hello!!
is there someone that managed to obtain root acces? if that's true, please tell me what method you used and how it went...
Root Access is quite easy to Achieve.
[GUIDE] All Tattoo questions and answers see here (from A to Z)!
http://forum.xda-developers.com/showthread.php?t=716282
1. How can I root my phone?
1.1 General information/Basic adb-commands
Rooting a phone enables you to do things, which normally aren't possible for the average user like:
- Removing apps which were preinstalled by the provider (like Orange, Vodafone, etc.). My Tattoo had Vodafone apps for buying music and other sh*t, which was installed on the system partition (to which a "normal" user has no rights to write to, including deleting).
The Tattoo was successfully rooted by a bunch of guys here, namely -bm-, mainfram3 and Coburn64 (maybe, I don't remember quite correctly ). Also the Tattoo was the first phone having a security mechanism hindering a user to mount the filesystems as read/write, which had to be overridden by remapping the read only memory region to a read/write one. This is done by the module Tattoo-hack.ko, also made by mainfram3. He also created the first boot.img, which enabled su directly from adb and loading Tattoo-hack directly from boot on.
A few words about adb:
ADB is a tool for communicating from the PC with the mobile phone. For this a service is running on the phone enabling the communication via Terminal Emulator. Here are the most useful adb-commands:
Click to expand...
Click to collapse
Code:
adb push localFileFromPC /path/on/mobilephone
-> pushes a file "localFileFromPC" to a specified location on the phone
adb pull /path/to/file pathFromPC
-> receives a file from the phone and stores it to "pathFromPC"
adb remount
-> This is only possible in custom ROMs, remounts the file system to r/w automatically
adb shell "command"
-> executes "command" and returns to the computer shell
adb shell
-> opens a shell session on the phone (from here on you have to be very careful! Also you can execute now normal linux commands like rm, mv, ls, chmod and so on, but not cp (this can done through busybox)). You will have to use this more often, so get used to it ;)
I have a tip for everyone who use adb and fastboot in linux.
In most of the tutorials i see that you have go to exac folder to use them, but there is quite simple think you can do to use them from anywhere in your consol. All you have to do is
1. go in consol to the folder where you have adb and fastboot
2. then give command
Code:
sudo nautilus
or
Code:
su
nautilus
This should open a window with root permissions
3. in this windows you need to create shourtcats for adb and fastboot by right click mouse menu.
4. Next you need to cut shourtcats you created and place in folder /bin (you need to do this in the same window beacose you need to have root permissions to paste anything there.
5. And last think you need to do when you paste them it`s change there name`s for adb and fastboot.
Now you can use this commands without "./" and firstly you do not need to go to the folder where they realy are.
Now let say you have an system.img in /home/user/data you can now flash your phone in this way
Code:
su
cd /home/user/data
fastboot flash system system.img
or
Code:
su
fastboot flash system /home/user/data/system.img
su gives root permitions
Now i want to apologize for my english
If any one want to add this to his tutorial please give link for this thread or just write it`s made by me
abrams89 said:
I have a tip for everyone who use adb and fastboot in linux.
In most of the tutorials i see that you have go to exac folder to use them, but there is quite simple think you can do to use them from anywhere in your consol. All you have to do is
1. go in consol to the folder where you have adb and fastboot
2. then give command
Code:
sudo nautilus
or
Code:
su
nautilus
This should open a window with root permissions
3. in this windows you need to create shourtcats for adb and fastboot by right click mouse menu.
4. Next you need to cut shourtcats you created and place in folder /bin (you need to do this in the same window beacose you need to have root permissions to paste anything there.
5. And last think you need to do when you paste them it`s change there name`s for adb and fastboot.
Now you can use this commands without "./" and firstly you do not need to go to the folder where they realy are.
Now let say you have an system.img in /home/user/data you can now flash your phone in this way
Code:
su
cd /home/user/data
fastboot flash system system.img
or
Code:
su
fastboot flash system /home/user/data/system.img
su gives root permitions
Now i want to apologize for my english
If any one want to add this to his tutorial please give link for this thread or just write it`s made by me
Click to expand...
