Better Mobile App

[Q] Noob questions from a linux geek

Hello,
I like to think i'm pretty good with linux, but i'm new to android, so please bear with me.
I have rooted the phone, and I've been poking around a bit and some questions arises:
1. In the root, i found several init.*rc files, which one is used for booting the phone?
2. usbd - this daemon seems to control the USB state (mass storage, pc mode, cdrom) - Is there some documentation for how to control this? I'd like to put some ISOs on my sdcard and use the phone to emulate a cdrom, and I think this would be possible through this.
It opens the socket /dev/socket/usbd, so I assume it will be controlled through this.
When i have time I'll poke more, but its useless if someone else already looked at this.
3. Is there a way to boot the phone into a debug state? I'd like to replace the /osh filesystem, but in order to unmount it I think I need to enter some kind of debug mode/single user mode?
4. Do we have the source code for the kernel with all the TI goodness? And is there a way of updating this?
Other than this I have some issues with sound my heavily modified webtop, alsa is the way to go, right?
Hopefully I'll get this sorted out and I'll be able to enjoy full debian on the webtop and in the terminal.

OMG, I have absolutely no answers for you, but I hope SOMEONE does, cause I wanna see more from this! You pose some great questions/possibilities! Being only a dabbler in Linux makes me useless, but I understand what you're looking for, and I wannit too!
\\Carved into this thread by my RAZR//
http://android-gz.com

I am not a Android developer, but, I like to treat Android as one of the GNU/Linux environment.
Usually, I always starts with dmesg. There are lot's of hints and pointers about the hardware itself.
Snippet from dmesg.
Code:
<5>[ 0.000000] Kernel command line: console=/dev/null rw [email protected] vram=20M omapgpu.vram=0:4M,1:16M,2:16MT init=/init ip=off mmcparts=mmcblk1:p7(pds),p8(utags),p14(boot),p15(recovery),p16(cdrom),p17(misc),p18(cid),p19(kpanic),p20(system),p21(cache),p22(preinstall),p23(webtop),p24(userdata),p25(emstorage) mot_sst=1
From the kernel boot parameters, you can see how Linux kernel allocates the MTD blocks.
2) I also like to 'browse' the filesystem...
Code:
PC$ adb shell
Android$ su
Android# ls -l -R / > /sdcard/lists.txt
Android# exit
Android$ exit
PC$ adb pull /sdcard/lists.txt
Look at tools/utilities in /system/bin or /system/xbin ...
For alsa, try look in /osh/usr/share/alsa ... it may have something useful for you.
Sorry, I cannot answer all of your questions, but, hope the my tips can help you to explore more about Android OS.
To know more about your device, this one might be a good starter...
Code:
PC$ adb bugreport
Anyway good luck.
Thank you.

