Is there any way of rooting my alcatel idol 5 (6058D)?
Sent from my 6058D using Tapatalk
danilonacic said:
Is there any way of rooting my alcatel idol 5 (6058D)?
Sent from my 6058D using Tapatalk
Click to expand...
Click to collapse
probably
This model is listed in Sugar MTK. Does anyone know the status of the bootloader? What's the status of fastboot functionality? I can port twrp for this phone model. We have access to the recovery, just need to know the status on those 2 things. I don't have the phone so I don't know and can't test. I do have the Idol4 and an Alcatel Tetra I was able to sneak root on. Also, does anyone know the status of updates? As in how many updates have been released, anyone have any of those update files?
ADB Shell Temp Root acheived and confirmed
127|simba6_cricket:/ $ cd /data/local/tmp/
simba6_cricket:/data/local/tmp $ chmod 755 mtk-su
simba6_cricket:/data/local/tmp $ ./mtk-su -v
param1: 0x3000, param2: 0x10000, type: 4
Building symbol table
kallsyms_addresses pa 0x40c5d800
kallsyms_num_syms 60418, addr_count 60418
kallsyms_names pa 0x40cd3a00, size 776850
kallsyms_markers pa 0x40d91500
kallsyms_token_table pa 0x40d91d00
kallsyms_token_index pa 0x40d92100
Patching credentials
__ksymtab_init_task not found
Parsing copy_process
Found dmb ish instr at offset 2192
Found adrp instr at offset 2208
ADRP x3, 0xffffffc00100f000
Found add instr at offset 2212
ADD xd, x3, 3360
init_task va: 0xffffffc00100fd20
Possible list_head tasks at offset 0x360
0xffffffc0722e0360 0xffffffc062233360 0x000000000000008c
comm offset 0x618 comm: swapper/0
Found own task_struct at node 0
real_cred: 0xffffffc02e9a8600, cred: 0xffffffc02e9a8600
Parsing sel_read_enforce
Found adrp instr at offset 4
ADRP x0, 0xffffffc00119e000
Found ldr instr at offset 28
LDR [x0,2860]
selinux_enforce VA is 0xffffffc00119eb2c
Setting selinux_enforce
Switched selinux to permissive
New UID/GID: 0/0
starting /system/bin/sh
simba6_cricket:/data/local/tmp #
If you want anything else done with this phone, get ahold of me on Telegram and get me the info I need to figure out what can be done further.
-Help & Support Link-
https://t.me/Android_General_Chat
Hey Anyone still poking at this bear, the work I did for the 6060C could be easily achieve for this device as well. However, like @PizzaG pointed out, not every developer willing to help will have this device. Long story short, no device + no testers = no development.
Please Kindly STOP deleting my links Mods. It's rude, disrespectful, you give no warning, reason or heads up and if you really want me to take my posts, free software and self to another site, KEEP IT UP!!
Related
Build-kernel
Building Kernel only from Oppo Source
"Official Oppo Find 5 kernel source":https://github.com/oppo-source/Find5-Kernel-Source
EDIT: the 12025_release_defconfig doesn't work for me (touchscreen doesn't respond). Most likely a change needs to be made here
Code:
446,447c436,437
< CONFIG_TOUCHSCREEN_MELFAS=y
< CONFIG_TOUCHSCREEN_SYNAPTICS_S3202_I2C_RMI=y
---
> CONFIG_TOUCHSCREEN_ATMEL_MXT=y
> CONFIG_TOUCHSCREEN_CYTTSP_I2C_QC=y
Check out the source code
Code:
git clone git://github.com/oppo-source/Find5-Kernel-Source.git
Using +12025_debug_defconfig+ as config. You can use +12025_release_defconfig+ , with some modifications to the source to make it work properly
Code:
cd Find5-Kernel-Source
make ARCH=arm clean
make ARCH=arm 12025_debug_defconfig
edit include/config/kernel.release
if you want to modify the kernel version numbering
Build
Code:
make -j4 ARCH=arm CROSS_COMPILE=arm-eabi-
or use this following (uses as many cores as your computer has
Code:
make -j$(grep -c ^processor /proc/cpuinfo) ARCH=arm CROSS_COMPILE=arm-eabi-
\n if you want to use the +12025_release_defconfig+, there are some config problems. I have fixed them in my github
My github (use the branch [*]config-fixes): https://github.com/ngvincent/android-kernel-oppo-find5
The end, you'll get two files (Image and zImage) inside arch/arm/boot
Image = full kernel image, zImage = compressed version
*_The boot partition has ~10MB of space(see bottom of page for details). Make sure your kernel+ramdisk doesn't exceed this_*
Make boot.img file (need to add ramdisk)
Copy the ramdisk from existing device or ROM. "Here":https://git.ngvincent.com/attachments/download/5/ramdisk.gz is one I extracted from the X909EN_13_130307 rom
Extracting kernel from device
Code:
adb shell
su
dd if=/dev/block/mmcblk0p18 of=/sdcard/boot.img
exit
adb pull /sdcard/boot.img
Extracting from boot.img
Code:
abootimg -x boot.img
Making boot.img
Copy the stuff below into a file called bootimg.cfg (gives the configuration for abootimg to create the img properly)
Code:
bootsize =
pagesize = 0x800
kerneladdr = 0x80208000
ramdiskaddr = 0x82200000
secondaddr = 0x81100000
tagsaddr = 0x80200100
name =
