How to unlock system partition on the Redmi 6A developer ROM - Xiaomi Redmi 6A Questions & Answers

hey guys, I have flashed developer ROM into Redmi 6A, then enabled root privilage via build-in Security Center App. but When I using some app (such as : fake location) and I authorize that root privilage, it tell me /system partition not unlocked, cant not write data.
I have tried to search related issue by google and xda communication, some people tell me I can use adb command to disabled verity, command like this
Code:
c:\adb\adb root
restarting adb as root
c:\adb\adb disable-verity
verity disabled on /system
Now reboot your device for settings to take effect
c:\adb\adb reboot
Then phone reboot,but system still not unlocked, I even tried several times, another way as saying I can use syslock tools (download link:https://apkpure.com/syslock/com.lerist.syslock) to unlock system partition. however, after the phone is restarted, the system partition is still not writable.
In addition, I can not found more answer, maybe I use wrong technical terms?
any help will be appreciated.

Related

[Q] ICS - Encryption

Hello guys.
I know there's no way to make CWM work with encrypted memory and SD and also there's no way to decrypt.
So, any other encryption solution that allows backups?
Using android's encryption feature, what to do in case of problems?
Any way to recover?
What happens if the system bricks and a recovery is needed?
What happens flashing a non disruptive update? Is a wipe needed?
Thank you so much!
Flashing to an encrypted ICS gs2/i9100
ultradj83 said:
Hello guys.
I know there's no way to make CWM work with encrypted memory and SD and also there's no way to decrypt.
So, any other encryption solution that allows backups?
Using android's encryption feature, what to do in case of problems?
Any way to recover?
What happens if the system bricks and a recovery is needed?
What happens flashing a non disruptive update? Is a wipe needed?
Thank you so much!
Click to expand...
Click to collapse
There are two options I've found that will work for flashing encrypted ICS, one is TWRP, which you would use instead of CWM, which would allow you to enter your password & flash what ever ROM you wanted like you were working with an unencrypted phone. But it's not (yet?) available for gs2/i9100.
The other option (original post here ) outlines how to do this from the command line of a computer with the Android SDK installed. I've spelled it out to include Android SDK installation since I didn't have that installed already when I had to do this.
Download, Install & configure Android SDK
Run SDK Manager
install "Android SDK Platform-tools"
Add <whatever>/android-sdk/platform-tools/ to path
in a command prompt / terminal window type "abd" to Check that your path includes the correct folders in the SDK (I had to do this manually on Win7)
On Phone
Reboot phone into Recovery mode
in CWM format cache partition
from your PC use adb to mount /sdcard as tmpfs:
Code:
adb shell mount -t tmpfs none /sdcard
put your ROM on the (fake) sdcard
Code:
adb push <your rom> /sdcard
Use the recovery to flesh the ROM as usual
Once you reboot the device will ask for you password as normal then finish the app installation/configuration after reboot. I was able to do this upgrading from CM9.0.0 RC1 to CM9.1. All data was preserved. Phone seems to be behaving itself but I only did this an hour ago so still too soon to tell.
Props to orcruin for sharing this. :highfive:
Ed

Root... but not root?

Hi everyone. I have a tablet from a famous argentinian whose devices quality is not the best (Noblex). This tablet has an Intel redhookbay SoC (x86). I tried to root it with Framaroot with no success. I also tried with apps like Kingo Root and Kingroot (disgusting, but I had to try them to see if they worked). Nothing worked. So I looked for a custom recovery and I found this thread which helps redhookbay users having a temp recovery like "above" the fastboot menu. In my case, CWM didn't work because power button selected the recovery item, but also fastboot menu item, so it always rebooted. TWRP didn't work either because touchscreen doesn't seem to work when I choose it. So and idea came to my mind: I could make an OpenRecoveryScript to make a backup and flash SuperSU.
I used adb shell to see if I could write a file in cache partition without being root. Of course, it didn't work, but then I typed "su" because it came to my mind, and boom! I was root, and even without any prompt that asked me if I wanted to grant root access for adb. So I thought "great! I'll remount partitions as rw and update the binaries to SuperSU ones". But, I had a little problem called Operation not permitted. Yup, I couldn't remount because I'm not allowed.
So, what can I do in order to root this thing? I read something about adbd Insecure, but I don't have any app that manages root to use this.
I don't know what to do, please help me.
Thanks in advance.

