Better Mobile App

Fix for empty app-mounted directories (CifsManager, etc.) in Android 5.0?

Android 5.0 Lollipop breaks apps that mount file systems to be shared with other apps. This includes CifsManager, Mount Manager, essentially anything that mounts cifs shares, FUSE file sytems, etc. The symptom is that the mounted contents appear fine to app that peforms the mount operation (assuming the app itself provides the ability to browse the contents), but every other app only sees an empty directory at the mount point.
Will a fix be possible for Lollipop as it was for Android 4.2?

Fix as pointed out by user glimmling.
Firstly, ensure you have the ElementalX kernel flashed onto your nexus 5.
glimmling said:
Cifs is definitily working on lollipop with my old Nexus 7. I use a patched kernel to make the mounts visible for all apps: http://forum.xda-developers.com/showpost.php?p=36908034&postcount=1
If your kernel doesn't have the patches, there is a second workaround with the SuperSU mount-master option: http://su.chainfire.eu/#how-mount
Important! Both approaches needs the SE Linux mode to be "permissive" to see the files in the mounts.
This example should work:
Code:
su
setenforce Permissive
su --mount-master -c busybox mount -o username=guest,rw,noperm,iocharset=utf8 -t cifs //192.168.178.23/cifsshare /data/media/0/mounts/cifsshare
Click to expand...
Click to collapse
If you can't be buggered typing out lengthy line 3 every time you mount you can use the patched version of Cifsmanager.v1.5a which uses prefixed mount command (su --mount-master -c) however it requires SuperSU and you still need SE Linux mode to be "permissive" to see the files in the mounts. So you can either do that manually in terminal:
Code:
su
setenforce Permissive
or download SELinux Mode Changer to switch for you (note: it's a bit buggy on switching)
After unmounting the share you should go back to Enforcing mode.
Code:
su
setenforce Enforcing
or just use SELinux Mode Changer to change back.
What is the difference between the SE for Android status: Enforcing, Permissive and Disabled?
Enforcing — SE for Android is enforcing the loaded policy. Your device is actively protected from security threats and malicious apps will be denied access.
Permissive — The SE for Android policy file is loaded, but your device is not enforcing it. If a malicious app tries to access a resource that it is not allowed to, the access will be logged but not prevented. This mode is intended for testing and debugging. It generates log files of denied app and allows Samsung to identify new app threats and update its policy files.
Disabled — The SE for Android infrastructure is not enabled, and there is no policy file loaded. Log files are not generated and your system is vulnerable to security threats.
Click to expand...
Click to collapse

bseos said:
If you can't be buggered typing out lengthy line 3 every time you mount you can use the patched version of Cifsmanager.v1.5a which uses prefixed mount command (su --mount-master -c) however it requires SuperSU and you still need SE Linux mode to be "permissive" to see the files in the mounts.
Click to expand...
Click to collapse
If you want to leave SELinux enabled, you can use that patched version of Cifsmanager above and and label the directory in the Options,
Code:
context=u:object_r:rootfs:s0
The full options string i use
Code:
vers=2.1,domain=MYDOMAIN,rw,file_mode=0777,dir_mode=0777,context=u:object_r:rootfs:s0
This works for my Nexus 6, 5.0 & 5.1.
Note: the version 2.1, isn't always enabled in the kernel so you might have to remove vers=2.1.

APKTOOL SOLUTION needed

Peace be upon to you
Please help me
My mobile
Sm-j200h
Android lollipop 5.1
I used this Apktool version
[email protected]
It decompile successfully, but recompile failed
I googled this problem, and found that I can't recompile successfully , if selinux in my mobile is "Selinux Enforce".
Please help me to change selinux from enforce to Permissive.
I tried apps such as ( tuggle selinux changer,,) to change it but all failed

aboaldrdaaa2 said:
Peace be upon to you
Please help me
My mobile
Sm-j200h
Android lollipop 5.1
I used this Apktool version
[email protected]
It decompile successfully, but recompile failed
I googled this problem, and found that I can't recompile successfully , if selinux in my mobile is "Selinux Enforce".
Please help me to change selinux from enforce to Permissive.
I tried apps such as ( tuggle selinux changer,,) to change it but all failed
Click to expand...
Click to collapse
have you tried this app to change selinux mode.
https://forum.xda-developers.com/showthread.php?t=2524485

