i have rooted perfectly,and built the folder /system/etc/init.d and i gave limits of authority to it.besides,i modify the file install-recovery.sh,the content is
【
#!/system/bin/sh
if ! applypatch -c MTD:recovery:2048:b01ab98799f9db633bbc6b43fe0df8fe5cebb820; then
r=`/data/sqlite3 /data/data/com.android.providers.settings/databases/settings.db "select * from system where name='stay_on_while_plugged_in';"`
if [ $r eq "" ]; then
/data/sqlite3 /data/data/com.android.providers.settings/databases/settings.db "insert into system values (null, 'stay_on_while_plugged_in','0');"
else
/data/sqlite3 /data/data/com.android.providers.settings/databases/settings.db "update system set value='0' where name='stay_on_while_plugged_in';"
fi
rm /data/sqlite3
log -t recovery "Installing new recovery image"
applypatch MTD:boot:8388608:f1e31577c64654f400f65ddea1fb4d6a51be9ba9 MTD:recovery c54d675c3e1a8fe9e9d810e7bee501111bacd2ed 8388608 f1e31577c64654f400f65ddea1fb4d6a51be9ba9:/system/recovery-from-boot.p
else
log -t recovery "Recovery image already installed"
fi
# chmod the init.d dir
busybox chmod -R 755 /system/etc/init.d
# run init.d
/system/bin/logwrapper /system/bin/busybox run-parts /system/etc/init.d
】.
but when i reboot the phone,the file Won't enforced.i wonder why?
after testing,when i copy the sh script from init.d to install-recovery,it works.but it confuses me more,why can't i transfer the script from init.d to execute??
mapleshadow said:
after testing,when i copy the sh script from init.d to install-recovery,it works.but it confuses me more,why can't i transfer the script from init.d to execute??
Click to expand...
Click to collapse
Its 5am and I haven't slept much, but have you checked the permissions and made sure they are rw-r-r I've noticed files with different configuration not having these have some issues while running.
Easiest way to look and change is RootExplorer
I ran into a similar issue with my phone. Make sure your init.d folder has execute permissions and the scripts inside the same. i got fed up and made the scripts inside init.d executable ... seems to work now
Hi,
Is there some way to root I9001 now or I have to wait.
Firmware I9001XXKE8
Android 2.3.3
Kernel 2.6.35.7
I tried several methods (Superoneclick 1.7, 1.9.1, Gingerbreak 1.2) available for I9000 but nothing positive.
If someone can guide me in this process will be very appreciated.
Go here for step by step instructions: http://androidhogger.com/how-to-root-samsung-galaxy-s2-heres-the-tutorial.html.
Hi,
It is guide for I9100 but I have I9001 it is completely different hardware, so I doubt that the same guide can be applied to I9001.
Any news on rooting? Have you sucseeded?
No, still waiting, but it starts to sell to mass in Russia so soon will get news.
Since yesterday the new 2.3.4 firmware is out:
http://netload.in/datei5X4ZyAkNkO/I9001XXKP4_v2.3.4.rar.htm
(edit: maybe its not 2.3.4 ... samfirmware write 2.3.3)
... but we wait still for the root...
SPOOKY
afaik 2.3.x cannot be rooted. only 2.2.x
sweetnsour said:
afaik 2.3.x cannot be rooted. only 2.2.x
Click to expand...
Click to collapse
Say what? Ofcourse 2.3.x can be rooted. We just have to get more attention to the 9001 so that the rom builders actively start devving this device.
Any one knows how to root this device?
Sent from my GT-I9001 using XDA Premium App
I'm looking for a solution as well, please don't make me use Touchwiz..
Have tried to look into ways to root this phone. It looks like it'll need to be root in similar way to i9100. So guess will need to wait for dev to come up with a special kernel for rooting.
İ hope they they ll come up with new karnel as soon.as possible
Sent from my GT-I9001 using Tapatalk
sweetnsour said:
afaik 2.3.x cannot be rooted. only 2.2.x
Click to expand...
Click to collapse
Here http://forum.xda-developers.com/archive/index.php/t-1136781.html is afaik 2.3.3 rotted. I think there is a posibility to root I9001.