[GUIDE] Access locked AXON 7: How to clear the lockscreen security settings

I have been experimenting with flashing, etc. and somehow the lockscreen were corrupted and the pattern I was using was not longer valid. I had the fingerprint already setup so I could enter using the rear sensor, but having a corrupted lockscreen is annoying. THis method requires TWRP custom recovery. It is compatible with locked bootloaders and doesn't modify the stock boot or system. It is also compatible with all the AAXON 7 models.
If you have the stock ROM and need TWRP and ADB interface:
A. Setup ADB interface in your PC and device drivers. and connect your terminal to the PC.
B. Setup axon7tool in your computer. Enter into EDL mode by running the command "adb reboot edl" in the command prompt. The terminal will seen to be off.
C. Disable the antivirus and then backup your recovery image using axon7tool running "axon7tool -r recovery". Save the created file in a safe place.
D. Flash tenfar's signed TWRP as a new recovery using axon7tool. It will reboot to system again.
E. Open the command prompt and run:
Code:
adb devices
adb reboot recovery
1. In TWRP , and with the ADB interface properly installed run these the commands from your computer:
Code:
adb devices
adb shell mv /data/system/locksettings.db locksettings.db.old
adb reboot
Now the system will allow you to pass lockscreen without security. In that case you do not need to apply the rest of the steps. Should you continue experimenting issues with the lockscreen, then you should apply the full procedure. Just add the following 2 steps:
2. Open the command prompt and run:
Code:
adb devices
adb reboot recovery
3. When TWRP had fully loaded, run in the command prompt the following commands:
Code:
adb devices
adb shell mv /data/system/gatekeeper.pattern.key gatekeeper.pattern.key.old
adb shell mv /data/system/locksettings.db locksettings.db.old
adb shell mv /data/system/gatekeeper.password.key gatekeeper.password.key.old
adb shell mv /data/system/locksettings.db-shm locksettings.db-shm.old
adb shell mv /data/system/locksettings.db-wal locksettings.db-wal.old
adb reboot
If you want to restore the stock recovery, you just need to rename the recovery-backup.bin file created in step C back to recovery.bin and run the command "axon7tool -w recovery". after that you can enable your antivirus software again. axon7tool can't connect with some antivirus software. I will be editing this OP with links to the procedures required for each step. All of them are in this forums.
Enjoy
@Oki
To fix either " Wrong Pattern " , " Wrong Pin " users only need to delete " /data/system/locksettings.db " from either Terminal/File Explorer with root or TWRP File explorer then Reboot and you'll be good to go .
DrakenFX said:
@Oki
To fix either " Wrong Pattern " , " Wrong Pin " users only need to delete " /data/system/locksettings.db " from either Terminal/File Explorer with root or TWRP File explorer then Reboot and you'll be good to go .
Click to expand...
Click to collapse
Sure! but this guide is intended for people with the stock, unrooted, blocked bootloader who want to remain with a pure stock experience. Usually people without experience rooting devices. This is why I will edit the guide to add all the details to every step.
Could I do this with a pin as well? I restored a backup and it corrupted my password and I have to use the fingerprint on the back to get in.
twilighttony said:
Could I do this with a pin as well? I restored a backup and it corrupted my password and I have to use the fingerprint on the back to get in.
Click to expand...
Click to collapse
Yes, the procedure deletes everything. If you have problems just do the same also with:
gatekeeper.password.key
locksettings.db-shm
locksettings.db-wal
I have updated the OP just to describe the full procedure.
I had this problem earlier today of having the PIN corrupted, but I have it set to require the pin on the first boot.
I fixed it by removing all files ending in ".key" in /system. Not really sure how this compares to removing locksettings.db. Afterward, I put my password back using Google's device manager.
Of course, I am rooted with twrp, so this comes after setting that up.
Masterjuggler said:
I had this problem earlier today of having the PIN corrupted, but I have it set to require the pin on the first boot.
I fixed it by removing all files ending in ".key" in /system. Not really sure how this compares to removing locksettings.db. Afterward, I put my password back using Google's device manager.
Of course, I am rooted with twrp, so this comes after setting that up.
Click to expand...
Click to collapse
The problem of this method is that it only works if the bootloader is unlocked and the phone has the No-verify patch installed.
When you say "No-verify patch," are you talking about removing Google license verification from apps (via an app such as lucky-patcher for instance)? AFAIK that is on a per-app basis and wouldn't affect something like the lockscreen password.
So if the phone has those prerequisites (unlocked, No-verify, TWRP), is there a difference between removing the ".key" files and the locksettings.db? I am not entirely sure what the different files contain, and don't seem to be able to find this information through Google, though I may just not be searching the right set of keywords.
Masterjuggler said:
When you say "No-verify patch," are you talking about removing Google license verification from apps (via an app such as lucky-patcher for instance)? AFAIK that is on a per-app basis and wouldn't affect something like the lockscreen password.
So if the phone has those prerequisites (unlocked, No-verify, TWRP), is there a difference between removing the ".key" files and the locksettings.db? I am not entirely sure what the different files contain, and don't seem to be able to find this information through Google, though I may just not be searching the right set of keywords.
Click to expand...
Click to collapse
No-Verify is an additional security system implementend in the kernel. When No-Verify is active, it checks for the signature of the system partition. If the system was modified, then the system won't boot. This is why after unlocking the bootloader you have to apply No-Verify Patch or any package with the integrated patch such as SuperSU. As you can see, it has nothing to do with the app signature or the lockscreen at all.
The method presented in the OP is valid for most Android phones, and the only prerequisite is to have TWRP installed. It is safe and a lot more recommended than patching the system partition. Patching system or kernel should always be your last resort. usually deleting locksettings.db is enough, and it is a general method that works for almost any locking method.
On B25 and have followed all instructions. Seems this method no longer works :/

