripted
/system/bin/joeykrim-root.sh
/system/bin/playlogo-orig
To fix it, change the last line to read:
Code:
#!/system/bin/sh
#joeykrim-SDX sdx-developers.com scripted
/system/bin/joeykrim-root.sh
/system/bin/playlogos1-orig
In summary, the playlogos1 file is used to execute other startup scripts. The original playlogos1 file has the boot animation in it. It must be referenced in one of the startup scripts. Since these instructions were used for the Epic, there's a slight typo which keeps the original playlogos1 file from being executed.
Thanks--I came to the forums looking for a solution to the fact that my boot animation was now missing. I tried making your changes but I still can't seem to recover it. Here are what my playlogo scripts look like, keeping in mind I have also installed the lag fix:
playlogos1
Code:
#!/system/bin/sh
sh /system/bin/userinit.sh
playlogosnow
playlogosnow
Code:
#!/system/bin/sh
#joeykrim-SDX sdx-developers.com scripted
/system/bin/joeykrim-root.sh
/system/bin/playlogos1-orig
I'll also have a 3rd file called just playlogo (which was very long). Do you know what the issue is? Thanks so much for your help.
theicemonkey said:
Thanks--I came to the forums looking for a solution to the fact that my boot animation was now missing. I tried making your changes but I still can't seem to recover it. Here are what my playlogo scripts look like, keeping in mind I have also installed the lag fix:
playlogos1
Code:
#!/system/bin/sh
sh /system/bin/userinit.sh
playlogosnow
playlogosnow
Code:
#!/system/bin/sh
#joeykrim-SDX sdx-developers.com scripted
/system/bin/joeykrim-root.sh
/system/bin/playlogos1-orig
I'll also have a 3rd file called just playlogo (which was very long). Do you know what the issue is? Thanks so much for your help.
Click to expand...
Click to collapse
Judging by what your files look like, things should work. The original file is playlogos1. We never touch the playlogo file from what I can remember, so let's not do anything there.
What I would do is make sure the permissions are straight on all the files listed above (primarily playlogos1). They should be 755 (shown below):
Code:
# cd /system/bin
# ls -l playl*
-rwxr-xr-x root shell 10060 2010-08-12 04:30 playlogo
-rwxr-xr-x root root 106 2010-09-11 18:53 playlogos1
-rwxr-xr-x root root 177 2010-09-11 18:55 playlogos1-lagfix
-rwxr-xr-x root shell 14420 2010-08-12 12:30 playlogos1-orig
-rwxr-xr-x root shell 14204 2010-08-12 04:30 playlpm
#
If all else fails, you can always grab the original file from the system dump off of this link: http://forum.androidcentral.com/fascinate-roms-hacks/32839-fascinate-system-dump.html
DEAR GOD
Well, I'm an idiot.
I tried to take the playlogos1 file from the dump you showed me and copy it to my /system/bin file and, sure enough, I got the boot animation back. Problem is, I didn't think it through (that the edited playlogos1 file pointed to the rest of the modified boot sequence) and then the phone wouldn't boot. It would just loop the animations.
I booted into recovery, did a factory reset, and now I can get to the lockscreen and the very beginning of setup but TWLauncher force closes over and over and over and I'm unable to do anything except pull down the notification bar occasionally. I think this is because I moved some things (like bing, daily briefing, etc.) that TWLauncher wants at the outset, and it doesn't have them. I tried to bluetooth over LauncherPro and run it, but it fails at the last moment.
Does anyone know of a way to get to ADB Shell so that I can fix my mistake? Or if someone had an update.zip I could flash to get back to factory (with all of the system files in place), that would be super! Otherwise, it looks like I'm effed and will need to come up with a good story to tell Verizon...
theicemonkey said:
Well, I'm an idiot.
I tried to take the playlogos1 file from the dump you showed me and copy it to my /system/bin file and, sure enough, I got the boot animation back. Problem is, I didn't think it through (that the edited playlogos1 file pointed to the rest of the modified boot sequence) and then the phone wouldn't boot. It would just loop the animations.
I booted into recovery, did a factory reset, and now I can get to the lockscreen and the very beginning of setup but TWLauncher force closes over and over and over and I'm unable to do anything except pull down the notification bar occasionally. I think this is because I moved some things (like bing, daily briefing, etc.) that TWLauncher wants at the outset, and it doesn't have them. I tried to bluetooth over LauncherPro and run it, but it fails at the last moment.
Does anyone know of a way to get to ADB Shell so that I can fix my mistake? Or if someone had an update.zip I could flash to get back to factory (with all of the system files in place), that would be super! Otherwise, it looks like I'm effed and will need to come up with a good story to tell Verizon...
Click to expand...