cmdline = console=ttyHSL0,115200,n8 androidboot.hardware=qcom user_debug=31 msm_rtb.filter=0x3F ehci-hcd.park=3
Code:
abootimg --create bootimage.img -f bootimg.cfg -k zImage -r ramdisk.gz
Flash kernel onto device
You'll need to use fastboot to do it. I need to sudo as root for fastboot to work properly
Code:
adb reboot bootloader
sudo -s
fastboot devices
fastboot flash boot bootimage.img
fastboot reboot
verify
Code:
adb shell
cat /proc/version
Linux version 3.4.0-perf-g5d91181 ([email protected]) (gcc version 4.4.3 (GCC) ) [*]1 SMP PREEMPT Sat Mar 16 13:29:19 EDT 2013
partition space on the device
Code:
adb shell
cat /proc/partitions
Code:
179 18 10240 mmcblk0p18
Code:
[email protected]:/dev/block/platform/msm_sdcc.1/by-name $ ls -la
lrwxrwxrwx root root 1970-01-16 12:58 DDR -> /dev/block/mmcblk0p15
lrwxrwxrwx root root 1970-01-16 12:58 aboot -> /dev/block/mmcblk0p17
lrwxrwxrwx root root 1970-01-16 12:58 boot -> /dev/block/mmcblk0p18
Looks like there's plenty of space for the kernel/boot.img - 10240 kilobytes
Thanks for this. While this is way beyond my skill level, I'm glad the info is available. I'm slowing scratching the surface.. just recently learned how to build Nightlies! Thanks
Sent from my X909 using Tapatalk 2
Coreym said:
just recently learned how to build Nightlies! Thanks
Sent from my X909 using Tapatalk 2
Click to expand...
Click to collapse
are you planning on making nightlies for the oppo ?
CoopZor said:
are you planning on making nightlies for the oppo ?
Click to expand...
Click to collapse
I think kAmMa is working on CM right now? So hopefully we will have the CM Rom to install on the Find 5 in the near future. I know he said that he almost had it complete but was having problems with the drivers for the display and needed the drivers from the source code. Now that the source code has been released we might see something good soon. I don't know if his CM will be the official CM release though. We do need an official CM for the Find 5 though.
Personally, I would like to see Paranoid Android 3+ on the Find 5 as its my favorite rom, and it would be amazing on the Find 5. I use it as my daily on my Nexus 4 and 7 and both run great!
This is out of my league also, I wish I could build some good kernels and Roms. I will beta test Roms and Kernels if anyone needs me too though.
Coreym said:
Thanks for this. While this is way beyond my skill level, I'm glad the info is available. I'm slowing scratching the surface.. just recently learned how to build Nightlies! Thanks
Sent from my X909 using Tapatalk 2
Click to expand...
Click to collapse
once you get the hang of linux build tools, the next part is rather easy
I'm porting over the changes that faux123 made in his kernel for the Nexus 4 (same Qualcomm S4Pro APQ8064 processor+SoC)...
finished reading his mods for voltage control, i'll probably slicing in the code tomorrow...
I'm not touching CM10 (or AOKP/Paranoid...) porting yet... had some experience with kernel development a few years ago, but not for android porting...
error when run Command
I got error when run Command : make ARCH=arm clean , how can I fix it?
PHP:
[email protected]:~/aosp/kernel/Find5-4.2-kernel-source-master$ make ARCH=arm clean
scripts/Makefile.clean:17: /home/war/aosp/kernel/Find5-4.2-kernel-source-master/drivers/networkpmsmodule/Makefile: No such file or directory
make[2]: *** No rule to make target `/home/war/aosp/kernel/Find5-4.2-kernel-source-master/drivers/networkpmsmodule/Makefile'. Stop.
make[1]: *** [drivers/networkpmsmodule] Error 2
make: *** [_clean_drivers] Error 2
#### make failed to build some targets (1 seconds) ####
can someone please help me
I'm trying to re-calibrate the proximity sensor according to the instructions in this thread for note 3 N9005 .
so as the instructions I'm trying the normal method
but don't know how to convert the values in Hexadecimal.
mine offset value is :
76,196,156
& the normal value is :
0
so how to add offset value + normal value ???!!!
because the normal value is : 0
so plz if anyone know about the process to guide me for that
thanks
plz someone reply .....!!!!
I need help
my note 3 proximity sensor is not working
& I bought it just 2 months ago
still waiting for someone to help me.
Ask in that thread .
alhaseeri said:
can someone please help me
I'm trying to re-calibrate the proximity sensor according to the instructions in this thread for note 3 N9005 .
so as the instructions I'm trying the normal method
but don't know how to convert the values in Hexadecimal.
mine offset value is :
76,196,156
& the normal value is :
0
so how to add offset value + normal value ???!!!
because the normal value is : 0
so plz if anyone know about the process to guide me for that
thanks
Click to expand...
Click to collapse
You can use windows calculator to convert decimal into Hex.
