Hello all, I got my Amazfit Pace a few days ago and the first thing that I wanted to do after flashing PACEified was get proper on-device root, as you know right now PACEified comes with adb root shell so we can modify the watch however we want from and adb shell but that means we're always dependent on another device for doing so, apps on the watch have no way of getting root access.
I am actually amazed that no one else even seemed to have any interest in achieving this as it was somewhat easy for me to figure it out and now I'm sharing it with y'all.
Requirements: being on a ROM that has adb root (ex: PACEified) or ability to boot the temproot kernel.
WARNING: If the stock kernel has dm-verity the temproot then install SuperSU method will lead to the device refusing to boot, I do not know whether it does or not.
Disclaimer: I am in no way responsible for any damage this can or will cause to your watch and/or phone, you are the only one responsible for your own actions.
Anyway here's the steps to getting SuperSU 2.79 fully working on your watch:
Download the attached zip file.
Copy the zip file to the watch.
Open a terminal/cmd/powershell in the folder where your adb binary is located.
Run the following commands in order:
Code:
adb root
Code:
adb remount
Code:
adb shell
Now you are running shell commands on the watch itself so do:
Code:
busybox unzip /sdcard/SuperSU-2.79-amazfit.zip
Code:
cd /sdcard/supersu/
Code:
sh root_amazfit.sh
Done, reboot and enjoy!
I hope this helps others as it did help me and I do hope I didn't make any mistake.
Credits:
Chainfire for SuperSU
Neuer_User for PACEified
KevinX8 for the SuperSU 2.79 zip for Android Wear (I used that one cause it already is setup to allow all by default)
Everyone else that I can't remember right now
List of useful root apps for the Amazfit:
MiXplorer-useful file manager with addons and root file management options: https://forum.xda-developers.com/showthread.php?t=1523691
Kernel Adiutor 4 Wear-very popular kernel options management app, won't give too many options since the stock kernel is actually quite limited but still allows tweaking a few things like changing the schedulers and their options, enabling init.d and other such stuff: https://forum.xda-developers.com/android-wear/development/app-kernel-audiutor-4-wear-t3126122 (I only tested this version but the latest normal Kernel Adiutor version might also work perfectly since the interface seems pretty friendly with low resolutions)
Advanced Settings for Watch-provides a plethora of options like Bluetooth and WiFi settings management, reboot menu and most importantly PACKAGE MANAGEMENT and by that I mean it doesn't just have the normal app settings menu that allows you to clear data/cache, force stop or disable/uninstall apps but ALSO INCLUDES A PACKAGE INSTALLER for installing apks straight on the watch: https://play.google.com/store/apps/details?id=com.sssemil.advancedsettings&hl=en (get the wear apk from inside the main apk, it is located in /res/raw just open the phone apk as an archive also WARNING: many menus/options make it crash cause this is not Android Wear)
Another one.
Wich are the benefits of doing that?
jmpcarceles said:
Wich are the benefits of doing that?
Click to expand...
Click to collapse
Same as on any other rooted Android device.
A few apps I have on the watch that use root are:
MiXplorer-file manager
Kernel Adiutor-can improve battery life/performance by messing around with it a bit
Root Essentials (the wear part sent from inside the phone apk)-it's great for uninstalling apps and such
Hello. Stock ROMs can boot "temproot kernel"? Could you please like to where it's explained? Thanks.
Ranomez said:
Same as on any other rooted Android device.
A few apps I have on the watch that use root are:
MiXplorer-file manager
Kernel Adiutor-can improve battery life/performance by messing around with it a bit
Root Essentials (the wear part sent from inside the phone apk)-it's great for uninstalling apps and such
Click to expand...
Click to collapse
Nice.
MiXplorer is my mobile favourite Android explorer.
I don't know the other apps, i must learn about it.
Any suggestions about them, Kernel auditor seems very interesting. I have very much problems with my Amazfit battery, last month suddenly i don't get more than 2 days of autonomy
Thx.
lfom said:
Hello. Stock ROMs can boot "temproot kernel"? Could you please like to where it's explained? Thanks.
Click to expand...
Click to collapse
Stock ROM can boot temproot kernel only if old enough version to not have the bootloader locked OR you unlocked the bootloader after, to get the temproot kernel go to the PACEified thread and read the install instructions, it has you booting the temproot kernel on order to flash it and it might be possible to just boot it, root and reboot but I am not entirely sure, if the Amazfit has dm-verity it will refuse to boot after altering the system, I actually didn't think about that when I wrote this guide cause it was 5AM so would recommend flashing a custom ROM.
@Neuer_User does the Amazfit have dm-verity?
Also would you consider adding SuperSU to PACEified in the future?
Double post cause mobile XDA is messed up, delete.
jmpcarceles said:
Nice.
MiXplorer is my mobile favourite Android explorer.
I don't know the other apps, i must learn about it.
Any suggestions about them, Kernel auditor seems very interesting. I have very much problems with my Amazfit battery, last month suddenly i don't get more than 2 days of autonomy
Thx.
Click to expand...
Click to collapse
To be honest MiXplorer just about works but isn't really 100% usable cause things don't fit on screen, looking for a better root file explorer for the watch.
The stock kernel doesn't really allow you to control much cause the stock kernel doesn't seem to have too many features but can still change governor and a few other stuff and if nothing else it can enable init.d if you don't already have it enabled, I use the Kernel Adiutor 4 Wear version but TBH I think the normal one should be just as usable.
For your battery problem you could try deleting some unneeded apps like the Mi Home or the Chinese radio one (if on Chinese ROM/PACEified) and maybe Greenify will also work but wouldn't really put my bets on it, perhaps try using some battery saving scripts?
Right now I'm looking for an apk installer...I have a solution already but it's probably the worst one possible: a init.d script that checks if there are apps in a folder on the internal storage then installs all of them and deletes the apk files but that means you need to reboot in order to install apps, could make crond run the script every hour or so but that would also not be too convenient so either a script runner or a apk installer would be best.
BTW after uninstalling apps from the watch using a root app you need to crash the launcher or it will still show the icons for the uninstalled apps.