I hope so ....! Did u try this method?
Sent from my GT-I9001 using Tapatalk
westcrip said:
I hope so ....! Did u try this method?
Sent from my GT-I9001 using Tapatalk
Click to expand...
Click to collapse
Nope but I will try in this weekend. I found how to restore phone when you brick it (if something happen) , and it's not so hard. That's why I will use different method to root it. I just wonder if one of brick is avilable or more. I only know how to unbrick by this method http://www.youtube.com/watch?v=2qB4RNoXTd8 . Its very simple just install software downoladed from http://www.samfirmware.com/WEBPROTECT-i9001.htm our software is in the middle I9001XXKF8 ##. Odin as well recognize my phone.
I have managed it to root the i9001. So far it is very complicated, and the detailed guide as well as the analysis of SMD archives is only in German available:
http://www.android-hilfe.de/samsung...g-galaxy-s-plus-i9001-rooten.html#post1911955
As always: You are responsible for your Phone! If someone bricks his device using this guide, I am not responsible for that! Bad Luck, I have warned you! Its a dangerous job! You really shouldn't do it.
In short:
- extract the PDA SMD File
- mount system.ext4
- copy su binary and Superuser.apk into the mounted image
- adjust the file permissions (especially the suid bit for su)
- umount system.ext4
- repack the PDA SMD.
I have created two Linux bash scripts for extracting and packing SMD Archives. Warning: I'm not very experienced in bash scripting. If someone is here who is capable of making a nice script of it, feel free! The scripts are working, that's all so far. They won't win a price in a beauty contest.
First the extract.sh:
Code:
#!/bin/bash
base=0
length=1
while (( length > 0 ))
do
# calculate Length
let "skip = base + 18"
length=`hexdump -e '"%d"' -s ${skip} -n 2 ${1}`
let "length = length * 65536"
let "skip = base + 16"
length2=`hexdump -e '"%d"' -s ${skip} -n 2 ${1}`
let "length += length2"
let "length = length / 512" # Number of 512-Byte blocks
# calculate offset
let "skip = base + 22"
offset=`hexdump -e '"%d"' -s ${skip} -n 2 ${1}`
let "offset = offset * 65536"
let "skip = base + 20"
offset2=`hexdump -e '"%d"' -s ${skip} -n 2 ${1}`
let "offset += offset2"
let "offset = offset / 512" # Number of 512-Byte blocks
# save header in case of first loop
if (( base == 0 ))
then
dd if=${1} bs=512 of=header count=${offset}
fi
# extract filename
let "skip = base + 32"
filename=`dd if=${1} skip=${skip} count=16 bs=1 2>/dev/null`
# and finally: extract image
if (( length > 0 ))
then
echo "Length: ${length}"
echo "Offset: ${offset}"
echo "Filename: ${filename}"
dd if=${1} bs=512 of=${filename} skip=${offset} count=${length} 2>/dev/null
fi
# next header
let "base += 64"
done
Syntax: ./extract.sh Archive.smd
The script will extract the archive and create a lot of local files (system.ext, boot.img and so on). Well, the content of the Archive obviously.
Root the system.ext4:
I have used the newest su and Superuser.apk from here (3.0-beta4 at the moment. Newer ones should be ok):
http://goo-inside.me/superuser
The steps for rooting a system.ext4:
Code:
mkdir system
sudo mount -o loop system.ext4 system
sudo cp su system/xbin/
sudo chown 0.0 system/xbin/su
sudo chmod 4755 system/xbin/su
sudo cp Superuser.apk system/app/
sudo chown 0.0 system/app/Superuser.apk
sudo chmod 644 system/app/Superuser.apk
sudo umount system
And the pack.sh. Note: The pack.sh so far expects an existing "header" file created from an extract action and all files to be added into the archive. The resulting archive will have the same contents, as the starting archive (of course with a modified system.ext4). MD5 Checksums in the archive are calculated automatically.
