Is there a way, once rooting is done, and i have customized my phone a bit (a change in one of the config files of linux), to change the user accounts and permissions? To create a new user account and change the user that is used by the phone to be a non-root, non-sudo, standard user. And all apps to use this or another standard user account.
And my app (that i installed after rooting) use another account. Only this account will have permission to read and write my app's directory.
Finally change the root user password, so that others cannot get into it unless they have that password.
So in effect protect my apps directory and allow the phone to work with a non sudo user from then on?
Next time phone re boots it uses another user say A (non sudo); without access to my apps directory. And when my app runs it uses user B (also non sudo) which has access to its dir. Others cannot read or list files in it or change permissions. So in effect my apps directory cannot be read by the user of the phone, in this new set up. I understand there will be ways around this.
But is this possible and how?
Rooted using https://forum.xda-developers.com/android/general/root-samsung-galaxy-on5-t3435457 but i can do systemless root if that is the way.
Phone model : Samsung On 5 Pro SM-G5550FY. Thank you much.
Related
Hi!
Could anyone help steer me towards a solution please?
Or tell me if its impossible (and why).
I am trying to put together a script of some kind which I can use to do a basic rebuild of my Archos 70 after I have done a Full Reinitialization. I like to mess around installing all sorts of stuff, but when done, it's nice to reset and go
back to a clean machine.
As it's not rooted (yet?) I generally rebuild manually which takes ages.
Although a relative newbie at Android/Linux, I have worked with scripting
on mainframes and in the Windoze arena for many years.
The scripting requirement is quite simple, namely to install packages one by one from the SD card. Also to copy back Bookmarks, launcher setting etc
I am happy to work in any language which will work, but to date have just been trying with .SL (Bash?) scripts which run quite happily from within the SL4A environment or according to my theory, should work also from Android natively.
I envisage the script residing on the SD card and when invoked installing my launcher, Dolphin Browser, various other apps and games, then copying back the settings which I have saved (also by script) before the Initialisation.
Trouble is, I can find no simple samples which help. When I try, I can 'cp' stuff about and echo messages etc, but when I try to install, I don't really know where to start. I have tried just the name of the app package
'/sdcard/sdcard/packagename.apk', it replies 'permission denied' and if I try 'sudo package.apk', it says 'not found'.
I am assuming that the 'permission denied' is a good sign because it understands what I'm trying to do at least. But if I am allowed to do it myself, then surely my script should be allowed to do it?
I am quite happy messing around myself. But if anyone has any pointers
(sample scripts, which language/environment to use, etc.) I would be most grateful.
Sorry if this is covered elsewhere. I have searched but was unable to find much which helped. I am continuing the search!
Thanks in anticipation!
1. All normal installed Apps are installed in /data/app as the apk
2. Local/private data comes into /data/data/name.of.the.package
Both directories are ony accessible with root.
Hell again,
Thanks for your reply fzelle, but I'm not sure as to whether I may have explained it properly.
I am running 'Quick System Info' which is great, and it has a function to backup all the installed apps to a directory you can get at without root access. From there I have copied them onto the SD card.
I am not just trying to copy them into the working directory.
If I click on an app, it lets me install it without any problem.
I am trying to automate that part of the process, and I need the name of the software which does the installation, and how to actually give it the parameters for it to do the install. Although a Linux newbie, I don't really understand why, if I am allowed to install apps myself,
a script that I run should not be allowed to install them also?
Anyone got any ideas please?
Oops! - Sorry for that unfortunate typo at the beginning of my last post. Please read as 'Hello'!
No, i didn't understand you wrong.
You want to automate the installation of your std programs, and that normaly doesn't only include the apk but also the private Data.
And if you manually want to install this, you need root to be able to write in /data/data
If you just want to Backup/Install the apps, use appSaver from the market.
That has allready everything you need, and doesn't need root.
fzelle said:
1. All normal installed Apps are installed in /data/app as the apk
2. Local/private data comes into /data/data/name.of.the.package
Both directories are ony accessible with root.
Click to expand...
Click to collapse
Not entirely true.
I have some SSH tunnels set up on my rooted phone that use keys and a shell script to launch them, all set up with Better Terminal Emulator. The key and script files are located under /data/data/com.magicandroidapps.bettertempro/home. I wanted to use the same keys and script on my A70, so I copied the files from my phone to the same directory on my A70 using the terminal command line. Although you can't browse to the app folders under /data/data/, there is some ability to copy stuff into them. I guess the trick is knowing what and to where.
I've not used appsaver, but Astro will also let you back up and reinstall your apps all at once.
hi. i can't believe i'm the first person to ask this but i've searched as best i can through these forums, and on google, and cannot find a definitive answer. there are lots of pages giving high level descriptions of rooting a phone like "gives admin access", "allows access to the root filesystem", etc. but, when you root a phone, what actually happens ? does it simply make the "su" binary available so that apps can call it to access the root user ? eg. i've got a samsung galaxy s2, if i install an insecure kernel, then add su to /system/xbin, and then reinstall a stock kernel, is that technically a rooted phone ? this is actually what i did on my phone, although i installed superuser and busybox from the market after adding su. i am aware that there are various threads in the sgs2 forums on how to root, i'm just using my phone as an example, i'm just trying to understand generically what is meant when someone says a phone has been rooted. cheers.