Just do the following, Already replied to your private message. Already converted your offset into hex for you. just type as it is.
su
# echo -en $ '\x4c' > /efs/prox_cal
# chown system:system /efs/prox_cal
# chmod 644 /efs/prox_cal
# sync
# Reboot
Hi,
i just rooted my Fire TV 1 (version 51.1.4.0) via dirtycow, and I wanted to share my experience. (Unfortunately I cannot post external Links here)
Dirtycow allows you to write to files, even if you have no permission to do so. Unfortunately there is no binary on the system with the suid bit set, so I could not replace this binary. (Other attempts on other Android devices replaced the run-as binary. This is not possible here). Another problem was, that the modification only last for the current boot, so I could not just modify boot scripts. I had to find a binary, that is executed as root while the system is running, preferably on demand. This binary is ip. Every time one modifies the network settings in the Fire TV gui, ip is executed as root. Yay. With that in mind, I replaced ip with a shell script, that deploys the su binary.
This is what I did:
I compiled the dirtycow.c from timwr GitHub Repository CVE-2016-5195
Then I put the resulting binary into /data/local/tmp on my Firetv (via adb)
Now I pushed chainfires su binary to /data/local/tmp
I copied the /system/bin/ip binary to /data/local/tmp
I wrote this shell script, pushed it to /data/local/tmp and marked it executable (755)
Code:
#!/system/bin/sh
mount -o remount,rw /system
cp /data/local/tmp/su /system/xbin
chmod 4755 /system/xbin/su
/data/local/tmp/ip "[email protected]"
After that, I used dirtycow to replace ip with my new ip script (./dirtycow /system/bin/ip ip_script) [This may take a while]
Now I went to my network settings of my Fire TV and changed them to a static ip address.
I reconnected to my amazon Fire tv and typed su
Code:
[email protected]:/ $ su
[email protected]:/ #
Lastly I installed the Supersu.apk from chainfire
Root seems to work with the adb shell and the terminal app. Somehow it does not with amaze file manager. If I start it I get thrown into the amazon fire ui.
This rooting method should also work for other versions of the fireOS, though I have not tested them.
Can you downgrade with being in the root state?
sconnyuk said:
Can you downgrade with being in the root state?
Click to expand...
Click to collapse
Yes. After rooting, I downgraded to 5.1.0.2 and did a full bootloader unlock. I am now running a rooted 5.2.1.1
christofsteel said:
Yes. After rooting, I downgraded to 5.1.0.2 and did a full bootloader unlock. I am now running a rooted 5.2.1.1
Click to expand...
Click to collapse
Will have to try this for fire stick.
Excellent find, ive been watching the dirtycow and this will come in handy if it works for fire stick.
sconnyuk said:
Will have to try this for fire stick.
Excellent find, ive been watching the dirtycow and this will come in handy if it works for fire stick.
Click to expand...
Click to collapse
Please report back
I think it is important to note, that I configured a static ip address to trigger the ip script. Root is permanent btw. as soon as the su binary is deployed, you can reboot all you like.
firetv have selinux? what version linux is it?
christianrodher said:
firetv have selinux? what version linux is it?
Click to expand...
Click to collapse
I thought I read somewhere, that FireOS 5 had SELinux. I could not check, because I still ran FireOS 3. Seems like it does not have SELinux. I will remove the remark from my initial post.
christofsteel said:
I thought I read somewhere, that FireOS 5 had SELinux. I could not check, because I still ran FireOS 3. Seems like it does not have SELinux. I will remove the remark from my initial post.
Click to expand...
Click to collapse
can you double check if sepolicy is present or something similar?
christianrodher said:
can you double check if sepolicy is present or something similar?
Click to expand...
Click to collapse
Ok. In my FireOS version 5.2.1.1 there is SELinux activated and enforcing. In FireOS version 51.1.0.4 there was none. But I do not know if that hinders the rooting process.
christofsteel said:
Ok. In my FireOS version 5.2.1.1 there is SELinux activated and enforcing. In FireOS version 51.1.0.4 there was none. But I do not know if that hinders the rooting process.
Click to expand...
Click to collapse
ok so when you do the exploit u where at selinux enforcing.... ok if is that simple after weve been working our asses here https://github.com/timwr/CVE-2016-5195/issues/9 im going to break the pc and the cell phone lol
@christianrodher No worries, I doubt this is the universal solution! I think it's that the TV runs `ip` with a really lenient SELinux context for some stupidly weird reason.
christianrodher said:
ok so when you do the exploit u where at selinux enforcing.... ok if is that simple after weve been working our asses here https://github.com/timwr/CVE-2016-5195/issues/9 im going to break the pc and the cell phone lol
Click to expand...
Click to collapse
No I did the exploit on my FireOS version 51.1.0.4. Afaik there was no SELinux present. SELinux is present in FireOS version 5.2.1.1. I can test, if this exlploit works on my now updated Fire TV.