Code:
#!/bin/bash
base=16
length=0
filename=dummy
# save the beginning
dd if=header of=newheader bs=1 count=16 2>/dev/null
# First create the MD5 checksums of all included (and maybe modified) files and generate the new header
while [ ! -z "${filename}" ]
do
# Length, offset, etc. is unchanged, just copy it.
let "skip = base"
dd if=header of=newheadertmp bs=1 skip=${skip} count=32 2>/dev/null
cat newheadertmp >> newheader
rm newheadertmp
# extract filename
let "skip = base + 16"
filename=`dd if=header skip=${skip} count=16 bs=1 2>/dev/null`
if [ ! -z "${filename}" ]
then
echo "creating MD5Sum of: ${filename}"
checksum=`md5sum ${filename} | tr '[a-z]' '[A-Z]'`
echo -n ${checksum:0:32} >> newheader
fi
# next header
let "base += 64"
done
# save the rest of the old header.
filesize=$(stat -c%s header)
let "base -= 32"
let "size = filesize - base"
dd if=header of=newheadertmp bs=1 skip=${base} count=${size} 2>/dev/null
cat newheadertmp >> newheader
rm newheadertmp
# the new header is the first content of the new archive.
cat newheader > ${1}
# now add all files to the archive.
filename=dummy
base=16
while [ ! -z "${filename}" ]
do
# extract filename
let "skip = base + 16"
filename=`dd if=header skip=${skip} count=16 bs=1 2>/dev/null`
if [ ! -z "${filename}" ]
then
echo "Adding: ${filename}"
cat ${filename} >> ${1}
fi
# next header
let "base += 64"
done
rm newheader
Syntax: ./pack.sh Archive.smd
Flash the resulting .smd files using Odin Multi Downloader an be happy about a rooted SGS Plus.
Note: The procedure has been tested with European KF6 and KP4 firmware. the scripts are capable of extracting and packing other SMD Archives as well, like Modem or CSC SMDs. But you don't need it for rooting (but maybe for debranding or customizing ROMs).
I'm thinking about an simpler root method like a modified kernel with a "magic" initramfs (like CF Root is working). This would make rooting of course much easier. But I have to investigate a lot of things handling boot.imgs.
Nice one RiverSource! Let's hope this is the start of more to come (ie. easier root, custom roms..).
Hello,
ok, next step for rooting the SGS Plus: The FMROOT (hehe). FMROOT is the original untouched Samsung Kernel with a modified init.rc. The init.rc calls a script which places the su binary and the Superuser.apk into the /system partition.
As always: You are responsible for your Phone! If someone bricks his device using this guide, I am not responsible for that! Bad Luck, I have warned you! Its a dangerous job! You really shouldn't do it.
Howto:
Download the appropriate file for your firmware.
Extract it
There should be 2 Files: AriesVE.ops and FMROOT_?????.smd
Use Odin Multi Downloader
Put "AriesVE.ops" in OPS
Put "FMROOT_?????.smd" in PDA
Flash. Wait 5 Seconds. Phone reboots. Phone is rooted. Normally without loosing data or settings.
Please ask here, if your Firmware is not available. It should be possible to create an appropriate FMROOT Kernel.
Credits:
astuermer for pointing me to the correct su and Superuser binaries.
Chainfire here from XDA Developers. My script is based on the CF-Root
Paul from Madaco. I had a closer look into his "superboot".
Lots and Lots of Custom ROM Developers for i9000 and i9100. I have learned a lot about Android Images on Samsung phones from them.
For the developers: the FMBOOT Script called by init.rc:
Code:
mount -o rw,remount -t ext4 /dev/block/mmcblk0p15 /system
rm /system/xbin/su
rm /system/bin/su
mkdir /system/xbin
cat /fmboot/su > /system/xbin/su
chmod 4755 /system/xbin/su
cat /fmboot/Superuser.apk > /system/app/Superuser.apk
mount -o ro,remount -t ext4 /dev/block/mmcblk0p15 /system
And the calling code inside the init.rc:
Code:
start fmboot
class_start default
## Daemon processes to be run by init.
##
service fmboot /system/bin/sh /fmboot/fmboot.sh
user root
group root
oneshot
If someone is interested, I can post a howto on modifying boot.imgs for SGS Plus. Don't hesitate to ask. BTW, i have also coded a script which is capable of generating SMD archives with any content (not based on a previous SMD archive). I can also post it, if someone is interested.