[TUT]Report a bug

Posted it here as this section gets the most views. If needed tom will move it to the rightful section.
There has been a lot of disappointing posts all over the forum with people complaining about bugs, while not providing any kind of information for the developers aside from "X doesn't work" or "I get random reboots".
Well, without the proper knowledge, how are we going to fix it? We don't know what kernel you may be running, what version number you're on, or any information that the system spits out to let you know there's an error. So, I decided to start this thread, to hopefully teach newbies how to give us (developers) proper knowledge when complaining about issues.
This thread will have 3 sections, Logcat (App / system debug log.), Dmesg (active kernel output) and last_ksmg (Typically if you get a random reboot or something of that sort {this is the same as dmesg except it gets the info from the last shutdown [like a kernel panic]})
Section 1: Logcat This log should almost always be included just because it provides more info than just saying something doesn't work. It will essentially tell you which apps are crashing and why and it also gives output of what they're doing. (Your system is running through apps, the dialer, wireless radio's, etc are all ran through apps.) so, if something is general, like a system force close, please just include a logcat.
How to get a logcat: Well, this is REALLY simple, all you need to do is just get adb up and running (google how to do that, I don't feel like writing a 'how to use adb' tutorial for everyone's phone.) and then type
Code:
adb logcat
then you just right click, select, and paste to the thread. It's really that simple!
For more info, check out my logcat guide here.
Section 2: Dmesg
This is getting into issues such as wifi not working, sleep of death, etc. Basically, things that make us go "OH F***" when we use our devices. Note: You will need adb access for this to work, same as logcat. What this will do is get us live kernel output so we can know things like "What driver is the kernel loading {or not loading for that matter}" and similar things. This is linux, so kernel output is important if a hardware aspect isn't working right. How to get a dmesg: This is simple as well, no matter what operating system you're on (mac, windows, linux) just type
Code:
adb shell dmesg > dmesg.txt
and then it will have written the output to a .txt file in your current directory. Either paste the contents to the thread, or attach it to your post. You can also get the dmesg by using terminal emulator. Instead though, you dont type adb shell, you need to also include it to somewhere you will be able to save it. Like /sdcard so, the command goes
Code:
dmesg > /sdcard/dmesg.txt
Just get it off your sdcard and get the contents to the developer!
Section 3: last_kmsg Ok, the last thing is last_kmsg. When android kernels crash, they write the log to last_kmsg so then you can find out what's going on. This is usually for issues such as random reboots and other various kernel panic symptoms. A kernel panic happens when the kernel tries to do something it can't. It doesn't mean wrong permissions, it could just have errored out on something and died which can cause a few things. Anyway, developers REALLY need this if debugging a kernel because it gives us a viable way to see WHAT it's trying to do instead of trying to guess what it is trying to do How to get a last_kmsg: This is super simple and the same on all phones no matter what, what you need is adb up and running (or terminal emulator) and either in adb shell, or terminal emulator just type
Code:
cat /proc/last_kmsg > /sdcard/last_kmsg.txt
or you can do
Code:
adb shell cat /proc/last_kmsg > kmsg.txt
and that will write it to your current working directory from cmd.
Hopefully, this way we developers can have our lives be a little bit easier and you can learn more about android.
Taken from here. All due credits to him. I just edited a little part.
___________XDA Premium__________
Don't be a noob. Be a newbie..!!
Details here.
____________________________________

Nice.

i will add this in my developer 101 thread in next update...thanx

Xenon X said:
i will add this in my developer 101 thread in next update...thanx
Click to expand...
Click to collapse
Sure.
___________XDA Premium__________
Don't be a noob. Be a newbie..!!
Details here.
____________________________________

Nice tutorial :good:

Nice guide:good:

download error
when i press download rom.it doesn't download
it shows this error report when i trying to download rom
"Unable to resolve domain name
Please make sure:
- You are connected to the Internet.
- Your DNS server settings are correct.
Error code 105 (net::ERR_NAME_NOT_RESOLVED)"
please help me

[Q] Is possible to root jelly bean?

I have just updated my Prime and I did not have rooted it with ICS. Is possible to root JB without previous rooting?

No. You must back up root using OTA Rootkeeper in order to regain root in JB. There is no known exploit for JB yet.

without restoring root with ota rootkeeper, try http://matthill.eu/mobile/root-trans...lybean-update/ and follow the instructions, follow the links for the files you need

tonesy said:
without restoring root with ota rootkeeper, try http://matthill.eu/mobile/root-trans...lybean-update/ and follow the instructions, follow the links for the files you need
Click to expand...
Click to collapse
lol, must be a joke.... dead link.
I have been actively pursuing this. Without bootloader unlock i dont beleive so.

If you Unlock the Bootloader or already have an Unlocked Bootloader, you can get root.
I haven't seen any exploits posted for the Prime in JB yet, so this may be your only way for now.

hx4700 Killer said:
lol, must be a joke.... dead link.
I have been actively pursuing this. Without bootloader unlock i dont beleive so.
Click to expand...
Click to collapse
He posted a bad link but doesnt work if you have no root access at all. This is just a "regain root if you have partial root" guide:
http://matthill.eu/?s=jelly+bean

Thread moved
Thread moved. This is clearly belonging into Q&A. Please post in correct Sub-Forum.
peace
jotha - forum moderator

Does any one know if one person with development capabilty is trying to find a way to root JB ?