Click to collapse
Sorry you're having issues. Bad news is, you can't flash any zip updates because we don't have a custom recovery re our phones yet. However, what you should be able to do is use adb to push the apps from /system/app from the system dump. That is.. if you can get adb to work? If it can work from recovery, that should save you.
Good luck.
I had installed the latest busybox installer (v7.3) by Stericson. It had an option to uninstall existing busybox installations.
Since I had multiple versions of busybox already installed on my P500, I decided to uninstall a few of them but on hitting uninstall it seems it removed a lot of binaries.
Now when I try to use any application that requires root it simply FC's.
Then I tried using ADB shell but it gave me the following error:
-exec /system/bin/sh: No such file or directory
I then manually tried to look into /system/bin from FileExpert app that I had installed on my mobile. I had almost every required essential binaries but sh was missing.
Therefore I did a adb push of sh from one of my other phones(a ZTC blade). It was successful but now ADB shell gives another error:
/system/bin/sh: Permission denied(13)
I need someones help in this. Am I proceeding the correct way. If yes, how do I set permissions without adb shell?
Also I few more points I had noticed (If it might me helpful)
--------------------------------------------------------
1) adb devices: now gives some generic device name (e.g- 80565403440...). Previously I think it was something like "LGP500" if I am not mistaken.
2) only /system/bin now holds some binaries. No binaries are to be found on other locations like /system/xbin, etc.
3) Is copying sh from another phone the correct way to proceed? Or shells are different for different mobiles. If yes, can a P500 owner provide a sh from /system/bin please? Thanks.
[EDIT: The problem has been resolved. Setting executable permission externally and making a adb push worked out. Only thing I needed was a Linux installation and VirtualBox saved my day. Windows powershell may also work it seems but I didnt try it.
I assumed the binary compiled for ZTC Blade will work successfully for the days to come. Thanks XDA]
Can someone please provide me the sh binary from P500 please? It resides in the /system/bin folder.
Also if anyone knows how to use the phones internal memory without adb and set file permissions, it would be a great help.
Someone please provide the sh binary from /system/bin . I will try pushing it with executable permissions set outside to see if it works...
Hello everybody,
i have gained root access to my phone via backup/restore method through adb where local.prop is stored in /data/. So when i log onto my phone with adb i have root access. I copied busybox, su and the superuser.apk to the right place and removed the local.prop file again. After a reboot I was hoping to remove some crapware off my phone but to my surprise the binaries i copied vanished from the filesystem. So the phone reverted the changes by itself. I did this process several times copying busybox and su to various places referred to by $PATH, but it´s everytime the same after i reboot. The files are gone.
After the first attempts failed i tried to make changes to my phone while logged in as root. I wanted to uninstall unnecessary packages with "pm uninstall" but that failed also. The command just responds "failed". Even when /system is mounted rw (it remounts itself to ro after a while though). I´ve also made changes to /init.rc but they are also gone after a reboot as other changes i´ve made. Basically i wasn´t able to accomplish anything with root access no matter what i did.
So what i want to know is how this black magic works andy why i cant do anything with root. I know how to achieve real root through htc dev and various other methods.
Thanks for reading!
nasenstueber said:
Hello everybody,
i have gained root access to my phone via backup/restore method through adb where local.prop is stored in /data/. So when i log onto my phone with adb i have root access. I copied busybox, su and the superuser.apk to the right place and removed the local.prop file again. After a reboot I was hoping to remove some crapware off my phone but to my surprise the binaries i copied vanished from the filesystem. So the phone reverted the changes by itself. I did this process several times copying busybox and su to various places referred to by $PATH, but it´s everytime the same after i reboot. The files are gone.
After the first attempts failed i tried to make changes to my phone while logged in as root. I wanted to uninstall unnecessary packages with "pm uninstall" but that failed also. The command just responds "failed". Even when /system is mounted rw (it remounts itself to ro after a while though). I´ve also made changes to /init.rc but they are also gone after a reboot as other changes i´ve made. Basically i wasn´t able to accomplish anything with root access no matter what i did.
So what i want to know is how this black magic works andy why i cant do anything with root. I know how to achieve real root through htc dev and various other methods.
Thanks for reading!
Click to expand...
Click to collapse
is your RECOVERY.img
and beside i dont really think your /system is fully mounted rw
mauricio.valladolid said:
is your RECOVERY.img
and beside i dont really think your /system is fully mounted rw
Click to expand...
Click to collapse
Thanks for the reply. i use mount -o remount,rw /system as mount command to get read/write permission on /system. If there is something more to do please let me know. And if the behavior i ve seen is caused by the recovery.img is there something i can do about it?
nasenstueber said:
Thanks for the reply. i use mount -o remount,rw /system as mount command to get read/write permission on /system. If there is something more to do please let me know. And if the behavior i ve seen is caused by the recovery.img is there something i can do about it?
Click to expand...
Click to collapse
why dont you just install ext4 recovery and flash supersu.zip?