[Q][Magisk Manager] rooting an unidentified tablet with android oreo 8.1 troubleshoot

Goodday,
I have been looking into rooting my android device for over a week now and was still not able to find how it can be done for an unidentified tablet.
I have an Allwinner T8 tablet (headunit) that runs oreo 8.1.0, theres no info availlable on this unit whatsoever, all i have is a detailled system information gathered by root checker, i can post the detaills if its required.
I've managed to make a full backup of my device using the adb backup command incase something goes wrong it can be reverted easily.
No custom recovery option availlable to flash.
Is it possible to root my device using the supersu zip without a custom recovery for example with adb using the command "adb flash"?
The most usefull guide for my situation i have come across is the magisk manager installation guide: ht tps://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445
This method requires me to have the stock boot image from my device, seeing i don't have root and cant just copy that file, where exactly can i find this file(whats the path to it)?
Is it possible to use adb command "adb root; adb pull ... " to retrieve this file? If not how can i get my hands on this file?
Please help me, i have spend many houres searching google and watching videos but all of wich are the easy methods that don't work for my tablet or require root or a custom recovery wich i cant install... pretty frustrating...
I think magisk manager is the only correct way to go for my problem
Also, if i remount my system or root with read&write rights using adb shell, is that the same as rooting my device?
if i can read and write into the system directory on my device then i should be set.
So what exactly is the diffrence between rooting my device and remounting my device/system as read/write?
anyone??

non-branded phone acts like it's branded - "SIM network unlock NCK"