I talked to bin4ry about his root method in hopes of working with him on modifications for the prime but he is telling me his mod is making the change he is exploiting according to what I am seeing but possibly ASUS disabled the emulator mode in this version of the OS. This is what would give you root access via ADB so changes can be made.
I couldnt get out of him what exactly his "restore timing exploit" is but I understand everthing after that
Outside of anything coming up I would say if you must have it now and don't mind voiding your warranty then use the unlocker tool and follow one of many guides on here to do it from an unlocked device.

Perhaps we can turn this thread into, or possibly start a new one about the different things people(devs and/or the technically savy) are finding in the quest for an exploit...
We could start with a list of what is known. Of particular interest would be the differences between the complete stock (me btw), was rooted but lost it, was rooted and kept it, and of course anybody who has managed to root it by messing around but not taken notes along the way.
here's what I have found.
from the PC, creating an adb shell allows me to ls /data/local/tmp/ but from a tablet's terminal emulator (shell?) I cant.
Typing id from both it becomes obvious why
From adb shell I get
Code:
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009
(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt)
,3003(inet),3006(net_bw_stats)
from the tablet I get
Code:
uid=10126(u0_a126) gid=10126(u0_a126) groups=1015(sdcard_rw), 1028(sdcard_r),
3003(inet)
I was getting excited last night (burnt the midnight oil) trying what I thought might be a possible exploit with an android supplied command called "run-as". Its limitaions became obvious when I looked at the source code for it. You need an application pakage that is debugable and it cd's to its directory to run the command and a bunch of other things, so I compiled it on C4droid using just the main functions setresuid() and setresgid() but they both failed no matter what value was plugged into them based on UID and GID found here
http://forum.xda-developers.com/showthread.php?t=442557
I have yet to exhaust this avenue. I might be able to create an empty package and sign it as a system app, make it debugable and see what that yeilds but its looking like a convoluted process, espicially considering that run as may not work as intended on prime's JB
PS I want to state that I know precious little about linux and even less about the android layer above it...

Just as an FYI the way bin4rys tool is supposed to work is an exploit in which it makes a symlink to /data/local.prop and injects ro.kernel.qemu=1 in to local.prop then reboots.
This is supposed to put the device in emulator mode and when you connect with adb shell you get a root shell prompt. All the rest is fairly straightforward/standard. Remount file system as RW, install SU and superuser.apk with their permissions set properly in the proper places then break the symlink to local.prop and reboot.
What would help a lot is if someone who is already rooted can make the attempt, set qemu = 1 in the relinked local.prop then adb shell connect to see if you get a root prompt. Trying to confirm that emulator mode is enabled and you get root access as shell to see if this is even worth pursuing.
I would just use the unlocker tool but I am 2 weeks in to ownership of a new unit.

yes I have seen that typing adb root gives the message
Code:
adbd cannot run as root in production builds
it would indeed be interesting to see if changing "qemu" flags it as a non-production build. My sgs is rooted with CM10 nightlies might try toggling the value on that and see what adb says

Run-as
abazz said:
I was getting excited last night (burnt the midnight oil) trying what I thought might be a possible exploit with an android supplied command called "run-as". Its limitaions became obvious when I looked at the source code for it. You need an application pakage that is debugable and it cd's to its directory to run the command and a bunch of other things, so I compiled it on C4droid using just the main functions setresuid() and setresgid() but they both failed no matter what value was plugged into them based on UID and GID found here
http://forum.xda-developers.com/showthread.php?t=442557
Click to expand...
Click to collapse
Yes. I noticed the permissions on that file as well. I'm not an android person, so I don't know how that end works, but the permissions do look correct (setuid root, and runnable as group shell [which we get via adb, but not locally on terminal].
Based on the little bit that I have read, it seems that it may be getting the permissions assigned to the apk and running the command line with those permissions.
If that is correct, then running it via something with c4droid probably won't work, as it's permissions are whatever group it (c4droid?) was assigned at install.
So, how do does one / can one specify that the package is supposed to be root (uid 0). I'd guess (from a standard UNIX security perspective) that you can't just push arbitrary apps to the machine with 'run me as root' permissions. Otherwise, this would be a completely non-issue. But, is there a package which is pre-installed that we can exploit the permissions of to do this? I don't know yet.
Also, if my readings / assumptions were correct above, we probably don't want to do a setreuid(), but rather call bash/busybox as the 'command' issued in the name of the apk (since it would then run as root, or the uid of the package). Either that, or a system command(s) to chown/chmod the su binary that we can upload via adb (but which comes in as shell.shell).
Did you find the source for run-as somewhere? It would be interesting to look at to see if such a thing is possible. Failing that, it would be interesting to see if there were any sorts of buffer overflows that could be run against it. I've never tried such on arm7, but I've done it under UNIX on x86 and Sparc.
Thanks
Schemm