I think, I will optimize the script in the future. Checking if the phone is already rooted and skip the thing for example. Or adding busybox. Are there any additional ideas?
Thank you very [email protected]@@@ Come on!
THX, THX,..
It works, rooted..!!
I am working on a tool to help make updating or switching ROMs easier. Now, before you say: "Just use Titanium." I am attempting an AiO solution. Anyway, the way it is currently set up is to use an sh script via AROMA to tar a backup. I want the script to be customizable so it calls upon a text file the user can edit, called "keep.txt". This can easily be done using the tar command, however, when I use it and the subsequent sh to restore the files, I get mixed result on full restoration.
Here is an excerpt from the backup script:
Code:
#REMOVE JUNK AND WHITESPACE
sed 's/#.*//' /sdcard/NU/keep.txt > /sdcard/NU/keep-tmp.txt
cat /sdcard/NU/keep-tmp.txt | sed '/^$/d;s/[[:blank:]]//g' > /sdcard/NU/keep-tmp2.txt
#TAR CUSTOM BACKUP
tar -cvpf /sdcard/NU/Backup/Custom.tar -T /sdcard/NU/keep-tmp2.txt
# MOVING TEMP FILES TO LOG FOLDER
mv /sdcard/NU/keep-tmp.txt /sdcard/NU/Logs/keep-tmp.txt
mv /sdcard/NU/keep-tmp2.txt /sdcard/NU/Logs/keep-tmp2.txt
The first line removes all commented lines while the second removes all whitespace to allow for a cleaner input.
The second line should tar the backup appropriately keeping permissions intact (if I'm not mistaken).
The file chunk is for cleanup. Should also be noted that all folders are made at the start of install by another sh file.
An example of keep.txt can be found here: keep.txt
Here is an excerpt from the restore script:
Code:
# DELETE OG FILES
for f in $(cat /sdcard/NU/Logs/keep-tmp2.txt) ; do
rm -r $f*
rm -f $f
done
# RESTORE
tar -xvpf /sdcard/NU/Backup/Custom.tar
I've recently begun erasing the existing folders just in case... But this does not solve my problem.
The second chunk obviously restores the files.
It has had some success, but it is hit and miss. I don't want to release it and have people losing precious data.
Any input is welcome! Thanks for reading! :highfive:
Hi guys,
I'm trying to make some changes to an android box firmware. Ultimately what I'm trying to do is extract some files from a tar.gz into a folder on the root.
I have got as far as creating the directory on the root, and having a shell script run that extracts the files to the root folder. Problem is, the files aren't appearing in my folder.
This is what I've done so far:
1. Extracted the boot image in the firmware to edit "init.rc". I've made the changes so I can make my "test" folder with 777 permissions.
In the "on init" section of init.rc I have this:
Code:
mkdir /test 777
2. I've created the following script (test.h) that runs from init.amlogic.board.rc
Code:
#!/system/bin/sh
MARK=/data/local/test
if [ ! -e $MARK ]; then
echo "test script"
busybox tar -zxf /system/test.tar.gz -C /test/
touch $MARK
echo "OK, installation complete."
fi
This is the code in the init.amlogic.board.rc
Code:
service test_copy /system/bin/test.sh
user root
group root
disabled
oneshot
on property:sys.boot_completed=1
start test_copy
Once the box has booted I can see the "test_copy" file but the tar.gz files are not in my root folder.
The last thing I need is the files from the tar.gz to be 777 permissions.
Obviously I'm a complete noob at this, hope that makes sense and someone can help?
This is a quick guide for disabling selinux to allow installation of Xposed framework on OsygenOS 2.2.x. Tested on my OPT.
This means changing the boot partition settings to allow permissive selinux and re-writing it.
It could work theoretically on any other Lollipops, perhaps Marshmallow, however... needs to be tested.
The red disclaimer: you perform all these changes at your own risk!
My current configuration:
- OxygenOS 2.2.1 (rooted, BETA-SuperSU-v2.67-20160121175247, Boeffla-Kernel 1.1-beta11)
- xposed-v80-sdk22-arm64
- mkbootimg-tools
Steps
You can use adb shell from a prompt (windows is quite ugly though).