Also I'm working on improving the script to add safety checks (if someone tries to run it without the other files in the same folder right now it would most certainly end up in a mighty bootloop, fortunately a bootloop with adb access so easy to fix but still not great, I made that script in like 5-10 min after I manually did it on my own watch) and add more features like installing a newer busybox version and linking missing applets (unzip for example).
Updated 2nd post with a few useful apps, one of them finally giving us the power to install apps straight on the device, will publish the new version of my script in a few days, have been working on adding A LOT of new features and now I kinda need to concentrate on the project for my Android class for a bit, sorry for the delay.
Ranomez said:
Updated 2nd post with a few useful apps, one of them finally giving us the power to install apps straight on the device, will publish the new version of my script in a few days, have been working on adding A LOT of new features and now I kinda need to concentrate on the project for my Android class for a bit, sorry for the delay.
Click to expand...
Click to collapse
Hi Ranomez,
When do you plan to publish the new script for local root?
Thx in advance.
Merry Xmas.
jmpcarceles said:
Hi Ranomez,
When do you plan to publish the new script for local root?
Thx in advance.
Merry Xmas.
Click to expand...
Click to collapse
Most probably next week, haven't really had time to work on it with the last week of college before the holidays and the fact that I bought Xenoblade Chronicles 2 on launch day and it's been eating most of my free hours, lol, sorry for the delay, anyways the current script still works for simply rooting but will give a no such file or directory error if init.d isn't already enabled, just ignore that.
Thank you @Ranomez
I've just tried your local root using the temproot kernel on the latest stock rom, and it worked great. So, I can say my pace doesn't have dm-verity enabled?
btw, SU was added to Stockfied, Pacefied and Stratosfied, just needs to be enabled.
Related
Coming soon: Full access to the 2.x market.
Progress is being made to bring the new market to the NC (less the FC permissions or APK signature issues.) Check posts towards the end of this thread for more info.
UPDATE - Version 1.1a - 4/27 - NOW WITH MORE ROOT!
I'm happy to announce that I now have a much improved version of apk-enabler all packaged up and ready to install. This version will work much better than the last one, and should provide much better application compatibility.
Version 1.1a:
Major update...
* Added Edify code to clean up old versions before installing or re-installing (either version)
* Updated su (version 2.3.6.1 - thanks dascud)
* Updated and relocated Superuser.apk (now lives in /data/app so updates will not complian about it being a "system application" anymore.)
* Added Zeam 2.9.2 to /data/app
* Added NookColorTools to /data/app
* Added SoftKeys 3.06 to /data/app (in case anyone needs this - some apps don't display the nook status bar properly.)
* Added latest busybox binary to /system/bin
* Added a crapload of symlinks to busybox functions in /system/xbin. Almost everything works now (grep, mount, etc) without having to run through busybox or toolbox. (thanks RileyGrant)
* I have attempted to perma-enable adb by setting the adb_enabled value in /data/data/com.android.providers.settings/databases/settings.db. Unfortunately it appears that this setting is ignored - at least when auto mounting is enabled. See notes below.
Notes:
Now that we have busybox and a current version of su, we now have what resembles a "normal" android shell environment. More apps should work with the updates, and we can now get a shell (then su) via adb. You can also run the Android Termainl app and su from there.
Also, since Zeam and SoftKeys now baked in, the first boot will now ask for your preference of default launchers (Home, SoftKeys, or Zeam.)
To get ADB working, you need to update your drivers, and play with settings in NookColorTools (development section) to enable USB debugging.
I have validated this install via a fresh install and over-top of existing installs. The only requirement is that the Nook has been turned on and registered. You can flash this over older versions, the script cleans up cruft from prior runs before installation.
Original Post:
So I went about fooling around with the stock 1.2 ROM, and like many I was frustrated by the lack of certain apps in the Nook app store. So here's a little work-around until we get a properly rooted solution in place:
What this hack does:
* Updates the SQLite Settings Database (data/data/com.android.providers.settings/databases/settings.db) with a hacked version, enabling the install_non_market_apps and adb_enabled settings.
* Installs a version of "su" in /bin and /xbin.
* Installs busybox to /system/bin and sets symlinks for most shell commands in /system/xbin
* Installs SuperUser.apk, SoftKeys_3.06.apk, NookColorTools_0.2.apk, and zeam-2.9.2.apk to /data/app (you may uninstall any of these if you wish.)
* With these in place, the stock browser (and other Market apps) are fully capable of downloading, launching, and installing .apk files of your choosing.
Is this safe? What if I brick my Nook?
The Nook Color bootloader will boot anything you throw at it. There are no signature checks anywhere, and even their own code is signed using test keys. If you get a bad flash or whatever, you can always boot your Clockwork SD card and restore from there. Remember - this is not a phone - there is no subsidy or baseband to protect. So, no there's no S-ON, locked boot loader, or any of that other silly crap the carriers do to screw their customers. You can flash forwards, backwards, sideways, whatever you want, as long as you can put it on an SD card.
Overall, this is no more dangerous than running a stock android device with the "Unknown Sources" setting enabled. Nothing is happening yet that is uncharacteristic of a "standard", vanilla android device.
That said, you should probably make a backup while you are running Clockwork, just to be on the extra-safe-side.
So, is this a full ROM that I can use to flash the 1.2 update?
No. This is a stand-alone update to 1.2 that overwrites one file and adds two others. You need to have 1.2 up and running in order to use this.
How to install...
First, you must have a microSD card already flashed with ClockworkMod. I'm not getting into that, you can find a good guide in this post:
http://forum.xda-developers.com/showthread.php?t=987735
(thanks fpga_guy)
NOTE - THIS WILL ERASE YOUR SD CARD - SO YOU MIGHT WANT TO PICK UP A CHEAP 2GB CARD FOR THIS.
* Once you have Clockwork set up, drop the attached zip in the root directory, and reboot your Nook Color. Once Clockwork is booted:
* Select "install zip from sdcard", then "choose zip from sdcard"
* Select "Yes - Install apk-enabler-1-1a-signed.zip". The install process will begin promptly.
* Once flashed, you will be prompted to Reboot,
* The Nook OS will almost certainly crash on the first reboot - I'm not sure why as of yet... If it does, hold the power button until the Nook powers off completely, then turn it back on. It should continue to boot normally after this point.
