Related
Hello Guys,
I packed the rom in a flashable zip, it's pre-rooted and nut's dual recovery is included, also the kernel is included so need to flash that afterwards
Thanks to @zxz0O0 for his PRFCreator, @[NUT] for his dualrecovery, @Chainfire for root package, and me for combining their great work work for you
I got some reactions that root isn't working properly, So i will be working on a new version, but that will have to wait until i got Linux working and setup again (ages ago since i worked with Linux ) and made the new version. After that i might even consider tweaking it etc, but don't hold your hopes up yet, i don't have much spare time to work on it
SGP511
https://mega.co.nz/#!ndFxUCTR!xVE235NjuIFiugEofrQaWjWP5cLfSBffgyx1sIgV1ak
SGP512
https://mega.co.nz/#!bJ8lTJiA!vg4B_TSlKnwJPxm3WK5Rgc13h0ejx3Jq6x7LGtTu-6w
SGP521
https://mega.co.nz/#!TB9lULCI!v2m-wL4JGEDs_fIQt83Qrbmn0JerkMfL-aSIOh-mtVY
You should know that Playstation PS4 remote play Won't work due to Root.
If you want to use that wait for a different root/altered ps remote play app and just enjoy stock unrooted untill then
instructions:
make sure you are on a rom with recovery
flash this rom, wipe cache/dalvik cache, reboot
enjoy
Thanksss
R/W
Root Explorer does not switch /system in mode R/W
This work with SGP561?
Sent from my SGP561 using XDA Premium HD app
I don't think so. I'll see if i can make one for 561 tomorrow
Sent from my SGP521 using XDA Premium HD app
Bird40 said:
Root Explorer does not switch /system in mode R/W
Click to expand...
Click to collapse
I'm sorry to hear that. Haven't really tested it since i want to use ps4 remote play.
I'll see if i can make a new version later tomorrow
Sent from my SGP521 using XDA Premium HD app
crazymister said:
I'm sorry to hear that. Haven't really tested it since i want to use ps4 remote play.
I'll see if i can make a new version later tomorrow
Sent from my SGP521 using XDA Premium HD app
Click to expand...
Click to collapse
Did you modify the kernel "ramdisk" to make it insecure?
Generally with most ramdisks, you'll need to split the boot.img, unpack the ramdisk gz, and edit the line in the default.prop (might be in a different location)
Change this line from ro.secure=1 to ro.secure=0
Then repack ramdisk, and repack the boot.img
Virtuous Ten Studio should do this automatically when you split the boot.img.
Moscow Desire said:
Did you modify the kernel "ramdisk" to make it insecure?
Generally with most ramdisks, you'll need to split the boot.img, unpack the ramdisk gz, and edit the line in the default.prop (might be in a different location)
Change this line from ro.secure=1 to ro.secure=0
Then repack ramdisk, and repack the boot.img
Virtuous Ten Studio should do this automatically when you split the boot.img.
Click to expand...
Click to collapse
No i didn't do anything to the kernel. It's completely stock
Sent from my SGP521 using XDA Premium HD app
crazymister said:
No i didn't do anything to the kernel. It's completely stock
Sent from my SGP521 using XDA Premium HD app
Click to expand...
Click to collapse
There's the issue, and why you can't get /system RW.
On most devices, if you can get OEM Bootloader Unlock, then it's just a matter of modifying Ramdisk as stated above, then fastboot (flash) the new boot image. You can do a simple adb push and permissions for SU and SuperSU.apk.
When you split a boot.img, you get 2 parts basically, zimage (kernel) and ramdisk. Ramdisk you can edit.
As with the easyroot program (worked prior to .167), it used an exploit to split the bootimg, and modify ramdisk with the above parameters internally, then packing it back. Hence why it was copying it to a temp folder to do it's work. This was all great as we didn't need to unlock bootloader. But it doesn't negate the fact the ramdisk was still modified.
Get Virtuous Ten Studio here at XDA. Unpack the boot.img, make the change, pack it back and flash it. Should work. Program is pretty simple.
I just can't get it working right under Win 10, and not sure when I can get to it.
Moscow Desire said:
There's the issue, and why you can't get /system RW.
On most devices, if you can get OEM Bootloader Unlock, then it's just a matter of modifying Ramdisk as stated above, then fastboot (flash) the new boot image. You can do a simple adb push and permissions for SU and SuperSU.apk.
When you split a boot.img, you get 2 parts basically, zimage (kernel) and ramdisk. Ramdisk you can edit.