Click to collapse
Sometimes SU alone wont switch to the root user in some distributions (eg. Ubuntu Variants) If you want to switch to root, type sudo su or type "sudo <name of program>" and it will run that program as root.
Jack
The purpose of this tutorial is not to teach you everything. It's just to give the less-than-average user (noob) an idea of why certain steps are taken and how to prevent and or troubleshoot problems that most people have when rooting or flashing ROMs on their device. I am also assuming that if you do decide to root your device you have at least a basic working knowledge of a computer. If you don't know what a desktop is or how to find the "any" key, you have no business being anywhere near a computer much less an android device…continue no further. Read my tutorial…If you like it, let me know. If I missed anything or got something wrong, let me know…I'll try to fix it. If you're impartial to it, I couldn't care less. If you hate it, PM me…I have some important information for you about anger management.
ROOTING
While there are different rooting "methods" they all rely on the same basic concept. Get temporary root access to your system in order to use the adb (Android Debug Bridge) to transfer necessary files and change permissions to permanently root (take ownership of) the device.
Before programs like KindleFireUtility and KindleWater, rooting the Kindle Fire was done manually through a command line interface (command prompt). Although those programs still use the same methods, you never see it. But why use command prompt? What do those commands mean anyway? Anyone can point and click but if you don't know what is going on behind the scenes then you are big trouble when things go wrong…and they inevitably will. So, let's get started.
From here on out we will consider this the beginning of the tutorial. Read everything first before doing anything. Pay close attention to what's being said and follow instructions carefully. Now...
Before anything your device needs to be fully charged and have the Android SDK and the Kindle adb drivers installed onto your computer. I'm not going to go into how to install SDK or Kindle adb drivers here because there are millions of pages on the internet that will teach you, and quite frankly that's not the purpose of this tutorial. That being said, lets get down to business and talk about the older (manual) methods of rooting the Kindle Fire.
First, lets start with the device turned on. Now go to your Kindle Fire settings and scroll down and select "Devices". Make sure "Allow Installation of Applications" is set to ON. This allows you to install apps not downloaded from the Amazon App Store. Next we open the App Store and search for and install a file management utility (ES File Explorer is a good one to start with). This will be necessary to temporarily root your device. Exit the App Store.
Now plug your device into the computer. For the purposes of this exercise there are two USB modes you will need to know, USB debugging and USB file transfer. On stock devices when you plug into your computer you will see a black screen that says "You can now transfer files from your computer to Kindle". This we will call USB file transfer mode. You will use this to transfer a program to your device that will give you temporary root permissions. The old program for this was ZergRush, nowadays its BurritoRoot and tomorrow it will probably be something else. Whatever it is, find whichever one works for your device's software version and transfer it to your device using Explorer (Windows) or Finder (Mac). Since you don't have root access yet, everything you put on your device for now will go directly to the SDcard partition, far away from system folders (for all intents and purposes).
Press "disconnect" on your Kindle Fire. Now, and by default, your Kindle is in USB debugging mode. What that means is that when you are not in USB file transfer mode your device is constantly listening for debugging commands coming from the USB port. We will be using this to send adb commands to the device which are necessary for rooting and setting up recovery. Now open the file management app you installed from the App Store, navigate to the temporary root program you transferred from your computer and open it. Install and follow the instructions, if any. Next go to your computer and navigate to your Android SDK folder and look for a folder called "platform-tools" if you don't see it, open the tools folder and double-click the file named "Android". Select "platform-tools" and install.
To make things simple, lets to take the platform-tools folder and place it on your desktop (just be sure to put it back when this is all over).
At this point we need to get Superuser. This is what we will use to give your apps root access. Go to http://www.androidsu.com/superuser and download the one for Gingerbread. Extract the superuser.zip file, open the folder and navigate to the system folder inside. There, inside the "app" and "bin" folders you will see two files called "superuser.apk" and "SU". Place them in the platform-tools folder that is now on your desktop. And now the fun part, it's time to start rooting.