Dear xda-community,
My phone: Honor 9 lite, non-branded, android 8, magisk installed. Running unofficial lineage-os 15.1.
Since 2 days now, after I enter the SIM-card's PIN, it says "SIM network unlock NCK" unlock/dismiss like in the attached picture.
How I tried to fix it:
* factory reset
* using different sim card
* flashing another ROM
* restoring a FULL TWRP backup of stock ROM (bck includes: kernel, ramdisk, cust, oeminfo, product, system, system image, vendor, vendor image, version, odm)
* TWRP -> advances -> fix contexts
* I also changed the permission of the sd-card with chmod +rw. I don't think I accidentally did that recursively on the / directory. But to be sure, I also ran the fix_permissions script following this guide: https://www.drewgreen.net/2012/03/15/manually-run-fix-permissions-from-recovery/
How it probably happened:
I was trying to delete content of a microsd-card in my phone. I used adb shell su went into the sd-card directory and executed rm -rf ./
However, I accidentally forgot the "." before the "/" :crying:
The terminal got flooded with "... read only file-system", since most is mounted as read only. But maybe somefiles were deleted, that I couldn't see in the terminal (scrollback buffer was full) .
Does anyone have an idea
1. why the error still exists after a factory reset (both with twrp and stock recovery) and even after restoring a full twrp backup?
2. how to fix this? Or is the problem unrelated to the stupid thing I did and just coincidental?
I am very thankful for any help and appreciate whoever takes his time to help me.
*UPDATE*
I used my warranty and my phone got sent to honor. Before, I relocked the bootloader and flashed an updated stockrom, so 1. they didn't see I immediately (at boot time) that I tampered with the phone and 2. I could tell the shop that it happened while installing system update.
they didn't charge me anything and it works again.
were you ever able to resolve this? i have the same imei and nck issue.
MateUserHHTT said:
Dear xda-community,
My phone: Honor 9 lite, non-branded, android 8, magisk installed. Running unofficial lineage-os 15.1.
Since 2 days now, after I enter the SIM-card's PIN, it says "SIM network unlock NCK" unlock/dismiss like in the attached picture.
How I tried to fix it:
* factory reset
* using different sim card
* flashing another ROM
* restoring a FULL TWRP backup of stock ROM (bck includes: kernel, ramdisk, cust, oeminfo, product, system, system image, vendor, vendor image, version, odm)
* TWRP -> advances -> fix contexts
* I also changed the permission of the sd-card with chmod +rw. I don't think I accidentally did that recursively on the / directory. But to be sure, I also ran the fix_permissions script following this guide: https://www.drewgreen.net/2012/03/15/manually-run-fix-permissions-from-recovery/
How it probably happened:
I was trying to delete content of a microsd-card in my phone. I used adb shell su went into the sd-card directory and executed rm -rf ./
However, I accidentally forgot the "." before the "/" :crying:
The terminal got flooded with "... read only file-system", since most is mounted as read only. But maybe somefiles were deleted, that I couldn't see in the terminal (scrollback buffer was full) .
Does anyone have an idea
1. why the error still exists after a factory reset (both with twrp and stock recovery) and even after restoring a full twrp backup?
2. how to fix this? Or is the problem unrelated to the stupid thing I did and just coincidental?
I am very thankful for any help and appreciate whoever takes his time to help me.
Click to expand...
Click to collapse
@AShah85
Unfortunately not.
I brought it to the shop were I bought the phone and they then sent it to honor. They fixed it free of charge but never told me what they did.
I bought this phone in Germany, where simlocking is illegal. They buy them elsewhere and unlock them for the german market. Apperantly I (somehow) undid this unlocking.
I'm not familiar enough with this topic, but I don't think you can change that with regular tools and probably need a key which hash is stored on the phone.
In short:
I used warrenty to fix it. I relocked the bootloader (to get rid of that "phone cant be trusted" screen at boot time) and reflashed stock rom (some newer one) and told them this error occured when I was trying to upgrade (cuz this apperantly indeed happens sometimes, search the internet...).
Hmm thanks for the reply. I guess I'll have to take it into the shop and see if they can figure it out.

Categories

Resources