Full control over your system
Ability to alter system files. You can replace many parts of the "Android Core" with this including:
Themes
Core apps (maps, calendar, clock etc)
Recovery image
Bootloader
Toolbox (linux binary that lets you execute simple linux commands like "ls") can be replaced with Busybox (slightly better option)
Boot images
Add linux binaries
Run special apps that need more control over the system
SuperUser (lets you approve or deny the use of root access to any program)
Task Manager For Root (Lets you kill apps that you otherwise could not kill)
Tether apps (like the one found at [android-wifi-tether.googlecode.com])
<there are more but I cannot think of any right now>
Backup your system
You can make a folder on your sdcard and backup all of your .apk files to your sdcard (helps if an author decides to "upgrade" you to a version that requires you to pay to use the version you just had)
Relocate your (browser/maps/market) cache to your /sdcard
Relocate your installed applications to your /sdcard
Reboot your phone from the terminal app easily (su <enter> reboot <enter>)
Copied and pasted from google... it is your friend.
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Carrot Cruncher said:
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Click to expand...
Click to collapse
Unrooted phone is like logging on as user in a computer. By rooting you have "administrative" rights, just like using sudo command in Ubuntu. Some binaries which are important in gaining administrative rights are installed in the phone.
sent from my nokia 3210
If you come from Windows, you're familiar with the Administrator account. A user that can do everything on the system, as opposed to other users than only have limited privileges. In Linux, that account is called "root". That's all there is to it. It's a user that can do everything on the system.
@Panos_dm: Actually, it's *not* like using sudo. Sudo gives elevated privileges to your existing user account, whereas "root" is a whole separate account.
Nope, sudo actually switches users
i'm a linux user and have been a linux admin in the past so understand the difference between su and sudo. sorry to sound pedantic but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
It opens your phone to a whole new array of possibilities.
Sent from my HTC Sensation 4G using xda premium
Carrot Cruncher said:
but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
Click to expand...
Click to collapse
In a gist? The "su" binary and the Superuser.apk app get installed. Sometimes doing so requires exploiting a vulnerability via a trigger. Rageagainstthecage is a common trigger. I once had a link that explained what exactly rageagainstthecage does, but I don't have it anymore.
If you really want to know all the details, here's the script I used to root my Defy: http://pastebin.com/G3m9v4FQ
Hmm, I see the script contains a link to the explanation of what rageagainstthecage does. Cool.
many thanks for confirming my understanding of the process.
Problem:
I'm an app developer. I have one app that let's you lock the device using Device Administration. One of my users had some conflicts with my app and another. He then removed Device Administration and uninstalled my app, rebooted his phone, and now he cannot access his phone.
He of course cannot use my app to change the password now (since it's uninstalled).
His phone is stock 2.2 LG Optimus V, Virgin Mobile, Rooted.
Question:
I'm needing to find a way that my user can now change his lock code.
I need:
1.) to know an internal class (from com.android.internal) that I could use within an app to change the lock code (just like the system settings do).
OR
2.) to know a command I can use with adb shell to remove or change the phone lock code.
OR
3.) to know the location of the file that stores the lock code information.
Any help is greatly appreciated.
I did actually manage to rewrite a couple pieces of my app, install with adb install, then start it with adb shell am start, and re-enable device admin. So I was able to make it work.
This also worked when my user tried it. Problem Solved.
Noob question.
What is the actual password to su on various smartphone models, say Galaxy S5 or LG L3?
Is it a fixed character string or a formula based upon some hw specific like MAC ID?
Why don't vendors and network providers verify certain apps for su and give those sw vendors their devices' root password, or is it done that way now?
OK found the following on the web.
root in Linux (or any Unix-like system) is just the user with User ID 0. The su program (which actually stands for "Switch User", not "Super User") is just a program to start another program with a different user ID than the starting program (by default to uid 0, which is to user root). Android does not use the traditional /etc/passwd, however it still uses Linux User ID and Group ID for managing permissions.
If you want to intercept su requests so you can ask for password or enforce other rules, you will need to replace /sbin/su with your own version of su. Alternative approach is the one described here:
http://www.koushikdutta.com/2008/11/fixing-su-security-hole-on-modified.html
though that will require applications to cooperate by firing an Intent when they want to switch user.
Android security framework is more or less like this: each installed application runs on its own User ID (selected at installation time), and application permissions is implemented as user groups.
Can i change the root password after rooting my android device by simply typing "passwd"?
Android does not use /etc/passwd so it also does not have*passwd*program.
how is the rooting process working ? i mean what is the "one click root" apps doing to my phone?
I'm not quire sure with the exact process myself, you probably want to ask to rooting developers. However, my guess is it just reverts the security check that originally prevent developer from setuid 0.
End of paste.
So the above is saying there are no passwords in Android. To give an app or file root privilege you must change the app's user id that runs it or users id of the user who created the file to 0 (zero).
Therefore giving root privilege to an app on Android is a su app that changes the user id to 0 of the app you want to give root privilege to.
So why don't hw vendors and network providers who provide the Android ROM include a special su app that checks (look up in a file) whether app is OK for root and then grants it ?
I have a rooted Nexus 9 for which I'd like to disable new user account creation (both full access users and guest users). This is prompted by the fact that I cannot figure out how to restore either adb or Titanium app data backups to a non-primary user.
The google led me to an archived thread on disabling new user creation on 5.X lollipop.
On my Nexus 9, running 6.0.1, I can't find the settings.db database that holds the setting to disable guest account creation. I first used adb shell commands and then ES File Explorer to locate the db file, without any success. Any ideas what I'm doing wrong, or is the settings.db no longer stored there?
I also searched reference materials at http://developer.android.com/ for "guest_user_enabled" and didn't find any indication that it had moved.
If there is a better place for this thread, please let me know and/or move it.