As with the easyroot program (worked prior to .167), it used an exploit to split the bootimg, and modify ramdisk with the above parameters internally, then packing it back. Hence why it was copying it to a temp folder to do it's work. This was all great as we didn't need to unlock bootloader. But it doesn't negate the fact the ramdisk was still modified.
Get Virtuous Ten Studio here at XDA. Unpack the boot.img, make the change, pack it back and flash it. Should work. Program is pretty simple.
I just can't get it working right under Win 10, and not sure when I can get to it.
Click to expand...
Click to collapse
That will be a problem for me since my bootloader is still locked. So i will not be able to flash an insecure kernel.
And im not going to unlock it anytime soon either, so if you want an insecure kernel you will have to build it yourself. In whatever environment. You can always start a VM with win/linux just to build it
And sorry if i sound harsh that'snot my intention. :good:
crazymister said:
That will be a problem for me since my bootloader is still locked. So i will not be able to flash an insecure kernel.
And im not going to unlock it anytime soon either, so if you want an insecure kernel you will have to build it yourself. In whatever environment. You can always start a VM with win/linux just to build it
And sorry if i sound harsh that'snot my intention. :good:
Click to expand...
Click to collapse
Naw, no offense taken. :highfive:
I hate unlocking mine as well, but eventually will probably have to. Just hate going through Sony to do it, as they will have my tab ID on record
Btw, i didn't use an easyroot utility but injected the root directly into the ROM. (not a nandroid backup, but downloaded the sony files, decrypted them, turned that into ftf and used the ftf to build a zip with root build into it
On the brief test i did, i did have root privileges, but i didn't do an extensive test because i only tested if root was there (used root checker), because i use the ps4 remote app :good: that just gives an error as soon as you have a superuser app installed
So from the reactions i got (and I'll change the op until i got a new, good working version) root isn't working properly, but working nonetheless
Sent from my SGP521 using XDA Premium HD app
crazymister said:
Btw, i didn't use an easyroot utility but injected the root directly into the ROM. (not a nandroid backup, but downloaded the sony files, decrypted them, turned that into ftf and used the ftf to build a zip with root build into it
On the brief test i did, i did have root privileges, but i didn't do an extensive test because i only tested if root was there (used root checker), because i use the ps4 remote app :good: that just gives an error as soon as you have a superuser app installed
So from the reactions i got (and I'll change the op until i got a new, good working version) root isn't working properly, but working nonetheless
Sent from my SGP521 using XDA Premium HD app
Click to expand...
Click to collapse
Yeah, and I'm not totally familiar with the way Sony has their kernel/boot image laid out. Different from other tablets I've worked on.
Will look into things though as time permits.
Moscow Desire said:
Naw, no offense taken. :highfive:
I hate unlocking mine as well, but eventually will probably have to. Just hate going through Sony to do it, as they will have my tab ID on record
Click to expand...
Click to collapse
Oh yeah, if you have made a backup of your TA you can safely re-lock your tab again without worrying about warranty. Because the DRM keys are in TA, and if you restore that (only if you backed it up prior to unlocking the first time) you also restore your drm keys
Tested to work when i had xperia T, with my current Z and a bunch of other Sony phones from friends
Even used warranty once after screwing things up i just restored TA, made it completely stock and went to the shop to claim my warranty
Sent from my SGP521 using XDA Premium HD app
Quick question: If the rom can't write to the system, can the recoveries? The only thing I need write access to the system partition is for changing the fonts and for the hosts file but I can do that in recovery. If that's the case I could live with root without full system access like in this rom.
crazymister said:
Oh yeah, if you have made a backup of your TA you can safely re-lock your tab again without worrying about warranty. Because the DRM keys are in TA, and if you restore that (only if you backed it up prior to unlocking the first time) you also restore your drm keys
Tested to work when i had xperia T, with my current Z and a bunch of other Sony phones from friends
Even used warranty once after screwing things up i just restored TA, made it completely stock and went to the shop to claim my warranty
Sent from my SGP521 using XDA Premium HD app
Click to expand...
Click to collapse
Yeah, had to use my other PC, but they are backed up.
Just info, should probably look at this;
http://forum.xda-developers.com/showthread.php?t=2699858
So seeing the kernel itself isn't being changed, it may work changing ramdisk only.
Moscow Desire said:
Yeah, had to use my other PC, but they are backed up.
Just info, should probably look at this;
http://forum.xda-developers.com/showthread.php?t=2699858
So seeing the kernel itself isn't being changed, it may work changing ramdisk only.
Click to expand...
Click to collapse
Nah that won't work. The only thing spoken of is how to extract boot.img from an ftf and how to inject that into your update.zip. As soon as you make even the tiniest change in kernel (ramdisk included) the kernel isn't signed anymore and you won't be able to flash it.