elschemm said:
Yes. I noticed the permissions on that file as well. I'm not an android person, so I don't know how that end works, but the permissions do look correct (setuid root, and runnable as group shell [which we get via adb, but not locally on terminal].
Based on the little bit that I have read, it seems that it may be getting the permissions assigned to the apk and running the command line with those permissions.
If that is correct, then running it via something with c4droid probably won't work, as it's permissions are whatever group it (c4droid?) was assigned at install.
Click to expand...
Click to collapse
Yes you are correct. setresuid() function will not give you permissions greater than the process its running in
So, how do does one / can one specify that the package is supposed to be root (uid 0). I'd guess (from a standard UNIX security perspective) that you can't just push arbitrary apps to the machine with 'run me as root' permissions. Otherwise, this would be a completely non-issue. But, is there a package which is pre-installed that we can exploit the permissions of to do this? I don't know yet.
Click to expand...
Click to collapse
Its worse than that, the package also has to be debuggable
There is some info out there on how to sing a package with the appropriate system permissions so it would be interesting to actually do this and see what, if anything can be done.
I downloaded the asus unlock package and passed it through the apk tool to see what it does, as it obviously would need root access. As root access is all i require the code it shows is irrelevant really, its the fact that it gains root access with its signature and also the uid that is set in the manifest android.sharedUserID="adroid.uid.system". This and, most importantly android.permission.MOUNT_UNMOUNT_FILESYSTEMS. WIthoput these things we cant change anything in the directories we need
Also, if my readings / assumptions were correct above, we probably don't want to do a setreuid(), but rather call bash/busybox as the 'command' issued in the name of the apk (since it would then run as root, or the uid of the package). Either that, or a system command(s) to chown/chmod the su binary that we can upload via adb (but which comes in as shell.shell).
Click to expand...
Click to collapse
Yes thats what we would do from the run-as command. What I was attempting to see was if I could get a root uid by creating a c program that uses the setresuid() function call thereby bypassing the need to have an appropriate package installed. As it didn't work I'm having dounts whether it would work even if the right package was there. run-as did make reference to package.h which I haven't looked at, so unless there are some system parameters that package.c extracts from the apk I dont really see how this will work...
Did you find the source for run-as somewhere? It would be interesting to look at to see if such a thing is possible. Failing that, it would be interesting to see if there were any sorts of buffer overflows that could be run against it. I've never tried such on arm7, but I've done it under UNIX on x86 and Sparc.
Thanks
Schemm
Click to expand...
Click to collapse
Yeah found the source here
I also searched for linux exploits, there are massive lists of them, most of them patched by now but I assume the linux base in JB would be somewhat different to whats getting around on X86 systems
On anather note I have tried bin4ry's "root many" method , using the restore timing exploit but had no luck.
HX... I looked through the scripts and all the misc files in bin4ry's zip package and could not find anything remotely indicating an injection of the qemu value. It make a symbolic link to the build.prop in com.android.settings...../file99, which was succesfull after pressing restore but thats about it. perhaps I should fire up ubuntu and try the linux script instead of the windows .bat file

Interestingly, this guys root method for the Razr M makes use of Run-as if you look at the batch file.
He is essentially doing a "fake package" install then runs an exe that is some sort of exploit. Finally he uses run-as against what I have to assume is the bug report feature of the droid and asks you to trigger a bug report with a button sequence.
So it seems he is getting something that has root privileges (bug report) to do something that grants SU and also implimenting run-as
http://forum.xda-developers.com/showthread.php?p=32889627#post32889627

I fear that remained a few developers interested in finding a way to root transformer prime with jelly bean, because all of them had tablet already rooted with ics and managed in mantaining rooting across upgrade.