* Once you are back up, you can use the browser to download and run .APK files from anywhere. Some apps do not work, others do. Fortunately for us, Superuser.apk is one that does
As for launchers, you will not see your installed apps in the Extras area of the stock launcher - B&N is doing something shady here... Instead, you will need to install another Launcher. Zeam seems to work well, while ADW doesn't.
Once Zeam is installed, you can hit the "Home" button and select it as your Launcher (permanantly, if you like...) This is where you'll see all of your downloaded apps.
I have attached the flashable zip file, plus links to SuperUser.apk and Zeam. Use the built-in Nook browser to install both of these to your device. Once you download an APK file, tap the notificaiton in the lower left corner and select "Package Installer." The usual Android install screen will appear, and you know what to do from there...
What's not working?
Probably lots of things. I know ADW doesn't work, and the open source Terminal emulator doesn't either... Superuser.apk detects SU, which is a good thing. It isn't "full root access" until I hack /etc/fstab to mount /system r/w (probably tomorrow.) B&N hacked up the frameworks pretty bad for this, so there are probably lots of issues with non-market apps. However, this should open the door to someone willing to port Nookie Froyo (or something similar) over to the stock 1.2 ROM.
Credit where credit is due:
First, thanks to everyone on XDA, the official Nook forum, CyanogenMod, NookDevs, some kind folks on IRC who helped me sort out the partition layout, some helpful folks in this thread, and probably 20 others that I'm forgetting. This would not have been possible without your help.
Where do we go from here?
I suspect we will have something more like Autonooter in a day or so... However, this is a fully usable solution for the time being. You have su, busybox, Superuser, SoftKeys, and a Launcher.
Also, someone needs to look into getting side-loaded apps onto the home-screen and/or into the Extras screen. My fear is that B&N is checking signatures there - but hopefully I'm wrong on that one....
Version 1.1a: apk-enabler-1-1a-signed.zip (1.28mb)
md5sum: 65267cf3314d7fae829881970d70b444
http://www.mediafire.com/?bb7o66282bqfp6q
Apps known to work:
Superuser
Zeam
SoftKeys
Amazon App Store for Android (works beautifully)
Amazon Mobile
Collapse (today's free game on Amazon)
Kindle Reader
File Manager
ES file explorer
Pulse (with widgets)
Facebook
Evernote
Remember The Milk
Subsonic
WP Clock - Live Wallpapers are enabled by default - the Google Maps and WP Clock live wallpapers appear in the stock Nook Home settings
Free Dictionary
TV.com
TuneIn Radio
Winamp
LastPass
Xmarks
Dolphin
DocumentsToGo
cVolume
FancyWidget
Google Voice
ReadItLater
Button Savior
Dropbox
Adobe Reader
TerminalEmulator
Apps known not to work:
Any version of GApps. Especially those packaged for Gingerbread. This is a B&N issue.
ADWLauncher
aldiko (via kingsjack)
other Input Method (via kingsjack)
appmonster (via kingsjack)
gscript lite (via kingsjack)
GApps don't work because framework.jar needs to be ported from another release. B&N broke it.
Alternative keyboards and things like that will probably break (again, due to dependancies that have been broken by B&N.)
Fortunately, B&N left enough of the package installer intact to allow us to get this far.
(feel free to add to this list, I'll only test what I personally plan to use.)
Thanks for getting off market working
Sent from my SPH-M910 using XDA App
Zero to sixty in no time flat. Gracias Senor, now I can dual boot this and the incredibly speedy cm7 builds and have the best eReader on the market and a super great 7 inch tablet to boot.
can i use cm gapps-gb-20110307-signed in stock 1.2 after root?
kingsjack said:
can i use cm gapps-gb-20110307-signed in stock 1.2 after root?
Click to expand...
Click to collapse
No, that's the Gingerbread version. If you can find one for Froyo - who knows, it might just work
HamNCheese said:
No, that's the Gingerbread version. If you can find one for Froyo - who knows, it might just work
Click to expand...
Click to collapse
thank! now i cna install most apk in my nc.
but ... when i use root.explorer, i find superuser isn't work.. didn't root in my nc.
1. install apk.enabler.zip by ClockworkMod, is work. i can install apk by brower
2. install Superuser and zeam & rootexplorer, is work, and i can use rootexplorer to install other apk, but haven't root.
kingsjack said:
thank! now i cna install most apk in my nc.
but ... when i use root.explorer, i find superuser isn't work.. didn't root in my nc.
1. install apk.enabler.zip by ClockworkMod, is work. i can install apk by brower
2. install Superuser and zeam & rootexplorer, is work, and i can use rootexplorer to install other apk, but haven't root.
Click to expand...
Click to collapse
You're welcome. I'll look into Root Explorer - I'm not sure if it's a root issue or an issue with that software. Superuser thinks it has root, so I would think other apps would as well.
FYI /system is not mounted as read/write yet - perhaps that is what Root Explorer is complaining about?
HamNCheese said:
You're welcome. I'll look into Root Explorer - I'm not sure if it's a root issue or an issue with that software. Superuser thinks it has root, so I would think other apps would as well.
FYI /system is not mounted as read/write yet - perhaps that is what Root Explorer is complaining about?
Click to expand...
Click to collapse
without this Options
kingsjack said:
without this Options
Click to expand...
Click to collapse
Right. As I mentioned, I need to fix fstab to mount everything with read/write permissions (which I plan to do tomorrow.) This is really more of a work-around to get apps on the device. We will gain better control of it over time.
HamNCheese said:
Right. As I mentioned, I need to fix fstab to mount everything with read/write permissions (which I plan to do tomorrow.) This is really more of a work-around to get apps on the device. We will gain better control of it over time.
Click to expand...
Click to collapse
thank u work
I'm guessing, very much likely, that you didn't include a Superuser.apk into /system/app which allows Root Explorer to request use of su in xbin. I'm going to try and get an AN version going for 1.2 in a day or two.
GabrialDestruir said:
I'm guessing, very much likely, that you didn't include a Superuser.apk into /system/app which allows Root Explorer to request use of su in xbin. I'm going to try and get an AN version going for 1.2 in a day or two.
Click to expand...