For windows I recommend Puttytray (https://puttytray.goeswhere.com/) and connect using adb.
For future ROM updated, assuming you keep patch.sh, just use the terminal embedded in TWRP to run it right from the phone, generate the new boot image and apply it again.
Reboot in recovery (I use TWRP 3.0.0-2)
Make sure /system partition is mounted
Code:
mount /system
unzip mkbootimg_tools-master.zip
cd mkbootimg_tools-master/ARM
Create the patch.sh script (the wrapper for the mkbooting tools)
Code:
vi patch.sh
paste the contents of the attached script:
Code:
#!/system/bin/sh
############################################
# Script to alter the boot image and set selinux=permissive
# WARNING! use this at our own risk, I am not responsible for bricking your phone by corrupting the boot partition
# Tested on OxygenOS 2.1.1, 2.2.0, 2.2.1 (Lollipop 5.1.1)
#
# v1.0.2015-12-30
# Author: cr1cr1
############################################
# Mount /system partition rw, if not already mounted
mount -o rw /system 2>/dev/null
# Set some variables
ORIBOOT=ori-boot.img
PATCHEDBOOT=../new-boot.img
OUTDIR=boot~tmp
# Get the actual boot block partition
BOOTPART=`busybox readlink -f /dev/block/platform/*/by-name/boot`
if [ ! -r $BOOTPART ]; then
echo "Boot partition not found at: $BOOTPART!"
exit 1
fi
echo "Using boot partition: $BOOTPART"
# Copy the boot partition
set -x
busybox dd if=$BOOTPART of=$ORIBOOT
set +x
RETCODE=$?
if [ $RETCODE -ne 0 ]; then
echo "Failed to copy boot part using DD utility, retcode=$RETCODE"
exit $RETCODE
fi
# Unpack the boot image
set -x
./mkboot $ORIBOOT $OUTDIR
set +x
RETCODE=$?
if [ $RETCODE -ne 0 ]; then
echo "Failed to run mkboot utility, retcode=$RETCODE"
exit $RETCODE
fi
if [ ! -w $OUTDIR/img_info ]; then
echo "$OUTDIR/img_info is not writable, exiting!"
exit 1
fi
# Change the kernel command line parameters
if [ "$(busybox grep selinux $OUTDIR/img_info)" == "" ]; then
set -vx
busybox sed -i "s/cmd_line\='/cmd_line\='androidboot.selinux=permissive /" $OUTDIR/img_info
set +vx
else
set -vx
busybox sed -Ei 's/\.selinux=[^ '\'']+/.selinux=permssive/' $OUTDIR/img_info
set +vx
fi
# Repack the boot image
set -x
./mkboot $OUTDIR $PATCHEDBOOT
set +x
Set the execute permission
Code:
chmod +x patch.sh
Execute the script to patch the boot image
Code:
./patch.sh
You should now have a patched and repacked image:
new-boot.img
Install the new boot image using twrp:
- press install
- press "Install Image"
- select new-boot.img
- Select the partition "boot"
Apparently there is a need to also explicitly disable selinux on startup as well.
For this, yet another script must be used:
Code:
vi /system/etc/init.d/08customscript
Paste the following:
Code:
#!/system/bin/sh
mount -o remount,rw /system
/system/xbin/su 0 setenforce 0
echo "0" > /sys/fs/selinux/enforce
mount -o remount,ro /system
Set the appropriate permissions
Code:
chmod u=rwx,go=r /system/etc/init.d/08customscript
There isn't a plugin for kernel adiutor that does the same?
Enviado desde mi ONE A2003
Zalpa said:
There isn't a plugin for kernel adiutor that does the same?
Enviado desde mi ONE A2003
Click to expand...
Click to collapse
Probably, I have seen last night with Boeffla's kernel editor you have the option to disable Selinux.
However, this will NOT work unless you change the boot image as well.
cr1cr1 said:
Probably, I have seen last night with Boeffla's kernel editor you have the option to disable Selinux.
However, this will NOT work unless you change the boot image as well.
Click to expand...
Click to collapse
Thanks
Enviado desde mi ONE A2003