[GUIDE/INFO] Obtaining Logs for our Beloved Developers

Our developers are hard workers and when one of us finds a problem with a ROM or kernel it is difficult to troubleshoot without some type of log. Since the developers spend a lot of their free time creating things for us to make our phone more enjoyable the least we could do is provide something useful to them to assist in the development of their creations.
Most of you here already know how to get logs, but for those who don't or are rusty at it here are links with useful information and apps to assist in obtaining a log. Also, .torrented provided the basic commands if you're okay using adb.
So let's give back to our developers by giving them logs which are vital for development.
All-in-one logger for use in Windows
http://forum.xda-developers.com/showthread.php?t=1944776
Another logcat tool for use in Windows
http://forum.xda-developers.com/showthread.php?p=28193613#post28193613
Lumberjack- apk for obtaining logs while in android
https://play.google.com/store/apps/details?id=net.solarnz.apps.lumberjack
Universal how to get and read logcat
http://forum.xda-developers.com/showthread.php?t=2274119
There are three types of logs that are used most often: logcat, dmesg, and last_kmsg. Here is an explanation of what they are and what they're useful for
Indirect said:
Alright guys, I was on an irc channel when I considered posting this since it's rather important. There has been a lot of disappointing posts all over the forum with people complaining about bugs, while not providing any kind of information for the developers aside from "X doesn't work" or "I get random reboots".
Well, without the proper knowledge, how are we going to fix it? We don't know what kernel you may be running, what version number you're on, or any information that the system spits out to let you know there's an error. So, I decided to start this thread, to hopefully teach newbies how to give us (developers) proper knowledge when complaining about issues.
This thread will have 3 sections, Logcat (App / system debug log.), Dmesg (active kernel output) and last_ksmg (Typically if you get a random reboot or something of that sort {this is the same as dmesg except it gets the info from the last shutdown [like a kernel panic]})
Section 1: Logcat
This log should almost always be included just because it provides more info than just saying something doesn't work. It will essentially tell you which apps are crashing and why and it also gives output of what they're doing. (Your system is running through apps, the dialer, wireless radio's, etc are all ran through apps.) so, if something is general, like a system force close, please just include a logcat.
How to get a logcat:
Well, this is REALLY simple, all you need to do is just get adb up and running (google how to do that, I don't feel like writing a 'how to use adb' tutorial for everyone's phone.) and then type
Code:
adb logcat
then you just right click, select, and paste to the thread. It's really that simple!
Section 2: Dmesg
This is getting into issues such as wifi not working, sleep of death, etc. Basically, things that make us go "OH F***" when we use our devices. Note: You will need adb access for this to work, same as logcat.
What this will do is get us live kernel output so we can know things like "What driver is the kernel loading {or not loading for that matter}" and similar things. This is linux, so kernel output is important if a hardware aspect isn't working right.
How to get a dmesg:
This is simple as well, no matter what operating system you're on (mac, windows, linux) just type
Code:
adb shell dmesg > dmesg.txt
and then it will have written the output to a .txt file in your current directory. Either paste the contents to the thread, or attach it to your post.
You can also get the dmesg by using terminal emulator. Instead though, you dont type adb shell, you need to also include it to somewhere you will be able to save it. Like /sdcard so, the command goes
Code:
dmesg > /sdcard/dmesg.txt
Just get it off your sdcard and get the contents to the developer!
Section 3: last_kmsg
Ok, the last thing is last_kmsg. When android kernels crash, they right to last_kmsg so then you can find out what's going on. This is usually for issues such as random reboots and other various kernel panic symptoms. A kernel panic happens when the kernel tries to do something it can't. It doesn't mean wrong permissions, it could just have errored out on something and died which can cause a few things. Anyway, developers REALLY need this if debugging a kernel because it gives us a viable way to see WHAT it's trying to do instead of trying to guess what it is trying to do
How to get a last_kmsg:
This is super simple and the same on all phones no matter what, what you need is adb up and running (or terminal emulator) and either in adb shell, or terminal emulator just type
Code:
cat /proc/last_kmsg > /sdcard/last_kmsg.txt
or you can do
Code:
adb shell cat /proc/last_kmsg > kmsg.txt
and that will write it to your current working directory from cmd.
Hopefully, this way we developers can have our lives be a little bit easier and you can learn more about android.
I'm glad to have written this and devs, feel free to link to this guide as a "bug reporting FAQ"
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?p=23036410