Click to collapse
I didn't include it because it wasn't necessary. su is present, Superuser in apk form works. The only thing missing is to re-mount everything as rwxrwx---. That would satisfy the root explorer requirement without having to go the full autonooter route. For now, anwyay....
What you describe is simply a tweak to /etc/fsatb and possibly some changes here and there in some init scripts. It shouldn't be a difficult update, re-mounting file-systems isn't exactly the hardest thing to do in Linux.
The big headline here is "load apps from untrusted sources" - something that the Nook Color is physically incapable of doing out-of-the-box. In fact, their plan is exactly the opposite. Entangle the user with app purchases that they can't get anywhere else, and cannot transfer in or out of the Nook ecosystem. That problem is solved for now, and it should do what 90% of users want right out of the box.
We can discuss the next phase after evaluating the changes to frameworks and whatnot that will get Gapps and other crucial stuff up and running - that will prove to be a more difficult task than simply breaking in to the stock system. Judging by work that was done for previous iterations of Autonooter, there are enough framework changes that it's going to take some time to work out the details.
BTW, if anyone on that team would like to share information, please contact me and I'll see what I can do to help.
If there's no R/w toggle it means somethings wrong with Root Explorer, you should look into that problem as opposed to just fixing it by remounting system in init.rc this is not a good fix for something like this and shouldn't be acceptable. There's a reason the toggles built in and that's to help protect the /system folder.
GabrialDestruir said:
If there's no R/w toggle it means somethings wrong with Root Explorer, you should look into that problem as opposed to just fixing it by remounting system in init.rc this is not a good fix for something like this and shouldn't be acceptable. There's a reason the toggles built in and that's to help protect the /system folder.
Click to expand...
Click to collapse
Hmmmmm.....guess I'll have to spring for root explorer and dig through logcat to see what's going on. It could totally be some goofy B&N thing that's screwey on this one device. More after the break....
HamNCheese said:
Apps known to work:
Superuser
Zeam
Amazon App Store for Android (works beautifully)
Amazon Mobile
Collapse (today's free game on Amazon)
Kindle Reader
File Manager
Apps known not to work:
ADWLauncher
TerminalEmulator
(feel free to add to this list, I'll only test what I personally plan to use.)
Click to expand...
Click to collapse
Please explain how you got amazon appstore on there. I signed in on mazon had it send me the link on the nook to download it which i did. When i clicked on it brought up chice to run with app installer or package installer of which one gave me a parse error and the other did nothing.
Any ideas?
So, is this a full rom that I can flash my 1.1 nook into 1.2?
HamNCheese said:
BTW, if anyone on that team would like to share information, please contact me and I'll see what I can do to help.
Click to expand...
Click to collapse
Hint.. They already have in this thread.
HamNCheese said:
I didn't include it because it wasn't necessary. su is present, Superuser in apk form works. The only thing missing is to re-mount everything as rwxrwx---. That would satisfy the root explorer requirement without having to go the full autonooter route. For now, anwyay....[/B][/B][/I]
Click to expand...
Click to collapse
installing rom manager and running fix permissions should set all the right files to rwxrwx--- shouldnt it? i havent installed the update cuz im happy with cm7 so i cant test it..
Sent from my NookColor using Tapatalk
Good work Ham. The apps used to show after rebooting under the Extras section(Now called Apps), they are not now after the framework butchering they did. However, I installed Applanet and all I had to do was a search on the device and there it was. It launched fine and downloaded apps no issue.
hi. i can't believe i'm the first person to ask this but i've searched as best i can through these forums, and on google, and cannot find a definitive answer. there are lots of pages giving high level descriptions of rooting a phone like "gives admin access", "allows access to the root filesystem", etc. but, when you root a phone, what actually happens ? does it simply make the "su" binary available so that apps can call it to access the root user ? eg. i've got a samsung galaxy s2, if i install an insecure kernel, then add su to /system/xbin, and then reinstall a stock kernel, is that technically a rooted phone ? this is actually what i did on my phone, although i installed superuser and busybox from the market after adding su. i am aware that there are various threads in the sgs2 forums on how to root, i'm just using my phone as an example, i'm just trying to understand generically what is meant when someone says a phone has been rooted. cheers.
Full control over your system
Ability to alter system files. You can replace many parts of the "Android Core" with this including:
Themes
Core apps (maps, calendar, clock etc)
Recovery image
Bootloader
Toolbox (linux binary that lets you execute simple linux commands like "ls") can be replaced with Busybox (slightly better option)
Boot images
Add linux binaries
Run special apps that need more control over the system
SuperUser (lets you approve or deny the use of root access to any program)
Task Manager For Root (Lets you kill apps that you otherwise could not kill)
Tether apps (like the one found at [android-wifi-tether.googlecode.com])
<there are more but I cannot think of any right now>
Backup your system
You can make a folder on your sdcard and backup all of your .apk files to your sdcard (helps if an author decides to "upgrade" you to a version that requires you to pay to use the version you just had)
Relocate your (browser/maps/market) cache to your /sdcard
Relocate your installed applications to your /sdcard
Reboot your phone from the terminal app easily (su <enter> reboot <enter>)
Copied and pasted from google... it is your friend.
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Carrot Cruncher said:
thanks for the response however, i'm trying to understand what actually changes on the phone when you root it, rather than simply the benefits of rooting a phone.
Click to expand...
Click to collapse
Unrooted phone is like logging on as user in a computer. By rooting you have "administrative" rights, just like using sudo command in Ubuntu. Some binaries which are important in gaining administrative rights are installed in the phone.
sent from my nokia 3210
If you come from Windows, you're familiar with the Administrator account. A user that can do everything on the system, as opposed to other users than only have limited privileges. In Linux, that account is called "root". That's all there is to it. It's a user that can do everything on the system.
@Panos_dm: Actually, it's *not* like using sudo. Sudo gives elevated privileges to your existing user account, whereas "root" is a whole separate account.
Nope, sudo actually switches users
i'm a linux user and have been a linux admin in the past so understand the difference between su and sudo. sorry to sound pedantic but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
It opens your phone to a whole new array of possibilities.
Sent from my HTC Sensation 4G using xda premium
Carrot Cruncher said:
but i'm still not clear on exactly what happens when you root a phone, i.e. what exactly happens during the rooting process ?
Click to expand...