Edit: It did not work I could not mount system read write. Seems like it only works for FireOS 3
Really tried to get this to work. I think I'm close. I saw SELinux complain about the file size so I did some padding. Here's where I'm at
187594885]
I/Kernel ( 163): [ 1503.059370] (0)[163:healthd]healthd: battery l=100 v=4200
t=2.2 h=2 st=5 chg=u
W/linker (10431): ./dirtycow: unused DT entry: type 0x6ffffffe arg 0x600
W/linker (10431): ./dirtycow: unused DT entry: type 0x6fffffff arg 0x1
I/exploit (10431): size 223296
I/exploit (10431):
I/exploit (10431): [*] mmap 0xf7546000
I/exploit (10431): [*] exploit (patch)
I/exploit (10431): [*] currently 0xf7546000=464c457f
I/exploit (10431): [*] madvise = 0xf7546000 223296
I/Kernel ( 0): [ 1509.432532]-(2)[0:swapper/2]CPU2: Booted secondary process
or
I/Kernel ( 0): [ 1509.437302]-(3)[0:swapper/3]CPU3: Booted secondary process
or
I/Kernel ( 87): [ 1509.437743] (0)[87:hps_main][HPS] (0004)(1)(0)action end(2
7)(35)(0)(2) (2)(2)(2)(2)(2)(2)(2)(2)(1)(0) (6)(230)(0) (0)(0)(0) (0)(6)(230)(0)
(6)
I/exploit (10431): [*] madvise = 0 1048576
I/Kernel ( 0): [ 1511.439231]-(1)[0:swapper/1]CPU1: Booted secondary process
or
I/Kernel ( 87): [ 1511.440339] (0)[87:hps_main]CPU3: shutdown
I/Kernel ( 87): [ 1511.440873] (0)[87:hps_main][HPS] (0800)(1)(2)action end(1
05)(102)(0)(1) (2)(2)(2)(2)(2)(2)(2)(2)(1)(0) (105)(10)(0) (1666)(10)(0) (0)(102
)(10)(0)(102)
I/exploit (10431): [*] /proc/self/mem -1048576 1048576
I/exploit (10431): [*] exploited 0xf7546000=464c457f
I/art ( 501): Background partial concurrent mark sweep GC freed 256902(12MB
) AllocSpace objects, 15(2MB) LOS objects, 33% free, 20MB/31MB, paused 690us tot
al 136.802ms
E/WifiStateMachine( 501): WifiStateMachine CMD_START_SCAN source -2 txSuccessRa
te=50.64 rxSuccessRate=38.79 targetRoamBSSID=58:6d:8f:09:b7:37 RSSI=-39
E/WifiStateMachine( 501): WifiStateMachine L2Connected CMD_START_SCAN source -2
93, 94 ignore because P2P is connected
I/Kernel ( 87): [ 1513.438566] (0)[87:hps_main]CPU2: shutdown
I/Kernel ( 87): [ 1513.439651] (0)[87:hps_main][HPS] (0400)(2)(1)action end(7
)(4)(0)(0) (2)(2)(2)(2)(2)(2)(2)(2)(1)(0) (7)(10)(0) (288)(10)(0) (0)(4)(10)(0)(
4)
I/Kernel ( 87): [ 1515.438476] (0)[87:hps_main]CPU1: shutdown
I/Kernel ( 87): [ 1515.439146] (0)[87:hps_main][HPS] (0200)(2)(0)action end(4
)(3)(0)(0) (2)(2)(2)(2)(2)(2)(2)(2)(1)(0) (4)(10)(0) (46)(10)(0) (0)(3)(10)(0)(3
)
I/Kernel ( 119): [ 1521.197537] (0)[119:wdtk-0]wdk: [WDK], local_bit:0x1, cpu:
0, check_bit:0x1, RT[1521197519702]
I/Kernel ( 119): [ 1521.197575] (0)[119:wdtk-0]wdk: [WDK]: kick Ex WDT,RT[1521
197568471]
E/WifiStateMachine( 501): WifiStateMachine CMD_START_SCAN source -2 txSuccessRa
te=3.98 rxSuccessRate=3.61 targetRoamBSSID=58:6d:8f:09:b7:37 RSSI=-39
E/WifiStateMachine( 501): WifiStateMachine L2Connected CMD_START_SCAN source -2
94, 95 ignore because P2P is connected
^C
C:\Program Files (x86)\Minimal ADB and Fastboot>
130|[email protected]:/data/local/tmp $ getenforce
Enforcing
130|[email protected]:/data/local/tmp $ getenforce
Enforcing
I have an AFTV2 running latest firmware. I also noticed chainfires su binary i had was 32bit so I grabbed a 64bit one. Still no dice
[email protected]:/data/local/tmp $ ls -la
-rwxrwxrwx shell shell 13776 2016-10-31 17:43 dirtycow
-rwxrwxrwx shell shell 223296 2016-10-31 18:27 ip
-rwxrwxrwx shell shell 223296 2016-10-31 19:48 ip_script
-rwxrwxrwx shell shell 108480 2016-10-31 19:39 su
[email protected]:/data/local/tmp $
Hopes this helps someone
I've reached Step 3, I don't understand what you mean by su binary, as in, the whole flashable zip of supersu? or something else? Could you please explain? Thank you
Edit: Before I carry on, I was attempting this on the fire tv *Stick* instead of the box, running 5.2.1.1 would it still work?