I have build my own rom in the past for xperia t, and i decided that learning to build your own rom and kernel at the same time is to much work
I will see what i can do later today, when my ex picks up my son I'll have some free time at hand then.
So to install Ubuntu and configure it to use it again. I hope i have something usefull tonight.
Sent from my SGP521 using XDA Premium HD app
in the kulverti thread 4.4.4 starts rolling out today he mentions some files that need modding in the recovery installer to kill sonyric so you can get rw system access . does that help ?
any fix of system rights?
Jeddix said:
Quick question: If the rom can't write to the system, can the recoveries? The only thing I need write access to the system partition is for changing the fonts and for the hosts file but I can do that in recovery. If that's the case I could live with root without full system access like in this rom.
Click to expand...
Click to collapse
I tried this rom, but I also got no full system access. So I couldn't apply the sd fix patch. But I do have regular root rights. Is there any way so far to get also write permissions in the system?
steff_1964 said:
I tried this rom, but I also got no full system access. So I couldn't apply the sd fix patch. But I do have regular root rights. Is there any way so far to get also write permissions in the system?
Click to expand...
Click to collapse
Well, if you want to unlock your bootloader it makes it easier
Basically I run a modified ramdisk with some of the security disabled and a different patched adbd binary, Fastboot flash the boot.img, Fastboot boot the current TWRP, exit out (it installs SuperSU and the binary automatically), then reboot. Have full system RW, exposed modules, greenify, etc.
It's sort of a round-about way of getting root and /system rw, but the selinux is a pain.
Still looking for available adbd binaries that also work and clean up all my ramdisk comments I don't need :laugh::laugh::laugh:
So the DT 4.4.4 has root now, but it does not turn off write protection. It is a different kind of root in that what it lets you do is flash a pre-rooted system image (system.img). So you have to make any mods to the image BEFORE you flash, which is not something your average joe or joette knows how to do.
But for me at least, the Moto X didn't need much modding, just Xposed with Gravity Box, Root Cloaker and Moto Tether.
I have a Dev Ed so I don't need this exploit but I did pull all of the system images from my rooted Dev Ed. The only thing I don't know how to do is to put those into a flashable image file. Does anyone here know how to do that?
I also have the TWRP ext4 system file if that helps.
JulesJam said:
So the DT 4.4.4 has root now, but it does not turn off write protection. It is a different kind of root in that what it lets you do is flash a pre-rooted system image. So you have to make any mods to the image BEFORE you flash, which is not something your average joe or joette knows how to do.
But for me at least, the Moto X didn't need much modding, just Xposed with Gravity Box, Root Cloaker and Moto Tether.
I have a Dev Ed so I don't need this exploit but I did pull all of the system images from my rooted Dev Ed. The only thing I don't know how to do is to put those into a flashable image file. Does anyone here know how to do that?
I also have the TWRP ext4 system file if that helps.
Click to expand...
Click to collapse
thats not a boot unlock and not a write protection disable ... its just ability to install rooted custom system img ....... i think
Javajohn said:
thats not a boot unlock and not a write protection disable
Click to expand...
Click to collapse
Yes I know what it is.
Javajohn said:
... its just ability to install rooted custom system img ....... i think
Click to expand...
Click to collapse
Yes that is what I said it is.
Do you know how I can use the files I have from the system dump and TWRP nandroid ext4 file to create a flashable rooted system.img? That is what I am asking.
JulesJam said:
...
Do you know how I can use the files I have from the system dump and TWRP nandroid ext4 file to create a flashable rooted system.img? That is what I am asking.
Click to expand...
Click to collapse
edit: I misunderstood the question. Of course a CWM/TWRP flashable .zip is not a fastboot flashable system.img...
I'll 'take a stab at this'. I've done it a few times... (I'm sure there is a better guide, but I didn't attempt to find it...) You asked - please don't blame (or hate) me if I help you brick your phone... If you only modify /system, you should be able to restore using CWM/TWRP.
First, find a CWM/TWPR flashable .zip to use it's /META-INFO/ directory as a template. It's best to use a .zip made for your model (so the system mount and format work), and if you can find one for your android version even better. (Do not use an OTA .zip for this template.)
This template will likely [at least] do the following in the "/META-INFO/com/google/android/updater-script" script:
1) mount /system
2) format /system
3) copy /system directory from .zip (need to replace this directory)
4) create symlinks (might need work)
5) set permissions (probably needs work)
If you are only working on /system, then you should remove all superfluous sections (like flashing boot or the modem.)