Click to collapse
In a gist? The "su" binary and the Superuser.apk app get installed. Sometimes doing so requires exploiting a vulnerability via a trigger. Rageagainstthecage is a common trigger. I once had a link that explained what exactly rageagainstthecage does, but I don't have it anymore.
If you really want to know all the details, here's the script I used to root my Defy: http://pastebin.com/G3m9v4FQ
Hmm, I see the script contains a link to the explanation of what rageagainstthecage does. Cool.
many thanks for confirming my understanding of the process.
So there are two populair methods of rooting the galaxy s3:
- The Samsung galaxy s3 toolkit
- Chainfire's CF-ROOT
My questions are as follows:
What are the technical differences between the two rooting methods?
Do the methods have any drawbacks? (cf-root for example is incompatible with rommanager)
disclaimer:
I am not interested in what you think is the best method, I want to know the technical differences between the two methods used.
I know that the toolkit itself is not a rooting method, it does however include 4 different methods you can use, I am referring to those.
The toolkit uses cfroot I think. Not sure if it's as up to date as the latest cfroot via Odin. They both work well enough. There is no other method I know of. And I haven't had any drawbacks.
That's all I can say really
Sent from my GT-I9300 using xda premium
Also The toolkit uses Odin too. It has other options and clear instructions. Drivers. Modems etc so this would be the best option for an casual user.
Latest cfroot via Odin is probably your best option if u know what your doing
But it's up to you mate, it doesn't really need analyzing so deeply...
Sent from my GT-I9300 using xda premium
slking1989 said:
But it's up to you mate, it doesn't really need analyzing so deeply...
Click to expand...
Click to collapse
Well it is personal but I like to know or at least have a general idea of what I am doing to my phone. So yes it does
Tnx for the reply
Anyone else who can give me some more insight?
Unfortunately I don't have an answer for you, but I also am interested in the answer to your question..
I think certain methods of rooting use SuperSU (is this the CF one?) and then another method uses Superuser. I think both install busybox (that seems to be the same?)
In my experience, using the Superuser.apk app was faster than SuperSU..
I don't even have the Busybox app installed (but I am sure my phone has busybox, so this also confuses me??)
CF root gets the job done in 20-25 seconds. It installs superSU, busybox and cwm recovery. I would allways recommend rooting with CF Root over the Toolkit.
But that`s my opinion off course
gee2012 said:
CF root gets the job done in 20-25 seconds. It installs superSU, busybox and cwm recovery. I would allways recommend rooting with CF Root over the Toolkit.
But that`s my opinion off course
Click to expand...
Click to collapse
Yes go with the CFroot if u just want to root ur phone.
Sent from my GT-I9300 using Tapatalk 2
'K, I'll bite. I'm not going to give an overall recommendation - at the end of day, they both install an APK and put a new binary in /system/xbin.
Note: I used CF-Root to root my phone. When I talk about how the the toolkit does what it does, I'm basing my words on this image. I've seen the things in that image before, even though I haven't used the toolkit. This also means that my toolkit observations may not be entirely accurate but it's a batch script, anyway; you can just read through it and find out how it works. I'm also primarily a Windows user, but I used to use GNU/Linux quite a bit to write programs for a phone that I once had.
Rooting is, when broken down, the installation of a "su" binary installed to /system/xbin, that is owned by root and carries the setuid flag. This flag is important as the Linux kernel will then run the process whenever it's invoked as the person who owns it, root. This process can then, in turn, start other programs and they inherit the user ID (something like this - I'm taking my time reading TLPI...) so they are then running as root. There's also a "manager" app (Superuser or SuperSU) that will be installed; this app is talked to by the su binary (through the Android Binder AFAIK, though Superuser's source is available so if you really wanted to find out you could read that) to see, for example, if the program that is invoking "su" is allowed to do so. CF-Root installs the SuperSU apk to /system/app, which means that it survives factory resets. The toolkit, from a quick look at the Superuser ZIP in its folder and its batch file, also installs the Superuser apk to /system/app. When sideloading apps or installing from the Google Play Store, they usually get installed to /data/app.
Not all "su" implementations for Android need a manager app, I've seen implementations where su does not place restrictions on who is allowed to run it; uid=0 for everyone without discrimination! (Yes, that also includes you, Super Smilies Pack 3000 with boob smilies) Thankfully, neither the toolkit nor CF-Root do this. I lie a little. Superuser's su binary will automatically reject any request to become root if the Superuser.apk is not installed but SuperSU's su binary will automatically accept all requests to become root if the SuperSU apk is not installed. Personally, I prefer SuperSU's behaviour as there have been too many times with my old phones where I'd have to sign into Google Play after wiping /data just to install the Superuser APK when all I wanted was to run a simple command.
ext* filesystems along with other *NIX filesystems have the concept of file permissions, a concept shared by other *NIX filesystems. In order to actually place this su binary owned by root into a folder owned by root, you need to be root. (Actually, the folder is also owned by the shell group so a user which is a member of that group could do it too, but they wouldn't be able to set the all-important setuid flag as they're not the user root [perhaps a member of group root could do it but I don't know]) Usually, exploits in other programs running/can run as root or in the kernel are searched for so that you can temporarily root in order to install the su binary correctly. The GSIII (with the exception of Verizon's) has an unlocked bootloader, though, so programmers don't need to search for any of these: it's able to flash unofficial, unsigned recoveries and kernels.
CF-Root does this:
* it flashes a new CWM-based recovery in the recovery partition of the phone. If you've seen the stock Android recovery, you'll know that it just can't match the features of CWM. The important thing about CWM is that it runs as root, just like the stock recovery, but it also lets you place any file anywhere on the phone without requiring that the the ZIP file containing the files are not signed with a Samsung private key. Remember what I said about file permissions?