Open your command prompt (or terminal for mac users) and type and enter:
cd Desktop/platform-tools
Here, you are telling the computer to cd (change directory) to the platform-tools folder located inside the Desktop folder. This is going to be your workspace. Everything you do from here on will be done from this folder. If you don't get any errors then you are in good shape. Otherwise you messed up somewhere and probably skipped a step...go back and read from the beginning. Make sure your Kindle Fire is turned on and NOT in USB file transfer mode. If you are not sure what mode you're in, go back to the beginning. If this is your second time around, stop. You need to learn more about how to change directories using command line interface.
When you are in the platform-tools folder, type and enter this command:
adb devices
Mac and Linux users will put ./ before all adb and fastboot commands from here on out. It will look like: ./adb devices
Here you are using the adb program to print a list of connected devices. You should see a bunch of numbers that mean nothing to you at this skill level. Move on. If you don't see any numbers then you either don't have your drivers installed properly or you skipped a step; go back to the beginning.
If you do get a bunch of numbers your device is connected. Now type and enter:
adb root
...gives root permissions to the adb
adb remount
...mounts the system partition to a "read/write" state allowing you to make changes to system files and folders. Consequentially, if you enter adb remount a second time, you will change it back to "read only". Don't do that.
adb push su /system/xbin/su
...will push (transfer) the file named "SU" that is in your workspace (platform-tools folder) to the su folder inside the xbin folder of your device's system folder. The SU binary file is what other apps call to when they need superuser rights.
adb shell chown 0.0 /system/xbin/su
...this is where it gets a little funky. It opens a shell interface within the adb in order to chown (give ownership permissions) to user 0.0 for the su folder. A shell is a piece of software with a particular set of commands built in to act as sort of a go-between between the user, operating system and hardware kernel services. But who is user 0.0? [Edit:] User 0.0 is the root user. Thanks to b63 for that piece of knowledge
adb shell chmod 06755 /system/xbin/su
...opens a shell within the adb to chmod (change mode) of the su folder to 06755. What that basically means is you are changing the folder permissions to rwxr-xr-x or read/write/execute for the owner, and read/execute for the group and others.
adb install superuser.apk
...installs the program superuser.apk located in the platform-tools folder. Superuser.apk maintains a database of what apps you allow to access SU binary file.
That's how the rooting process works. Again if you get any errors, you did something wrong. Go back to the beginning and read it all over again. Attention is key.
Also, I suggest you skip the one-click methods for rooting and get used to using the command line interface so you understand how the process works in order to quickly troubleshoot problems should they arise. Oh and congratulations, you are rooted.
RECOVERY
Now lets install a custom recovery utility and a new boot-loader. For this you will be using the fastboot command. Before we go on, one thing you absolutely must get your head around is the difference between how fastboot interacts with your device versus how adb interacts with your device. fastboot deals with the boot portion of the device whereas adb only deals with the system portion. What that means is adb will only work when the device is completely booted. If for some reason your device doesn't boot properly then you should not be issuing adb commands. It's like trying to light a match in a vacuum. Fastboot works in the same way in that you must be in the fastboot bootmode in order to issue fastboot commands. Unless you have custom recovery installed or a factory programming cable there is only one way to get into fastboot mode. We'll talk about that later.
Installing recovery is a simple process but it is where people tend to have the most problems. Part of the reason is the misunderstanding of the different bootmodes. For now, you only need to be concerned with two of them; normal bootmode (4000) and fastboot bootmode (4002). The main reason people run into trouble is that once you are in a particular bootmode, it doesn't change until you tell it to (with the exception of temporary fastboot which we will get into later).
In normal bootmode your device will boot...normally (imagine that). With the fastboot bootmode the boot-loader will hang at the Kindle Fire splash screen (or yellow triangle if you have recovery installed) to wait for further commands. If this happens to you, chances are your only problem is you are in the wrong bootmode, which is easy to fix. Knowing that, installing a custom recovery should be a breeze.