VastVenomm said:
I've reached Step 3, I don't understand what you mean by su binary, as in, the whole flashable zip of supersu? or something else? Could you please explain? Thank you
Edit: Before I carry on, I was attempting this on the fire tv *Stick* instead of the box, running 5.2.1.1 would it still work?
Click to expand...
Click to collapse
you need to extract the SU binary file from Supersu. apk
I ran:
./dirtycow /system/bin/ip ip_script
I marked the scripts as 755 as well.
Error:
/system/bin/sh: ./dirtycow: not executable: 64-bit ELF file.
I also tried compiling dirtycow as 32bit. And got:
/system/bin/sh: ./dirtycow: not executable: 32-bit ELF file.
Help would be appreciated, thank you.
Do you save the shell script as ip_script.sh?
Sent from my SM-G920P using Tapatalk
VastVenomm said:
I've reached Step 3, I don't understand what you mean by su binary, as in, the whole flashable zip of supersu? or something else? Could you please explain? Thank you
Edit: Before I carry on, I was attempting this on the fire tv *Stick* instead of the box, running 5.2.1.1 would it still work?
Click to expand...
Click to collapse
You do not need to extract the binary from the SuperSU.apk, rather download the zip from here: https://download.chainfire.eu/696/supersu/
Then extract the zipfile and copy the su file from the arm folder.
Edit: I think it would not work because FireOS > 5.2.0.0 has SELinux activated. This method does not seem to work with SELinux.
VastVenomm said:
I ran:
./dirtycow /system/bin/ip ip_script
I marked the scripts as 755 as well.
Error:
/system/bin/sh: ./dirtycow: not executable: 64-bit ELF file.
I also tried compiling dirtycow as 32bit. And got:
/system/bin/sh: ./dirtycow: not executable: 32-bit ELF file.
Help would be appreciated, thank you.
Click to expand...
Click to collapse
You compiled the source to x86 code. You need to compile dirtycow with a compiler for arm. I recommend using androids ndk.
I still got 5.0.5.1 on my FTV1. Is there a chance that I might get root using the dirtycow exploit?
christofsteel said:
You do not need to extract the binary from the SuperSU.apk, rather download the zip from here: https://download.chainfire.eu/696/supersu/
Then extract the zipfile and copy the su file from the arm folder.
Edit: I think it would not work because FireOS > 5.2.0.0 has SELinux activated. This method does not seem to work with SELinux.
You compiled the source to x86 code. You need to compile dirtycow with a compiler for arm. I recommend using androids ndk.
Click to expand...
Click to collapse
Rename apk to zip and extract su no diffence from what I posted.
Thanks to @kryz who managed to generalize the Dirty Cow exploit, XT1028 now has a way to get temporary root : link. Notice that the /system will still be read-only, but at least full access to /data is available. Given the state of XT1028, this looks like a pretty good progress!
Steps to get temp root (in Lollipop):
1) install Croowt.apk, use the 2nd option in the menu : "Get root"
2) install SuperSu apk from the playstore (don't update the binary)
3) install RootChecker apk from the playstore
4) enjoy temporary root (until hard reboot)
The earlier post for Android 4.4.4:
For all KitKat holdouts, I've tried to use Dirty Cow and got temp root. Could work on other Android versions as well. Now, at least this root one does not seem to crash as much (unlike Kingroot). Here is a brief set of steps. First, download this package:
https://mega.nz/#!LFlBRAhS!rDl7PJMkFq7HqUDDgbKV6ddv-C3qkQIJl_CJkhkx2sc
Then
Code:
adb push dirtycow /data/local/tmp
adb push cow-execute /data/local/tmp
adb shell
cd /data/local/tmp
chmod 0777 *
[email protected]_cdma:/data/local/tmp $ ./dirtycow /system/bin/run-as ./cow-execute
bin/run-as ./cow-execute <
warning: new file size (13728) and file old size (9432) differ
size 13728
[] mmap 0xb6e64000
[] exploit (patch)
[] currently 0xb6e64000=464c457f
[] madvise = 0xb6e64000 13728
[] madvise = 0 1048576
[] /proc/self/mem 0 1048576
[] exploited 0xb6e64000=464c457f
[email protected]_cdma:/data/local/tmp $ run-as -exec id
run-as -exec id
Current uid: 2000
Setting capabilities
Attempting to escalate to root
Current uid: 0
Executing: 'id' with 0 arguments
uid=0(root) gid=0(root) groups=1003(graphics),1004(input),1007(log),1011(adb),10
15(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net
_bw_stats) context=u:r:runas:s0
[email protected]_cdma:/data/local/tmp $ run-as -exec sh
run-as -exec sh
Current uid: 2000
Setting capabilities
Attempting to escalate to root
Current uid: 0
Executing: 'sh' with 0 arguments
[email protected]_cdma:/data/local/tmp #
Not sure how much one can do here without bootloader unlock though ...
Tried it on my Cricket Wireless XT1045 which has been stuck on 4.4.4 without any kind of root for a while now and it worked as shown in your post. Hopefully it'll be a stepping stone to some more permanent kind of root, maybe even something that can be used with Sunshine to unlock the bootloader.
linuxgator said:
Tried it on my Cricket Wireless XT1045 which has been stuck on 4.4.4 without any kind of root for a while now and it worked as shown in your post. Hopefully it'll be a stepping stone to some more permanent kind of root, maybe even something that can be used with Sunshine to unlock the bootloader.