* there's also a param.bin file. I don't know anything about this file, but I suspect it's flashed to get the phone to boot up into recovery mode the next time it's started so that CWM runs before anything else
* it also flashes the cache partition (I'm not sure whether it overwrites or appends as I don't know how [and probably never will] know how ODIN works with two ZIP files: SuperSU, which contains the su binary, the SuperSU apk and a script that is run by CWM to set the required permissions on the su binary among other things, and the CWM app which lets you tell the recovery what actions you want it to perform in Android without having to navigate through the awkward interface of CWM itself. While I don't know how to do this myself, CWM recovery can be told to automatically run commands from an external source. I'm not talking about random websites on the Internet, but (I think) through files that have to be placed somewhere by root. This is what apps like the CWM app and ROM Manager do. This is also what CF-Root does to tell the recovery that the next time it's booted that it should install both the CWM ZIP and SuperSU ZIP. That's it in the case of CF-Root: you now have a phone with the two files required for root access, and a CWM recovery and an app to control it.
The toolkit:
(I only talk about the "insecure boot" options as I imagine the recovery option does something similar to the above and do remember that I haven't used the toolkit to root my phone so some assumptions are made. I also assume you know what ADB is as I won't be explaining it)
* it gets you to flash a kernel image with a patched adbd that runs as root, so adb on your computer, in turn, is able to place files anywhere on the phone's /. File permissions make it so you can't just place adbd in its expected place (/sbin) as any user and /sbin is also mounted on a ramdisk part of the flashable kernel image so it would be replaced on the next reboot, anyway.
* When the phone is running again with the new kernel, it then tells adb (now running as root) to push the Superuser APK and the su binary into their rightful place and sets the correct permisions on the su binary so that it runs as root
* if you've told it to install busybox, busybox is pushed and a bunch of symlinks for all the applets that BusyBox supports are set up
CF-Root installs, naturally, Chainfire's SuperSu whereas the toolkit installs Superuser. I much prefer SuperSU (and I bought a pro license for Superuser long before I did for SuperSu). Superuser's interface is much better than SuperSU's and it's also open-source but I find that SuperSU works much quicker for me (Root Explorer actually popped up a message on my sister's freshly-flashed Xperia Arc S saying that Superuser can be slow if Superuser hasn't granted it root access quick enough - I've never encountered that on my Huawei U8800pro with SuperSU which has pretty much the same specs as the Xperia) and it can also log the commands an app is running as root if you're suspicious of an application.
You'll notice that ADB still runs as a normal user with CF-Root. You can use Chainfire's adbd Insecure app which will replace /sbin/adbd everytime the phone is started with his patched adbd which always runs as root, or you can just flash one of the many kernels available that already include a patched /sbin/adbd.
CF-Root also does not install BusyBox. You can grab one of the installers from the Play Store but what I do personally is kang a CM9 nightly build for the I9300 and take the META-INF folder and the /system/xbin/busybox binary and strip out most of the lines in the update-script leaving only the lines that mount, extract and create the symlinks for busybox and place the result in a new ZIP which is then flashed with CWM.
Your "cf-root for example is incompatible with rommanager" gripe is easily solved - just flash another recovery. CF-Root just packages a CWM Recovery, an app to control CWM and SuperSU. CF-Root itself is not a resident component, but the recovery and SuperSU etc. are, if that makes sense.
qwerty12 said:
A long story with a lot of interesting and valuable information
Click to expand...
Click to collapse
Tnx! This is precisely what I have been looking for! A lot of the information I already found in seperate pieces but this made it click in my head. I used cf-root to root the phone and am currently deciding if I want to work with the included tools and cwm recovery or flash CWM touch
I got a busybox installer from the market and it works like a charm (Well Titanium backup seems to do its job anyway).
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
The only advantage i can see to using toolkit is it will get updated quicker and it has loads of other options. If you just want to Root and flash a Rom cf root is way to go
Sent from my GT-I9300 using xda app-developers app
creesch said:
Tnx! This is precisely what I have been looking for! A lot of the information I already found in seperate pieces but this made it click in my head. I used cf-root to root the phone and am currently deciding if I want to work with the included tools and cwm recovery or flash CWM touch
Click to expand...
Click to collapse
Glad it helped
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
Click to expand...
Click to collapse
Yeah, HTC's locked bootloaders and the S-ON/S-OFF rubbish is one of the reasons I decided to skip the One X and go for the Galaxy S3.
creesch said:
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
Click to expand...
Click to collapse
Its fair to say that unlike many people on this forum you did your research. Searched.. and asked a valid question. Whereas the majority of people just ask questions without being bothered to figure it out themselves. So thanks. Over analyzing? Maybe a little... but its better than flashing any old thing like many other have done and continue to do. Big thanks to qwerty who has filled me in on some useful info also.
Sent from my GT-I9300 using xda premium
You should have thanked him tho maaan
Sent from my GT-I9300 using xda premium
creesch said:
Tnx! This is precisely what I have been looking for! A lot of the information I already found in seperate pieces but this made it click in my head. I used cf-root to root the phone and am currently deciding if I want to work with the included tools and cwm recovery or flash CWM touch
I got a busybox installer from the market and it works like a charm (Well Titanium backup seems to do its job anyway).
I must say I think was over analyzing this a bit since I owned a HTC desire before this phone where rooting has a lot more risks involved and a lot more steps.
Click to expand...
Click to collapse
Stick with 5.x.x.x recovery, touch(6.x.x.x) has some instability issues afaik
Sent from my GT-I9300 using xda premium
slaphead20 said:
Stick with 5.x.x.x recovery, touch(6.x.x.x) has some instability issues afaik
Sent from my GT-I9300 using xda premium
Click to expand...
Click to collapse
Alright well since it was only the touch aspect that made me consider it i'll leave it just like it is
Hey guys
Hey guys i have the internationa galaxy s3 running 4.1.2, i haven't done anything to my phone yet and im about to root it is the boot loader unlcoked and if not how do i unlock it :good:, could someone please help me:crying::crying: and give me clear instructions and links please :fingers-crossed: thanks you so much,
BTw i know this is the wrong thread but i cant find the right one, thanks alot guys
regards nick
Hello Archos community,
I have bought the new Archos 50c Neon in early July, because of its nice price-performance ratio and the fact that it runs Android 4.4.2.
I have been able to successfully root it using Chinese "KingRoot", but am looking for an alternative SuperUser app. I already own a license of SuperSU Pro (which I am using for my tablet), but it turns out that the current versions of SuperSU (both 2.46 and 2.49) currently cause a crash when calling "su" from adb - seemingly because the Dalvik VM is unable to instantiate class "android.os.Environment" from SuperSU code when SuperSU wants to display its UI dialog that asks for permission. For the detailed issue description, please see here:
My thread in XDA SuperSU forum: Crash when trying to run su
Unfortunately, Chainfire (the author of SuperSU) from his signature is "away for most of the summer", and I will wait until he's back and then point him to this issue one more time.