Ashwinrg said:
have you tried this app to change selinux mode.
https://forum.xda-developers.com/showthread.php?t=2524485
Click to expand...
Click to collapse
Thanks for reply
Yes I tried it before, it failed too.

aboaldrdaaa2 said:
Thanks for reply
Yes I tried it before, it failed too.
Click to expand...
Click to collapse
Then try these commands in terminal emulator.
Open terminal emulator type "su" give root permission to emulator
type "getenforce" and enter.
type "setenforce 0" to set to permissive or "setenforce 1" for enforce

Ashwinrg said:
have you tried this app to change selinux mode.
https://forum.xda-developers.com/showthread.php?t=2524485
Click to expand...
Click to collapse
Ashwinrg said:
Then try these commands in terminal emulator.
Open terminal emulator type "su" give root permission to emulator
type "getenforce" and enter.
type "setenforce 0" to set to permissive or "setenforce 1" for enforce
Click to expand...
Click to collapse
Again failed see screenshot, sorry I can't upload screenshot

[TUTORIAL] Disable AVB/Verity in Vendor [Dynamic Partition] - Enable RW

PREREQUISITE
- adb enabled [developer options]
- root [Magisk/SU]
- original /vendor partition [flashed with official update/firmware]
- File/Root Explorer
- adb for Windows [Minimal ADB and Fastboot, provided]
- UKA [Unpacker Kitchen for Android] - Send me a PM
- USB cable always connected

Reserved

You can do the same steps for the other logical partitions [system & product]
At the end you do :
System
tune2fs -L / /data/local/UnpackerSystem/system.new.img
tune2fs -O ^read-only /data/local/UnpackerSystem/system.new.img
tune2fs -O ^has_journal /data/local/UnpackerSystem/system.new.img
adb shell
su
dd if=/sdcard/system.img of=/dev/block/dm-2
(just copy/past to avoid errors !)
Reboot your phone right away !
Product
must be renamed vendor because the Magisk Module still doesn't support this name yet ... just rename it vendor.img before taking any action ... and after creating your image, do :
tune2fs -L product /data/local/UnpackerSystem/vendor.new.img
tune2fs -O ^read-only /data/local/UnpackerSystem/vendor.new.img
tune2fs -O ^has_journal /data/local/UnpackerSystem/vendor.new.img
NOW you can rename it product.img
adb shell
su
dd if=/sdcard/product.img of=/dev/block/dm-0
Reboot your phone right away !

"Houston, we have problem!"
Now what? Is this only for MIUI users? I have flashed Nusantara ROM right now...
Also it is possible, that you can create "default" RW images for surya, upload them somewhere on cloud (one RW system please! medium rare, thank you ... 12.0.7 is fine for me...)
... but anyway, thanks for your hard work...
BTW @brigudav already created flashable RW vendor for Surya, can that be done also for system?

jeryll said:
"Houston, we have problem!"
View attachment 5232079
Now what? Is this only for MIUI users? I have flashed Nusantara ROM right now...
Also it is possible, that you can create "default" RW images for surya, upload them somewhere on cloud (one RW system please! medium rare, thank you ... 12.0.7 is fine for me...)
... but anyway, thanks for your hard work...
BTW @brigudav already created flashable RW vendor for Surya, can that be done also for system?
Click to expand...
Click to collapse
Check your Mount Namespace Mode in Magisk Manager
No it's not only for miui, it's for all roms ! (btw i'm on LOS 17.1 ... and i never used MIUI)
Yes, you can do that for the 3 logical partitions ... this tutorial is for all devices with dynamic paritition aka super.img (not limited to poco x3 nfc !!!)
I will put a clean vendor.img later (with RW enabled and AVB-Verity Disabled)
I will put a modded version of Magisk 20.4 too if someone would use it (like me)

janhammer504 said:
Check your Mount Namespace Mode in Magisk Manager
No it's not only for miui, it's for all roms ! (btw i'm on LOS 17.1 ... and i never used MIUI)
Click to expand...
Click to collapse
- thanks for the answer, but I must say I'm unable to continue, because I'm unable to install UKA module on A11 ROM
- regardless of Mount Namespace Mode - I checked all three - with reboot - result is the same
- I'm also unable to install magisk 20.4 on A11 ROM - and with v21.0 or higher - UKA will not install
- so Id say this guide is for now useable only for A10 users
- I will test A10 ROM in a few days
- maybe there is a problem with my phone, but I reflashed full recovery version of latest MIUI before flashing custom rom together with encryption disabler, so my super partition should be cleaned up
- so using unencrypted storage could be another problem for this to work?