Click to expand...
Click to collapse
Try this, see if you can copy su binary to system (it will disappear after reboot) :
http://android.stackexchange.com/questions/127230/android-adb-has-root-access-but-no-su-binary
Then soft reboot to make it work, in root shell type :
killall zygote
The hope is to get you SuperSu (until next reboot). I believe we are probably back to where these phones were with the old Pie exploit:
http://forum.xda-developers.com/moto-x/orig-development/root-4-4-x-pie-motorola-devices-t2771623
Kingroot used to be able to make a fake copy of itself into /system which disappeared soon after.
I have this stupid Watcher on my phone, and don't want to try these other steps since I don't want it to kill my corporate email ...
Updated with the new Lollipop instructions!
@linuxgator
Nice link down
@bibikalka any chance you can post the kitkat version again?
Overview
I've created a very simple #!/bin/bash script (attached) to automate the initial build or subsequent rebuild of SpookCity138's ROM:
Slim Rom 7 for the Samsung S5 mini G800f (kminilte). The script simply automates the steps and processes created by others (none of which is my own work - all credit goes to the original creators). I have only tested this script on my own working environment: Gnome Ubuntu 17.04; 16GB RAM; i7-7700HQ; If your environment differs from this your experience may differ from mine.
How to Execute script
See readme at: https://github.com/fidoedidoe/build_scripts
Thanks
@spookcity138, @jimmy999x. Taking the time to educate me at each and every tentative step and demonstrating great patience
Contributors
spookcity138
jimmy999x
Script Source
The latest version of the script (and others for different devices) can be found here: https://github.com/fidoedidoe/build_scripts
SpookCity138's ROM
https://forum.xda-developers.com/galaxy-s5-mini/development/rom-slim-rom-7-nougat-t3558926
Created 2017-09-20
Last Updated 2017-12-09
There are sources to build this ROM for the Snapdragon variant (G800H)? It's a very good device, but simply there is not a single Nougat ROM for it...
wow, excellent, I have reviewed the code (I have not executed it yet) looks pretty good, it should work, I have to copy your script and modify it for other roms, thanks!
edit 1: it is possible to use this script (I use it and it works perfect) to automate even more the process of configuring the compilation environment https://github.com/akhilnarang/scripts
Also, for Ubunt 16.04 I added a couple more to make it easier some things:
cmake
nautilus (optional)
phablet-tools
unrar
silversearcher-ag (this is optional, but extremely useful for me, allows me to find the problematic lines inside a document or folder)
lfom said:
There are sources to build this ROM for the Snapdragon variant (G800H)? It's a very good device, but simply there is not a single Nougat ROM for it...
Click to expand...
Click to collapse
You need to apply some SELinux, CAF, And CM/LOS Patches to build a Nougat ROM for G800H, or that rom will not boot, or will shall not pass from build errors.
Is not a easy task.....
lfom said:
There are sources to build this ROM for the Snapdragon variant (G800H)? It's a very good device, but simply there is not a single Nougat ROM for it...
Click to expand...
Click to collapse
i found this on YT
so far so good for me
give it a try
https://youtu.be/UPOpJgqnlf8
not working for me -- using xubuntu 17.10
ko_taka said:
not working for me -- using xubuntu 17.10
Click to expand...
Click to collapse
Script updated on github (follow links for build_slimrom7_kminilte.sh). Tested on my laptop (Ubuntu gnome 17.04) and SlimRom7 version 1.17 builds successfully (although I have yet to test the build on the device). I'll update the attached zip in the opening page in the coming days, but as a general rule github is the best place to find latest version(s).
Thanks to @spookcity138 (again) for taking time the time and offering sound help / advice identifying the issues and resolve (the issue was within applying device specific patches ./apply.sh).
I am on 40GB partition. Not enough?
perly terminated.
Fetching projects: 70% (381/544) fatal: unable to access 'https://android.googlesource.com/platform/hardware/akm/': gnutls_handshake() failed: The TLS connection was non-properly terminated.
Fetching projects: 73% (398/544) fatal: unable to access 'https://android.googlesource.com/platform/system/connectivity/shill/': gnutls_handshake() failed: The TLS connection was non-properly terminated.
fatal: unable to access 'https://android.googlesource.com/platform/external/jsr330/': gnutls_handshake() failed: The TLS connection was non-properly terminated.
Fetching projects: 74% (403/544) fatal: unable to access 'https://android.googlesource.com/platform/external/jsr330/': gnutls_handshake() failed: The TLS connection was non-properly terminated.
error: Cannot fetch platform/external/jsr330
Fetching projects: 78% (425/544) fatal: write error: No space left on device
fatal: write error: No space left on device
fatal: write error: No space left on device
fatal: write error: No space left on device
fatal: write error: No space left on device
fatal: write error: No space left on device
fatal: write error: No space left on device
fatal: index-pack failed
error: index-pack died
fatal: index-pack failed
fatal: index-pack failed
fatal: index-pack failed
fatal: index-pack failed
fatal: index-pack failed
error: Cannot fetch SlimRoms/frameworks_base
Click to expand...