In the meantime, I have created a script to successfully remove all remains/remnants of KingRoot (after successful rooting with it) and replace it by Koushik Dutta's OpenSource Superuser package:
https://play.google.com/store/apps/details?id=com.koushikdutta.superuser
http://www.koushikdutta.com/post/superuser
I have attached a ZIP file to this post that includes everything needed to do so - here are the instructions:
Please note that I do not take any responsibilities in case you brick your device, and also note that you void your warranty for the phone when rooting (these should be clear anyway)!
Reset your Neon 50c to factory settings (optional, might be needed in case you run into issues otherwise when removing KingRoot)
Unzip the attached ZIP and copy its contents to the root of the internal SD storage on your 50c Neon (directory /sdcard)
Use the included kingroot_4.0.0.apk to root your phone (allowing to install apks from untrusted sources)
Then, from your PC, open an "adb shell" to your device (you need to activate developer mode and USB debugging in order to do so)
From this adb shell, execute "su" and allow this root access through the KingRoot dialog on your phone. You now have a root shell on your phone.
Open a second adb root shell in the same way to not become stuck in case something goes wrong with the first one
In the first adb root shell, cd to /sdcard and execute my script in the following way:
Code:
cd /sdcard
sh -x ./kingroot_2_koush_su.sh ./busybox ./superuser.zip
and while it is running, press enter three times when "ps | grep king" and "ps | grep k_" show whether there are still processes running on your device that are related to KingRoot. General rule here is: When there are processes still running for the first ("ps | grep king"), something went wrong and KingRoot uninstall will most probably fail, while the fact that only processes matching the second ("ps | grep k_") are found, is normal and will NOT stop the script from working successfully.
When the script has finished, your phone will do a "soft reboot" (from killing zygote). You should do another explicit "hard" reboot afterwards anyway before trying to use the newly installed Superuser package.
I have run this script myself on my device, and am pretty confident that after the script has run successfully, there are no remains/remnants of KingRoot left on my device. The Open Source Superuser app by Koushik Dutta runs without any issues.
Hope this helps - and am still looking for some help with why SuperSU crashes on the 50c Neon although it seemingly has been installed properly...
Best regards,
awl
Great work, thank you very much for sharing this. :good:
I have just successfully followed your instructions and they worked for my new Archos 50c Neon as well.
Just one remark concerning the Kingroot (as the app was confusing me with Chinese that I could not read): Make sure to turn your wifi on before you start Kingroot, otherwise the app won't do anything.
And now my questions:
Do you by any chance know if there is a custom recovery available for the Archos 50c Neon? I haven't found any.
Have you written a debloater script which uninstalls all uninstallable apps?
do you have a custom recovery for this phone as I cannot get the su to up date without it restarting into recovery for the clockwork mod superuser. I have got root but only if i set supersu to grant rather than prompt but this isn't a very secure way as you said the su binary is there but the system isn't allowing the prompt.
Da5t3rati0n said:
do you have a custom recovery for this phone as I cannot get the su to up date without it restarting into recovery for the clockwork mod superuser.
Click to expand...
Click to collapse
AFAIK there is no custom recovery for this phone. I don't own it any more, it had too many weak points, such as most promintently speech quality/microphone and frequent hangups or no sound for one party during 3G telephony.
Sorry & best regards,
awl
awl14 said:
AFAIK there is no custom recovery for this phone. I don't own it any more, it had too many weak points, such as most promintently speech quality/microphone and frequent hangups or no sound for one party during 3G telephony.
Sorry & best regards,
awl
Click to expand...
Click to collapse
Yes first thing I noticed about this phone was the call quality haven't had any dropped calls though also the touch screen is awful only 2 touch. Reasonable hardware though CPU is a spreadtrum 1.2ghz a7 quad core so runs cooler and more energy effient than the a9 with a mali400 mp2 twin core GPU runs Asphalt8 on decent settings and good frame. But sadly let by the touch screen as for SuperSU it roots the phone and if set to grant, root programs run so the problem is with the prompt not being allowed to show. I'm thinking this is more Google security than anything.
Sent from my Bush 5" Android using XDA-Developers mobile app
...and not WearOS because this is from an Android 5.1.1 build from 2015
I talked about the Wear framework in this thread, and how it can be partially installed onto the Pace and Stratos
THIS DOES NOT MEAN A FULLY WORKING ANDROID WEAR BUILD!
It doesn't connect to the Wear app, even after installing all the APKs required and following the correct setup procedure (some bluetooth error, even after patching it with the supposed workaround for normal apps, it doesn't work - maybe the Bluetooth stack on these watches doesn't work for Wear)
What it does allow is for standalone wear apps with really simple functions to work. Good examples of this are Wear Bottle Spinner (eliseo.wearbottlespinner.wear) and Interval timer for Android Wear (wearablesoftware.wearintervaltimer), which on this list are "not working" due to lack of wear framework, but work after these files have been copied.
Please do not attempt this if you want a fully stable device, or don't feel comfortable debugging. It may not work for you, and you may end up having to post crash logs or have a not-working device. This is a development thread, it's not fully ready for use yet
Installation
- Download this zip
- Extract it and run the following commands from the folder
Code:
adb root
adb remount
adb push com.google.android.wearable.jar /system/framework
adb push clockwork-system.jar /system/framework
adb push com.google.android.wearable.xml /system/etc/permissions
adb push clockwork-system.xml /system/etc/permissions
adb push ClockworkAmbient.apk /system/priv-app/ClockworkAmbient/ClockworkAmbient.apk
adb reboot
I think this is all that's needed for it to work. My test device has more Wear framework APKs on it than are needed, so I'm not totally sure. If it crashes after doing this, please post a logcat and I'll see if anything else is needed - that's why this is a DEV thread!