I really dont get it why are you trying to do it the hard way
The problem:
I rooted my Samsung Galaxy Ace and went exploring the root directory with Root Explorer. I renamed the folder "apk" found in /data to "apk_old", thinking that if everything worked, I could just delete it as it contained a handful of stock apks as well as several apps installed from the market. At the time, I though apks were needed just for installation and that by deleting the folder I would save ~30MB of internal memory. Well, I turns out I was horribly wrong. Several stock apps, such as Youtube or Maps and all market apps that were installed in internal memory have stopped working. In the app drawer, their icons have turned into those default apk icons and their names into com.something.blabla. I was getting crashes every 1-2 minutes from those apps. The widgets on my home screen, such as Google search or Homework 4x2 have also stopped working.
What I've tried:
*renaming the folder back to "apk", obviously. That didn't work, it said something like "execution failed"
*making a copy of the folder - failed
*zipping the folder - failed
*thinking there was a problem with Root Explorer, I installed Total Commander and Solid Explorer hoping I could rename the folder back. Total Commander cannot open the /data folder, while Solid Explorer says the /data folder is empty
*"pulling" all of "/data" with ADB - 0 files pulled.
However, as I was trying to clean up my own mess, things changed a bit. At some point the crashes stopped and all of the "corrupt" apps have simply gone away from the app drawer. While I was unable to do anything with the "apk_old" folder in /data, something changed so that right now I can't even access /data anymore.
So yea, I have a bad feeling that somehow everything inside the /data folder has been wiped, though I sure hope I'm wrong. Anyone have anything to advise?
Oh, and I also noticed that Superuser is gone. I tried re-rooting my phone from this link, it worked the first time I rooted, but not now...
http://forum.xda-developers.com/showthread.php?t=1552792
I don't know exactly what you have in /data/apk I guess is the same I have in /data/app all the installed package.apk
Since your system is compromised I would avoid to use programs from it like Root Explorer to change anything, and for the other programs looks like they don't have root access.
I would try with plain adb: http://forum.xda-developers.com/showthread.php?t=2141817
Once you have your phone connected with adb shell you can go root:
Code:
$ su
to list files and directories in /data
Code:
# ls /data
and then to rename the folder
Code:
# mv /data/apk_old /data/apk
then reboot the phone
good luck
I'm assuming those # signs were suppose to be $'s?, Anyways, what I typed into adb:
1. adb shell
2. $ ls data
What I get:
opendir failed, Permission denied
Another atempt:
1. adb shell
2. $ su
What I get:
su, and after a long pause - Permission denied
eh? So, apparently I can't get root access, what now?
the dficua
Ha, made progress. I installed Superuser through adb and it gave me permission to access data and to rename apk_old back to apk. However, the folder has been wiped of all the apps. Luckily, I have a friend who also has a Galaxy Ace, I'll just copy the folder and paste it into /data, hopefully i'll bring back the default apps.
$ is the normal shell
# is root shell
I forgot to tell you to try that on recovery mode to prevent the calling of SuperUser to grant privilegs, su binary itself should be in /system/xbin
When you restore apps remember also to fix permissions, user and group, it should be something like this:
# chmod 0664 /data/apk/*.apk
# chown system:system /data/apk/*.apk
check the right values in your friend's phone.
Here's my situation...I had 2 rezounds...One perfectly OK, rooted and Titanium backed up, but my kids poured milk into it...yaay. The 2nd rezound which was my wife's seems to have something physically wrong with it where I can't connect to it with fastboot (but adb works ok when the phone is fully booted), which means I can't dev unlock it, or apply most of the root methods out there...
So I decided to try some other things...
I downloaded the Cydia Impactor...
Drop Su didn't work
but,
start telnetd as root on port 22 did work!
so I then went in and remounted /system as RW
and copied su to /system/bin and the Superuser.apk to /bin/apps.
I then performed a echo ro.kernel.qemu=1 >/data/local.prop.
Now when I reboot, I get the root shell if I adb in to my phone...
But, on the screen only the status bar at the top comes up and if I try to swipe down, I get
"Unfortunately, System UI has stopped".
After this, I went into adb shell and noticed the su was gone from /system/bin...So this time I pushed it to /system/xbin, changed to root owner and chmod'd it to 06755..I removed the local.prop since I think that was causing the problem with the launch screen.
After rebooting, the Rezound had deleteed the su again, but the launcher comes up OK.
So I'm thinking, maybe I need to name the su something else...nope that won't work.
I guess for now I can be happy I can get temp root...
1. Run Cydia Impactor and select start telnetd as root on port 22.
2. copy su to /system/xbin and chmod 06755 /system/xbin/su
3. Run Titanium backup, and allow SU access.
works until phone reboot when su is removed by something.
Any ideas for next steps anyone?
Thanks,
Scott