So, first you need to prepare your new /system: In linux, take your dumped (or backup) /system and copy it to a new /system directory without symlinks. Now you have the new /system for your new flashable .zip
Then you need to modify the "updater-script" script and handle the creation of the symlinks. The easiest way to find this part of the script is locate a flashable zip (or OTA) that patches to your current model/android version. This will handle the bulk of the symlinks.
Next you need to handle the permissions in the "updater-script" script. The aforementioned .zip will also have the permissions scripted, but the root files may not be handled properly. You can find those script commands in a modern flashable zip with root 'baked in.'
Finally take your new /system and new "updater-script" and dump them in your template.... BACKUP (copy off phone) and test.
Good luck...
Ctrl-Freak said:
I'll 'take a stab at this'. I've done it a few times... (I'm sure there is a better guide, but I didn't attempt to find it...) You asked - please don't blame (or hate) me if I help you brick your phone... If you only modify /system, you should be able to restore using CWM/TWRP.
Click to expand...
Click to collapse
Yeah, I am not worrying about a brick as I can wipe my OS entirely and still get into bootloader and recovery so all is good.
Ctrl-Freak said:
First, find a CWM/TWPR flashable .zip to use it's /META-INFO/ directory as a template.
Click to expand...
Click to collapse
My TWRP nandroid of the rooted 4.4.4 system has a meta-info folder with 3 files in it - manifest.mf, cert.sf and cert.rsa.
Ctrl-Freak said:
/META-INFO/com/google/android/updater-script
Click to expand...
Click to collapse
What is this?
Ctrl-Freak said:
So, first you need to prepare your new /system: In linux, take your dumped (or backup) /system and copy it to a new /system directory without symlinks. Now you have the new /system for your new flashable .zip
Click to expand...
Click to collapse
Guess I need to learn what a symlink is first, lol!
JulesJam said:
My TWRP nandroid of the rooted 4.4.4 system has a meta-info folder with 3 files in it - manifest.mf, cert.sf and cert.rsa. !
Click to expand...
Click to collapse
I did not mean your nandroid. Find a flashable zip (made for your device/version) by someone to flash a [custom] ROM. If it flashes a ROM for your device/version, it should be a good starting point.
I looked under xda -> droid turbo and this was the only ROM I found: http://forum.xda-developers.com/dro.../moto-maxx-xt1225-cm12-0-pre-release-t3060089 It says it is for a Moto Maxx xt1225, but again it is only a template, and it might be close.
/META-INFO/com/google/android/updater-script is a text based script that controls what/how CWM / TWRP flashes. AFAIK it is within all flashable zips.
Ctrl-Freak said:
I did not mean your nandroid. Find a flashable zip (made for your device/version) by someone to flash a [custom] ROM. If it flashes a ROM for your device/version, it should be a good starting point.
Click to expand...
Click to collapse
OK thanks, I am doing this for the Moto X 2013, not DT.
Ctrl-Freak said:
/META-INFO/com/google/android/updater-script is a text based script that controls what/how CWM / TWRP flashes. AFAIK it is within all flashable zips.
Click to expand...
Click to collapse
got it.
If this is successful, would there be a way to do it on the AT&T Moto 2013 running 4.4.4?
Sent from my XT1058 using XDA Free mobile app
hexbox117 said:
If this is successful, would there be a way to do it on the AT&T Moto 2013 running 4.4.4?
Click to expand...
Click to collapse
yes, if someone has a GSM Moto X Dev Ed. I don't.
JulesJam said:
yes, if someone has a GSM Moto X Dev Ed. I don't.
Click to expand...
Click to collapse
And would we be able to use Xposed?
Sent from my XT1058 using XDA Free mobile app
hexbox117 said:
And would we be able to use Xposed?
Click to expand...
Click to collapse
Someone has to create a pre-rooted system image with Xposed installed. I think you can then add modules as long as you only do soft reboots. If you do hard reboots, you lose the modules as write protection is still on.
But someone could make a pre-rooted system image with Xposed and the modules you want installed, then it would survive hard reboots AFAIK.
I am still working on how to make a pre-rooted flashable system image, lol!
JulesJam said:
Someone has to create a pre-rooted system image with Xposed installed. I think you can then add modules as long as you only do soft reboots. If you do hard reboots, you lose the modules as write protection is still on.
But someone could make a pre-rooted system image with Xposed and the modules you want installed, then it would survive hard reboots AFAIK.
I am still working on how to make a pre-rooted flashable system image, lol!
Click to expand...