First find whatever recovery you want to use (unzip it if you have to) and place the .img file into your platform-tools folder that you were using earlier. We're going to use adb to change the bootmode to fastboot in order to install custom recovery. Remember, anything that pertains to the boot-loader, (Kindle Fire logo/yellow triangle) will be done in the fastboot bootmode; that includes custom recovery installation. For more information on Kindle Fire bootmodes, boot-loaders, fastboot and just about everything else, see this post:
http://forum.xda-developers.com/showthread.php?t=1552547
From your command prompt type and enter:
adb shell
su
idme bootmode 4002
reboot
What that does is tells adb to open a shell and su (substitute user) for the root user, change the bootmode from normal (4000) to fastboot (4002) and reboot. The root user has the necessary permissions to change the bootmode from the adb. Your device will reboot then hang at the splash screen because it is in the fastboot bootmode.
Now install your custom recovery (we'll call it customrecovery.img for now)
fastboot -i 0x1949 boot customrecovery.img
again, for Mac and Linux you would type: ./fastboot -i 0x1949 boot customrecovery.img
That tells your computer to, using the fastboot program that is in your platform-tools folder, boot the device with the ID of 0x1949 (your Kindle) with the file named "customrecovery.img"
After installation, reboot, but you will still be in the fastboot bootmode. So type:
fastboot -i 0x1949 oem idme bootmode 4000
fastboot reboot
…tells the device to reset the partition where the recovery(?) is located, change the bootmode to normal (4000) and reboot.
TROUBLESHOOTING
Flashing custom ROMS are another source of frustrations as they add too many variables to the equation. Some ROMS can be very unstable and cause weird things to happen to your device. But just knowing how this stuff works will help you fix 90% of the problems that may come up. If you are having trouble with your device, troubleshoot the problem:
Does the device turn on?
No
Is it fully charged?
No--> Charge it
Is it fully charged?
Yes--> Hold the power button for 30 seconds and restart
Does the device turn on?
No--> Hold the power button for 3 minutes and restart
Does the device turn on?
No--> Google search "Motorola USB factory programming cable"
Does it boot normally?
No
Do you have custom recovery installed
No--> You need to get into fastboot mode to issue fastboot commands. Google search "Motorola USB factory programming cable"
Do you have custom recovery installed?
Yes--> During the first 5 seconds of seeing the boot splash screen (this is temporary fastboot mode that comes with custom recovery) issue fastboot command to change bootmode to 4000. Reboot
Does it boot normally?
No
Can you get into recovery?
No--> During the first 5 seconds of seeing the boot splash screen (temporary fastboot mode) issue fastboot command to install a new customrecovery.img. Reboot.
Can you get into recovery?
Yes--> Re-flash your ROM. Reboot.
Does it boot normally?
No--> Enter recovery, factory reset, wipe cache, wipe dalvik cache, re-flash your ROM. Reboot
Does it boot normally?
No--> Enter recovery, factory reset, wipe cache, wipe dalvik cache, flash a different ROM. Reboot
Does it boot normally?
No--> Post your problem on the XDA forum. Include all pertinent information such as what rom you are using, what the exact problem is, what you were doing before the problem occurred and all the steps you have taken to try and fix the problem.
Does it boot normally?
Yes--> Give yourself a pat on the back, because you rock!
Do you Rock?
No--> Start over from the beginning
nice
--sent from my glacier.
I have a ZTE Open (US Ebay edition - with root permissions).
I am trying to use ADB to backup the user data partition from the device (either via dd in the shell or ADB "pull" commands). I have also stopped b2g before commencing a "pull" command, without any luck.
Each time I manage to get some data off the device but the user partition is incomplete (i.e. the YAFFS2 file system is corrupted). The size of the partition is accurate (as reported from the shell) but the header of the file system appears to be truncated with random bits of data.
Does anyone know of a way to back up these partitions using ADB or dd in the shell?
I don't want to install CWM.
Thanks
Hello guys,
Would it be possible to create an image of an android tv box like creating a windows image? Thanks..
I assume you have one of those cheap, often prerooted Android TV boxes. If you connect the device to your computer using adb, you can type adb shell, then su, and google how to use the Linux tool that is also in android called dd to copy the boot, system and so on partitions to .img files. Most android roms will have the partitions listed in /dev/block then look around with ls for a directory called by-name to find them all listed by name. For example on my device I typed dd if=/dev/block/by-name/boot of=/sdcard/boot.img to copy boot. As far as I know, this will work for all of them.