Click to collapse
ko_taka said:
I am on 40GB partition. Not enough?
Click to expand...
Click to collapse
Yeah,you're running out of space. I don't recall exactly what the sources and the build of a nougat ROM take,space wise. It seems a little weird you were running out of space syncing the sources. If I recall correctly nougat sources are somewhere between 25-30GB. I could be wrong though. The actual build itself (the out folder) also takes a fair bit of space. Again,just guessing,but around 15-20GB. I would say 60GB would be what you need.
hi spookcity138, nice to see you around
I haven't coded that so I'm feeling a bit lost
The process finally ended (now I am on 80GB partition)
I do not know where is the build if that built anything
those are the last lines
build_slimrom7_kminilte.sh: 176: build_slimrom7_kminilte.sh: [[: not found
Remove references to OmniRom recovery...
remove config_uriBlruEnabled references, spoils the build...
alter local manifest files for slimrom 7 build compatability...
insert text into file: frameworks/base/core/res/res/values/config.xml...
delete file cm_arrays.xml...
remove flipflap stuff from device/samsung/smdk3470-common/smdk3470-common.mk...
build_slimrom7_kminilte.sh: 205: read: Illegal option -t
build_slimrom7_kminilte.sh: 210: build_slimrom7_kminilte.sh: [[: not found
patching file include/telephony/ril.h
Hunk #1 FAILED at 31.
Hunk #2 succeeded at 395 (offset -1 lines).
Hunk #3 succeeded at 409 (offset -1 lines).
Hunk #4 succeeded at 569 (offset -1 lines).
Hunk #5 succeeded at 624 (offset -1 lines).
Hunk #6 succeeded at 1023 (offset -1 lines).
Hunk #7 succeeded at 5217 (offset -1 lines).
Hunk #8 succeeded at 5866 (offset -1 lines).
1 out of 8 hunks FAILED -- saving rejects to file include/telephony/ril.h.rej
manually reapplying failed Hunk #1...
patching file ril/Android.mk
patching file ril/libril/Android.mk
patching file ril/libril/ril.cpp
patching file ril/libsecril-client/Android.mk
applying frameworks_av to frameworks/av
Applying: av: Add samsung wfd service
Applying: add Android M MediaBufferGroup:MediaBufferGroup() for libwvm.so
applying frameworks_native to frameworks/native
Applying: Revert "Remove Parcel::writeIntPtr."
Applying: add missing const getSensorList() for MM gpsd (G800FXXU1CPK5)
applying hardware_libhardware to hardware/libhardware
applying hardware_ril to hardware/ril
Applying: ril: recover on crash
applying hardware_samsung_ril to hardware/samsung/ril
Applying: add SetAudioMode and SetSoundClockMode for MM audio-ril
applying packages_services_Telephony to packages/services/Telephony
./apply.sh: line 24: cd: /home/ferran/android/build_scripts/packages/services/Telephony: No such file or directory
build_slimrom7_kminilte.sh: 238: read: Illegal option -t
build_slimrom7_kminilte.sh: 243: build_slimrom7_kminilte.sh: [[: not found
prepare device specific code...
build_slimrom7_kminilte.sh: 249: build_slimrom7_kminilte.sh: source: not found
build_slimrom7_kminilte.sh: 250: build_slimrom7_kminilte.sh: lunch: not found
running croot...
build_slimrom7_kminilte.sh: 253: build_slimrom7_kminilte.sh: croot: not found
build_slimrom7_kminilte.sh: 262: read: Illegal option -t
build_slimrom7_kminilte.sh: 267: build_slimrom7_kminilte.sh: [[: not found
running mka bacon...
build_slimrom7_kminilte.sh: 273: build_slimrom7_kminilte.sh: mka: not found
Click to expand...
Click to collapse
ko_taka said:
hi spookcity138, nice to see you around
I haven't coded that so I'm feeling a bit lost
The process finally ended (now I am on 80GB partition)
I do not know where is the build if that built anything
those are the last lines
Click to expand...
Click to collapse
The build did not start. It applied the patches successfully (all but one where there was an error) Then it is just a serious of failures. I have not used this script so I cant say specifically where you are going wrong. Does the script have executable permissions? (I assume so as it partially worked) Do you have all of the need dependencies for building Android? Thats not the issue I don't think,but you need them either way. Other than that I am not real sure honestly. You may need to wait for @fidoedidoe to help you. I'll reply back if any possible reason comes to mind.
ko_taka said:
hi spookcity138, nice to see you around
I haven't coded that so I'm feeling a bit lost
The process finally ended (now I am on 80GB partition)
I do not know where is the build if that built anything
those are the last lines
Click to expand...
Click to collapse
Hi @ko_taka
@spookcity138 is correct, the script failed...when it succeeds it's pretty clear the last few messages published will read along the lines of: "Package Complete: .../out/target/product/kminilte/Slim-kminilte-7.1.2.build.1.17-UNOFFICIAL-20171209-1401.zip" followed by "#### make completed successfully (24:30 (mm:ss)) ####" (note the build time will vary depending on the power of your build machine and utilisation of ccache). Oh, FYI - my build folder is ~95GB in size (the ../out/ folder is 26GB and the ../.repo/ folder is 47GB!!)