Click to collapse
Interesting. I think you should take a look at this, it sounds like it could be better than what you're trying to accomplish.
http://forum.xda-developers.com/showthread.php?p=59702152
Sent from my XT1058 using XDA Free mobile app
hexbox117 said:
Interesting. I think you should take a look at this, it sounds like it could be better than what you're trying to accomplish.
http://forum.xda-developers.com/showthread.php?p=59702152
Sent from my XT1058 using XDA Free mobile app
Click to expand...
Click to collapse
That was discussed on the DT forums, there is a problem with that on 4.4.4.
For now, the only hope is maiko1's exploit on 4.4.4.
JulesJam said:
That was discussed on the DT forums, there is a problem with that on 4.4.4.
For now, the only hope is maiko1's exploit on 4.4.4.
Click to expand...
Click to collapse
I'm not familiar with what the exploit is. Do you think you could explain it or link me to his post?
Sent from my XT1058 using XDA Free mobile app
hexbox117 said:
I'm not familiar with what the exploit is. Do you think you could explain it or link me to his post?
Click to expand...
Click to collapse
http://forum.xda-developers.com/general/paid-software/mofo-root-turbo-t3064404
So far, it is for the DT only. I want to test it on the Moto X 2013 and then the Moto X 2014. But first, a pre-rooted flashable system.img needs to be created for the Moto X 2013.
JulesJam said:
OK thanks, I am doing this for the Moto X 2013, not DT.
Click to expand...
Click to collapse
If you modify the updater-script to remove the flashing of the kernel (below), then this .zip should be perfect for your testing pleasure:
http://forum.xda-developers.com/moto-x/development/rom-krypton-v1-2-v1-3b1-6-9-2014-t2716657 (download 4.4.4 Krypton v1.4.1 )
Remove this line:
Code:
package_extract_file("boot.img", "/dev/block/platform/msm_sdcc.1/by-name/boot");
Good testing...
Ctrl-Freak said:
If you modify the updater-script to remove the flashing of the kernel (below), then this .zip should be perfect for your testing pleasure:
http://forum.xda-developers.com/moto-x/development/rom-krypton-v1-2-v1-3b1-6-9-2014-t2716657 (download 4.4.4 Krypton v1.4.1 )
Remove this line:
Code:
package_extract_file("boot.img", "/dev/block/platform/msm_sdcc.1/by-name/boot");
Good testing...
Click to expand...
Click to collapse
Thanks, I took a look at the Eclipse Moto X, which is 4.4.4 kitkat based.
http://forum.xda-developers.com/moto-x/development/rom-eclipse-moto-x-v3-2-2-4-4-2-blur-t2521509
But now that I am thinking about it, do these custom ROMs need specific kernels or can you just flash the system w/o flashing the kernel? I guess I will try it and see what happens.
If someone will give me a detailed instruction how to flash a pre-rooted firmware with xposed installed I will try to do so on my AT&T XT1053
RabbitRu said:
If someone will give me a detailed instruction how to flash a pre-rooted firmware with xposed installed I will try to do so on my AT&T XT1053
Click to expand...
Click to collapse
You have to pay $20 to get set up with the exploit, but for now, the guy is only doing Droid Turbos. It is on the paid software forum.
I am trying to see if the exploit works on the Moto X. The dev needs to get back to me but first, I need to try to create a pre-rooted system image.
JulesJam said:
You have to pay $20 to get set up with the exploit, but for now, the guy is only doing Droid Turbos. It is on the paid software forum.
I am trying to see if the exploit works on the Moto X. The dev needs to get back to me but first, I need to try to create a pre-rooted system image.
Click to expand...
Click to collapse
I don't think it will work on the 2013 X... see -> http://forum.xda-developers.com/mot...e-protection-motowpnomo-t2551113/post59731261
And remember, Beaups had an hand in the root exploit and tool for the Droid Turbo along with Jcase... So if Beaups says no, it wont help the 2013 X with 4.4.4, its a pretty sure bet that it wont.
I am thinking of keeping my phone stock given (Android Pay, Security Updates, Work requirements for email/messages). Is there any way to update the hosts file without unlocking the bootloader and installing TWRP? I just want to get rid of the ads as they are soo annoying for non-donate/IAP/Pro-version apps.
Thanks! :fingers-crossed:
Don't Think it is Possible
Unfortunately I do not think that it is possible to adjust the host file without root access. It is in a protected area of the system storage.
Zlatty said:
I am thinking of keeping my phone stock given (Android Pay, Security Updates, Work requirements for email/messages). Is there any way to update the hosts file without unlocking the bootloader and installing TWRP? I just want to get rid of the ads as they are soo annoying for non-donate/IAP/Pro-version apps.
Thanks! :fingers-crossed:
Click to expand...