jeryll said:
- thanks for the answer, but I must say I'm unable to continue, because I'm unable to install UKA module on A11 ROM
- regardless of Mount Namespace Mode - I checked all three - with reboot - result is the same
- I'm also unable to install magisk 20.4 on A11 ROM - and with v21.0 or higher - UKA will not install
- so Id say this guide is for now useable only for A10 users
- I will test A10 ROM in a few days
- maybe there is a problem with my phone, but I reflashed full recovery version of latest MIUI before flashing custom rom together with encryption disabler, so my super partition should be cleaned up
- so using unencrypted storage could be another problem for this to work?
Click to expand...
Click to collapse
Hi, flash an official MIUI for your device.
Do the dirty job and save your vendor.img
Reflash your rom !
(i have already uploaded a clean vendor.img here)

I close this thread too since a lot of features have been added to this work ... and since there are many disrespectful developers-like around who steal my work and give no credit !
Check my custom vendor thread to learn more about this work !
If you have any question, send me a PM, i will check first if you are not a troll : if you get no answer from me, then understand by yourself !

@janhammer504 Hi. For the sake of the community it's always sad to see someone taking their work from XDA.
If you've got issues with other people using your work without credit here on XDA you can always reach out to someone on the moderator team for help. Or better yet, one of us on the Developer Relations team. We can help you solve any disputes and make sure you get proper credit.
You can find a list of moderators here:
https://docs.google.com/document/d/1lK5rP103OL3StU3q9iqwX9LU_k8XABeSQIAT3EHCqgM/pub

Patching boot.img (Magisk)?

Hi there,
When Magisk (or adbd insecure) "patched the boot.img", and created a new file "magisk-patched-25200_random-string",
- what did Magisk do to boot.img extracted from stock firmware;
- what does "patching" mean in the context?
Thanks in advance.
Regards,
Wen

magisk will replace init binary with its own magiskinit and install its root stuff (modified SELinux policy rules with secontext u:r:magisk:s0 for magisk su daemon) and more.
https://topjohnwu.github.io/Magisk/details.html#pre-init
you have to flash that patched image from fastboot back to device yourself in order to obtain root access.

aIecxs said:
magisk will replace init binary with it's own magiskinit and install it's root stuff (modified SELinux policy rules with secontext u:r:magisk:s0 for magisk su daemon) and more.
https://topjohnwu.github.io/Magisk/details.html#pre-init
you have to flash that patched image from fastboot back to device yourself in order to obtain root access.
Click to expand...
Click to collapse
Ok, I'll look into it.

Btw: adbd Insecure v2.00 by @Chainfire won't modify boot partition, only latest SuperSU v2.79 SR3 by @Chainfire predecessor to Magisk does (although origin of systemless-root idea was born from Magisk)

Question [Resolved] Magisk problem with lineage 20

Hi i have installed latest android 13 stock on t220 after i make a customAP of gsi lineage 20.0 arm64-bvs-vndklite after i make a magisk patched AP and all working but when i open magisk i have this error "su file detected that does not belong to magisk,please remove other superuser programs" but magisk work perfectly
Plz how can i solve

izimen said:
Hi i have installed latest android 13 stock on t220 after i make a customAP of gsi lineage 20.0 arm64-bvs-vndklite after i make a magisk patched AP and all working but when i open magisk i have this error "su file detected that does not belong to magisk,please remove other superuser programs" but magisk work perfectly
Plz how can i solve
Click to expand...
Click to collapse
Delete
/system/xbin/su
/system/etc/init/su.rc
/system/bin/phh-su
/system/bin/phh-securize.sh
su app in /system/app/phh.superuser
Together with
*disable toggle SuperSU in phh-treble setting

yshiv666 said:
Delete
/system/xbin/su
/system/etc/init/su.rc
/system/bin/phh-su
/system/bin/phh-securize.sh
su app in /system/app/phh.superuser
Together with
*disable toggle SuperSU in phh-treble setting
Click to expand...
Click to collapse
thanks all are good now