These files were taken from the last Android 5.1.1 Wear build for the Gear 2 (itself a port): https://forum.xda-developers.com/gear-2/development/please-help-kernel-compiling-android-t2992953
From having followed the AW porting thread for the Samsung Gear S back in the days I can say the following things:
The Bluetooth stack is indeed different between normal Android and Android Wear but IIRC it should be at least theoretically possible to make it work unless Xiaomi/Huami modified it.
To connect to the AW app it will also require to have all the AW GAPPS properly setup AND the fingerprint of a watch it will recognize with said AW version, even an AW port just won't connect with the app unless there is a proper fingerprint setup in build.prop
On another note great job on doing this and I will be testing it out later today when I will have some free time and an easy way of getting said AW apps.
Hello Quinny, I think you're doing a great job, and it's appreciated. What is the scope of this? I am clear that we will not see Android Wear on our devices, but can Google services and applications be installed? Or would it only be used to install certain applications?
Thanks for your contributions.
zodrac said:
Hello Quinny, I think you're doing a great job, and it's appreciated. What is the scope of this? I am clear that we will not see Android Wear on our devices, but can Google services and applications be installed? Or would it only be used to install certain applications?
Thanks for your contributions.
Click to expand...
Click to collapse
It's to make apps that rely on the Wear framework classes work, but only those that are standalone
Ranomez said:
From having followed the AW porting thread for the Samsung Gear S back in the days I can say the following things:
The Bluetooth stack is indeed different between normal Android and Android Wear but IIRC it should be at least theoretically possible to make it work unless Xiaomi/Huami modified it.
To connect to the AW app it will also require to have all the AW GAPPS properly setup AND the fingerprint of a watch it will recognize with said AW version, even an AW port just won't connect with the app unless there is a proper fingerprint setup in build.prop
On another note great job on doing this and I will be testing it out later today when I will have some free time and an easy way of getting said AW apps.
Click to expand...
Click to collapse
@Quinny899 what do you think, would it be possible?
Hi, will this work with this?
https://play.google.com/store/apps/details?id=prox.lab.calclock&hl=cs
urbami said:
Hi, will this work with this?
https://play.google.com/store/apps/details?id=prox.lab.calclock&hl=cs
Click to expand...
Click to collapse
No
Hello there! I think you are doing a fanstastic job! But I have a problem, I can't do adb remount... It says permission denied. Any help is appreciated
Qufy said:
Hello there! I think you are doing a fanstastic job! But I have a problem, I can't do adb remount... It says permission denied. Any help is appreciated
Click to expand...
Click to collapse
You need to be running a rooted boot image and have successfully run "adb root" before remount.
Quinny899 said:
You need to be running a rooted boot image and have successfully run "adb root" before remount.
Click to expand...
Click to collapse
adb root runs successfully. As for the rooted boot image... Does it mean I need a custom recovery image? (Like TWRP?)
Qufy said:
adb root runs successfully. As for the rooted boot image... Does it mean I need a custom recovery image? (Like TWRP?)
Click to expand...
Click to collapse
What does adb root return? Can you send a screenshot?
Quinny899 said:
What does adb root return? Can you send a screenshot?
Click to expand...
Click to collapse
It returns nothing so I am not sure :/
https://imgur.com/TUeo3ky
Qufy said:
adb root runs successfully. As for the rooted boot image... Does it mean I need a custom recovery image? (Like TWRP?)
Click to expand...
Click to collapse
You have to boot (not flash) an boot image with root support and run the commands directly then.
Do a search for root Amazfit, there are some guides.
GreatApo said:
You have to boot (not flash) an boot image with root support and run the commands directly then.
Do a search for root Amazfit, there are some guides.
Click to expand...
Click to collapse
I will try that thanks
Qufy said:
It returns nothing so I am not sure :/
https://imgur.com/TUeo3ky
Click to expand...
Click to collapse
Nothing = it didn't work.
If it works it says "adbd restarting as root"
Quinny899 said:
Nothing = it didn't work.
If it works it says "adbd restarting as root"
Click to expand...
Click to collapse
Oh ok thanks
Quinny899 said:
...and not WearOS because this is from an Android 5.1.1 build from 2015
I talked about the Wear framework in this thread, and how it can be partially installed onto the Pace and Stratos
THIS DOES NOT MEAN A FULLY WORKING ANDROID WEAR BUILD!
It doesn't connect to the Wear app, even after installing all the APKs required and following the correct setup procedure (some bluetooth error, even after patching it with the supposed workaround for normal apps, it doesn't work - maybe the Bluetooth stack on these watches doesn't work for Wear)
What it does allow is for standalone wear apps with really simple functions to work. Good examples of this are Wear Bottle Spinner (eliseo.wearbottlespinner.wear) and Interval timer for Android Wear (wearablesoftware.wearintervaltimer), which on this list are "not working" due to lack of wear framework, but work after these files have been copied.
Please do not attempt this if you want a fully stable device, or don't feel comfortable debugging. It may not work for you, and you may end up having to post crash logs or have a not-working device. This is a development thread, it's not fully ready for use yet
Installation
- Download this zip
- Extract it and run the following commands from the folder
Code:
adb root
adb remount
adb push com.google.android.wearable.jar /system/framework
adb push clockwork-system.jar /system/framework
adb push com.google.android.wearable.xml /system/etc/permissions
adb push clockwork-system.xml /system/etc/permissions
adb push ClockworkAmbient.apk /system/priv-app/ClockworkAmbient/ClockworkAmbient.apk
adb reboot
I think this is all that's needed for it to work. My test device has more Wear framework APKs on it than are needed, so I'm not totally sure. If it crashes after doing this, please post a logcat and I'll see if anything else is needed - that's why this is a DEV thread!
These files were taken from the last Android 5.1.1 Wear build for the Gear 2 (itself a port): https://forum.xda-developers.com/gear-2/development/please-help-kernel-compiling-android-t2992953
Click to expand...
Click to collapse
Can it delete my ROM(PACEfied)?
Hi is it possible to run google fit directly from watch?
With framewotk or any custom build google fit apk? Anyone test it?
Will the application like a "com.huami.watch.deskclock" and another stock application still works ?
A M A Z F I T S T R A T O S
lensSGzaza said:
Will the application like a "com.huami.watch.deskclock" and another stock application still works ?
A M A Z F I T S T R A T O S
Click to expand...
Click to collapse
Yes.