Click to collapse
There's no way to do this without root access, it's within the /system partition so that says it all really. You don't have to install TWRP, you can live-boot it instead. There's no way around unlocking your bootloader though, plus I'd strongly recommend unlocked it anyway, if something goes wrong with your phone one day and you can't unlock it you're gonna wish you did.
Dang it. I gave non-root a day. It's not for me. Thanks y'all!
can the system.img be modified so that the hosts file is overwritten? when i go in through TWRP and copy an edited hosts file over the one in /system/etc, i can copy it back out and confirm that the file has had its contents changed. but once the device boots up, it acts as if nothing is different.
is it a matter of when the system folder is mounted/read-only?
640k said:
can the system.img be modified so that the hosts file is overwritten? when i go in through TWRP and copy an edited hosts file over the one in /system/etc, i can copy it back out and confirm that the file has had its contents changed. but once the device boots up, it acts as if nothing is different.
is it a matter of when the system folder is mounted/read-only?
Click to expand...
Click to collapse
https://source.android.com/security/verifiedboot/
As far as I understand it, dm-verity will overwrite those changes on boot. Many ROM / Kernels disable it for that reason. Maybe @Heisenberg or someone else can give you a better explanation, though.
Hey, I'm having an interesting issue that I haven't seen before on my previous phones. Normally, I'll occasionally flash magisk to root and update my hosts file with Adaway (and several lists that I've added to it which seem to block most/all ads), then unroot my phone. I noticed with the 6T that after I unroot (restore images, then uninstall through Magisk Manager) that the hosts file seems to be restored back to the stock file without any of my blocks. Am I doing something wrong? Thanks!
the00guy said:
Hey, I'm having an interesting issue that I haven't seen before on my previous phones. Normally, I'll occasionally flash magisk to root and update my hosts file with Adaway (and several lists that I've added to it which seem to block most/all ads), then unroot my phone. I noticed with the 6T that after I unroot (restore images, then uninstall through Magisk Manager) that the hosts file seems to be restored back to the stock file without any of my blocks. Am I doing something wrong? Thanks!
Click to expand...
Click to collapse
Without having some type of ramdisk patch in place, like Magisk or custom kernel, the system will default to the stored system image and effectively undo any changes to the /system partition. Any changes to the system partition that you have made will not be there until you install Magisk or a custom kernel again.
So basically with the stock boot image unmodified you cannot make persistent edits on the /system partition from my experience.
Wow, I was not aware that the system started keeping a clean system image like that. Historically I've always been able to modify /system with root and then unroot and the changes would remaim. Since TWRP is part of /boot now, perhaps that would be sufficient to prevent the stock boot from rewriting my /system changes...? Are there any other ways to prevent the system from being restored to stock after unrooting?
the00guy said:
Wow, I was not aware that the system started keeping a clean system image like that. Historically I've always been able to modify /system with root and then unroot and the changes would remaim. Since TWRP is part of /boot now, perhaps that would be sufficient to prevent the stock boot from rewriting my /system changes...? Are there any other ways to prevent the system from being restored to stock after unrooting?
Click to expand...
Click to collapse
As far as I know the phone wont boot with just TWRP installed, you need Magisk as well. So if you don't want to keep Magisk installed I suggest installing only a custom kernel. I personally love Smurf Kernel here (https://forum.xda-developers.com/oneplus-6t/development/kernel-smurfkernel-2-0-49-t3868360). Although I have not tested to see if /system modifications stick with only custom kernel but I feel like they should since it is modifying the ramdisk to allow the phone to boot modified. I know that Smurf Kernel will detect if you have Magisk or not and patch the boot image accordingly. So you will be able to run just a custom kernel without root if this is what you want.
Also if you are not aware you can disable all root access from the Magisk app without having to uninstall anything, maybe that could work for you as well.
Make sure to hit the thanks button if I was able to help you out here!
the00guy said:
Wow, I was not aware that the system started keeping a clean system image like that. Historically I've always been able to modify /system with root and then unroot and the changes would remaim. Since TWRP is part of /boot now, perhaps that would be sufficient to prevent the stock boot from rewriting my /system changes...? Are there any other ways to prevent the system from being restored to stock after unrooting?
Click to expand...
Click to collapse
You could always, edit the partition directly in TWRP and install an alternative host file.
tech_head said:
You could always, edit the partition directly in TWRP and install an alternative host file.
Click to expand...