@orangechoochoo, any urge to update the title and the content to provide information about getting dmesg output and last_kmsg?

Once your android device is plugged into your machine, enable Android Debugging in the Developer Options! (this has to be enabled)
If you do not have ADB installed go find a tutorial and install it! (this is a must)
Very simple command, what this does is it will start ADB and output the text into a text file called logcat.txt, once you are done re-creating the error/FC/whatever take that file and upload the contents to a paste site such as https://www.pastebin.com
It's free and you do not need to sign up to create a paste!
logcat via ADB!
Nix:
Code:
[email protected]:~$ adb logcat > logcat.txt
Windows:
Code:
C:\android-tools> adb logcat > logcat.txt
last_kmsg via ADB!
Nix:
Code:
[email protected]:~$ adb pull /proc/last_kmsg
Windows:
Code:
C:\android-tools> adb pull /proc/last_kmsg
dmesg via ADB!
Nix:
Code:
[email protected]:~$ adb shell dmesg > dmesg.txt
Windows:
Code:
C:\android-tools> adb shell dmesg > dmesg.txt

crpalmer said:
@orangechoochoo, any urge to update the title and the content to provide information about getting dmesg output and last_kmsg?
Click to expand...
Click to collapse
I just finished adding more stuff, let me know if you want me to put anything else that will be helpful. The All in One tool looks useful if someone is stuck in the boot animation, and Lumberjack looks useful for obtaining logs while booted in android.

Thanks for the quick links, I'm sure it will help alot of users out. MY question is whether devs want us to filter anyting out, its not too hard to select faults and errors and filter useless info.

This should be pinned.. for sure!

jake.corey.jacobs said:
MY question is whether devs want us to filter anyting out, its not too hard to select faults and errors and filter useless info.
Click to expand...
Click to collapse
That would be nice to know, last night I provided Pio a long a$$ logcat so I feel bad for giving him that extra homework
The ROM was stuck in the boot animation and logcat was spitting out line after line after line so I hit ctlr C to stop it.

Nice guide...

Non-Phone/Tablet Android Inquiry

Hello all,
I did a lot a searching but cant seem to find much in terms of what I am looking for, though who knows maybe I am looking for the wrong thing. If so, hopefully can direct me to the correct place.
So I have a device, lets call it a TV for arguments sake. It runs a manufacturers custom android OS. It uses / runs on nvidia jetson architecture. I have successfully gained access to the device via ADB but when I attempt to get it to go to a bootloader, it doesnt seem to have one? Which I know is wrong from my reading but when I do either of the following two commands: adb reboot bootloader / adb reboot recovery, I result at a blank screen indefinitely.
So the question I have is I must be doing something wrong to be unable to find the bootloader. Is there a place in the file structure I can confirm/look?
End goal: So Id really like this device to run a full android or some type of android where I can utilize typical android apps instaed of the locked down shell of an OS the manufacturer has put on. I am open to this being accomplished in any way really whether, booting from USB to android stored on USB, dual booting (both manufacturers OS and full android being available), wiping current OS and only having android, etc. Open to any options really.
Mainly looking for some guidance on how to figure out what this actually runs and how to replace it/modify it.
Thanks in advance for any pointers!