Click to collapse
The issue is that Android will replace the /system partition with the stored stock system image if you do not have a modified ramdisk. So if you remove Magisk and don't use custom kernel you effectively cannot modify anything on /system as it will not persist.
yerger said:
The issue is that Android will replace the /system partition with the stored stock system image if you do not have a modified ramdisk. So if you remove Magisk and don't use custom kernel you effectively cannot modify anything on /system as it will not persist.
Click to expand...
Click to collapse
Hopefully the community can find a workaround eventually for this that won't replace the /system with a clean image, or find a way to patch the clean image when performing root operations. Some apps can still detect/are broken by magisk, as good as it is, and I hate running any of my phone without ad blocking. I tried going the DNS route, but have yet to find a good private dns provider that oxygen os plays nicely with that also doesn't log.
the00guy said:
Hopefully the community can find a workaround eventually for this that won't replace the /system with a clean image, or find a way to patch the clean image when performing root operations. Some apps can still detect/are broken by magisk, as good as it is, and I hate running any of my phone without ad blocking. I tried going the DNS route, but have yet to find a good private dns provider that oxygen os plays nicely with that also doesn't log.
Click to expand...
Click to collapse
Try using just a custom kernel. You can do that without root and it should prevent /system from being overwritten with the stored system image. The issue is that you need a patched ramdisk in order for the /system partition to boot modified. No way around that unfortunately.
I personally use Smurf Kernel (https://forum.xda-developers.com/one...-0-49-t3868360) and get much better battery life than the stock kernel. The phone is much smoother and snappier as well.
yerger said:
Try using just a custom kernel. You can do that without root and it should prevent /system from being overwritten with the stored system image. The issue is that you need a patched ramdisk in order for the /system partition to boot modified. No way around that unfortunately.
I personally use Smurf Kernel (https://forum.xda-developers.com/one...-0-49-t3868360) and get much better battery life than the stock kernel. The phone is much smoother and snappier as well.
Click to expand...
Click to collapse
Thank you all for the information. It seems I need to read up more on how android pie works behind the scenes particularly with the ramdisk and how the system position is managed.
https://blokada.org/
Non root adblocker, many lists available, DNS change
Or just use Adguard DNS. Works great.
Hi everyone. I'm scratching my head here and struggling to find a solution that doesn't require root.
I've got a hosts file that I love as it blocks nearly all advert servers on my phone.
I know there are several adblocking apps but they all require root.
I have had to remove root as I have some critical apps that still don;t work, even after hiding magisk from the apps within the Magisk Manager.
I've got a magisk patched image that I can "fastboot boot" with and can edit the hosts file (after remounting /system as rw) but when I then reboot afterwards, the hosts file has been overwritten.
Can anyone help me please or give me a pointer of how to make the hosts edits remain following a reboot?
edit2add
I am using stock ROM with latest August patches on my Mi A1
You can't without root even if you do it your system partition will be modified and it will result in phone not booting or just safetynet won't pass.
Use a vpn or I'm pretty sure there's app that can fake a vpn with a ad ban list
Dead-neM said:
You can't without root even if you do it your system partition will be modified and it will result in phone not booting or just safetynet won't pass.
Use a vpn or I'm pretty sure there's app that can fake a vpn with a ad ban list
Click to expand...
Click to collapse
Interesting idea regarding spoof VPN.
Do you know how the hosts file is generated? If it's copied over from somewhere during boot then could I edit the source file it's copied from?
If it's generated procedurally, might I be able to script it to add my edits during creation?
wodgey said:
Interesting idea regarding spoof VPN.
Do you know how the hosts file is generated? If it's copied over from somewhere during boot then could I edit the source file it's copied from?
If it's generated procedurally, might I be able to script it to add my edits during creation?
Click to expand...
Click to collapse
System partition ? so that's a good idea but you'll have to compile a rom to change this file. On Linux distro the host file is a thing you can modify easily. On android it's just deprecated by google as it's use mostly used as an adfilter. And google is an ad company. That's my guess.
Anyway host file will always need root even on Linux.
Simply because it can be used against you.
The problem is more on apps that blocks you because you're rooted than being rooted for changing this file.
If any app could modify host then bang you go to YouTube and it redirect you to something else.
Maybe for you it's just an adblock file but it's a little more than that.
So sorry but it's root or vpn.
Dead-neM said:
System partition ? so that's a good idea but you'll have to compile a rom to change this file. On Linux distro the host file is a thing you can modify easily. On android it's just deprecated by google as it's use mostly used as an adfilter. And google is an ad company. That's my guess.
Anyway host file will always need root even on Linux.
Simply because it can be used against you.
The problem is more on apps that blocks you because you're rooted than being rooted for changing this file.
If any app could modify host then bang you go to YouTube and it redirect you to something else.
Maybe for you it's just an adblock file but it's a little more than that.
So sorry but it's root or vpn.
Click to expand...
Click to collapse
So? Could I possibly extract the system.img from the stock ROM, make the edits there and then recompile?
(I've got a copy of payload.bin that I extracted a few weeks ago, when trying to flash the August security patches (this was before I did a compete flash of stock ROM using fastboot)
That actually seems like it wouldn't take too much effort
wodgey said:
So? Could I possibly extract the system.img from the stock ROM, make the edits there and then recompile?
(I've got a copy of payload.bin that I extracted a few weeks ago, when trying to flash the August security patches (this was before I did a compete flash of stock ROM using fastboot)
That actually seems like it wouldn't take too much effort
Click to expand...
Click to collapse
This will lead to a corrupt system partition modified. As i said the worse thing is you could not boot and the good just won't pass safetynet.
Dead-neM said:
This will lead to a corrupt system partition modified. As i said the worse thing is you could not boot and the good just won't pass safetynet.
Click to expand...
Click to collapse
Ok I understand.
How does the device 'know' that the system partition is corrupt? Does it perform a hash check perhaps?
How would compiling my own custom ROM avoid this same problem?
wodgey said:
Ok I understand.
How does the device 'know' that the system partition is corrupt? Does it perform a hash check perhaps?
How would compiling my own custom ROM avoid this same problem?
Click to expand...
Click to collapse
It does many thing to know that its have been touched. You'll have to modify some stuff and it will work. You'll loose certification but you'll have you own rom.
Dead-neM said:
It does many thing to know that its have been touched. You'll have to modify some stuff and it will work. You'll loose certification but you'll have you own rom.
Click to expand...
Click to collapse
Any chance you can outline the other stuff I'd need to change?
If it's really in-depth then don't worry but if it's just a few bullet-points that I can Google more info on, I'd appreciate it.
wodgey said:
Any chance you can outline the other stuff I'd need to change?
If it's really in-depth then don't worry but if it's just a few bullet-points that I can Google more info on, I'd appreciate it.
Click to expand...
Click to collapse
Search "dm-verity" and "safetynet". The first one is what will look at any r/o partition like system and kernel. It's been a long time since i dig into this. I'm not into this anymore.
But You can disable it but you'll loose safetynet, encrypted partition etc... (i may be wrong but you got the idea). And safetynet look if partition have been modified and you are a certified device if it won't pass the banking app and apps like Pokemon go etc won't work.
Magisk hide the fact that the kernel img have been touch and most app that detect it detect just the app itself. That means magisk capability (su, hide and module)
So you could maybe compile stock rom with a custom host file. Never touch vendor partition! Make a backup before! By booting and not flashing twrp. Do not flash twrp just use the "fastboot boot command"
You'll need to make a custom kernel and system img to flash in order to do it.
I'll try to do a rom without anything modded except kernel without dm verity and system with your host and i guess it needs change too.
I dunno if it will pass safetynet after.
Just don't brick your phone ?
Keep in mind that you'll loose ota. There's a chance that the rom work with just some changes but i can be a mess to do.
Why not trying a custom rom like lineage os?
Using their supersu zip won't you be able to replace the host file then remove root?
Once you make a backup a move it to a pc as a savestate. You are free to try different solution
Dead-neM said:
Search "dm-verity" and "safetynet". The first one is what will look at any r/o partition like system and kernel. It's been a long time since i dig into this. I'm not into this anymore.
But You can disable it but you'll loose safetynet, encrypted partition etc... (i may be wrong but you got the idea). And safetynet look if partition have been modified and you are a certified device if it won't pass the banking app and apps like Pokemon go etc won't work.
Magisk hide the fact that the kernel img have been touch and most app that detect it detect just the app itself. That means magisk capability (su, hide and module)
So you could maybe compile stock rom with a custom host file. Never touch vendor partition! Make a backup before! By booting and not flashing twrp. Do not flash twrp just use the "fastboot boot command"
You'll need to make a custom kernel and system img to flash in order to do it.
I'll try to do a rom without anything modded except kernel without dm verity and system with your host and i guess it needs change too.
I dunno if it will pass safetynet after.
Just don't brick your phone ?
Keep in mind that you'll loose ota. There's a chance that the rom work with just some changes but i can be a mess to do.
Why not trying a custom rom like lineage os?
Using their supersu zip won't you be able to replace the host file then remove root?
Once you make a backup a move it to a pc as a savestate. You are free to try different solution
Click to expand...
Click to collapse
Thanks for info I'll investigate later in the week when I have more time. Monday has arrived too quickly!
Appreciated though