Back to the script failure....first verify the following variable in the build_slimrom7_kminilte.sh is defined correctly for your environment:
Code:
WORK_DIRECTORY="$HOME/android/slimrom7"
For my personal build environment I keep the script (build_slimrom7_kminilte.sh) in a separate folder to where the source is located and the build is output to (just so i can purge those folders without losing the build script). FYI on your laptop your folder structure should look something like that shown below, with build_slimrom7.kminilte.sh stored in the folder .../build_scripts
Code:
/home/ferran/android/build_scripts
/home/ferran/android/slimrom7
Once the above is verified...the primary issue you have is every time you see "...[[: not found", the script is hitting an issue. Check that the first line of the script contains the line "#!/bin/bash ", this is called "shebang" and it tells your shell what program to interpret the script with, in our case we need "Bash". I'm now wondering what OS / Shell you're using (I use Ubuntu Gnome 17.04 with Bash version 4.4.7) does yours differ from this? To verify your Bash version:
Code:
$ bash -version
GNU bash, version 4.4.7(1)-release (x86_64-pc-linux-gnu)
Copyright © 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
You could try forcing your shell to use bash (from memory), by switching to the /build_scripts/ folder and running the following command (do not use sudo or any elevated permissions):
Code:
$ cd /home/ferran/android/build_scripts
$ ./build_slimrom7_kminilte.sh
Let me know how you get on, in essence the script is failing on the evaluation lines where "if [[....]]" is used. if we can't get it to work, in your case, the script may need to be altered to change the evaluation (perhaps "if [...]" would be more suitable). Anyway - give me some feedback and lets see if we can get you a little further.
my bash is 4.4.12
working directory had been set correctly
I removed the double [[ leaving a simple [ same with ]] closing brackets
it says Illegal option -t in line 238
this is line 238: read -r -p "6/7. Initialise environment for Build <Y/n>? (automatically continues unprompted after 10 seconds): " -t 10 -e -i Y PROMPT
it also says [: Y: unexpected operator on line 243
this is line 243: if [ ! $PROMPT =~ ^[Yy]$ ]; then
Timte to time I was getting errors while fetching
TLS errors
I found it is due gnutls package and applied the following solution:
compile git with openssl. To do this, run the following commands:
sudo apt-get update
sudo apt-get install build-essential fakeroot dpkg-dev libcurl4-openssl-dev
sudo apt-get build-dep git
mkdir ~/git-openssl
cd ~/git-openssl
apt-get source git
dpkg-source -x git_1.7.9.5-1.dsc
cd git-1.7.9.5
(Remember to replace 1.7.9.5 with the actual version of git in your system.)
Then, edit debian/control file (run the command: gksu gedit debian/control) and replace all instances of libcurl4-gnutls-dev with libcurl4-openssl-dev.
Then build the package (if it's failing on test, you can remove the line TEST=test from the file debian/rules):
sudo dpkg-buildpackage -rfakeroot -b
Install new package:
x86_64: sudo dpkg -i ../git_1.7.9.5-1_amd64.deb
Click to expand...
Click to collapse
I'm using git-openssl build now
Just started the fetching process again
I'm under virtual machine on a host with a proper firewall configuration -- maybe that caused the connection problems while fetching
ko_taka said:
my bash is 4.4.12
working directory had been set correctly
I removed the double [[ leaving a simple [ same with ]] closing brackets
it says Illegal option -t in line 238
this is line 238: read -r -p "6/7. Initialise environment for Build <Y/n>? (automatically continues unprompted after 10 seconds): " -t 10 -e -i Y PROMPT
it also says [: Y: unexpected operator on line 243
this is line 243: if [ ! $PROMPT =~ ^[Yy]$ ]; then
Click to expand...
Click to collapse
Sounds like we're making progress. This is good. So, reading around the subject of square brackets vs double. It transpires converting the evaluations from double square brackets ([[..]]) to singles ([..]) may** change how variables are referenced. In my script I was forced to use double square brackets to correctly evaluate the response from the "read -r....." (read input) command (where it evaluates when upper or lower case Y is entered). If this command is changed from double square brackets to single ones the command then fails (on my setup). Further to this, in your reply it appears you're also having issues with the "read" command, for some reason your version doesn't support the -t directive (which waits for N seconds - ie: -t 5 will wait 5 seconds for user input).
For now the easiest thing to do is to remove *all* of the steps in the script that awaits input from the user to continue processing the script (they are non essential vanity items primarily used while I was building out the script). There are 7 is these in the script (look for "1/7", "2/7", "3/7", etc etc), just comment out (insert # at beginning of each line) for all 7 instances. There are ~10 lines per instance, examples of how instance #1 and #7 should look after editing is below. Just do the same for all 7 instances in your script and re run the script.
Code:
...
...
#PROMPT=""
#read -r -p "1/7. Initialise/Reinitialise Repo, first 'repo init' will take hours <Y/n>? (automatically continues unpromted after 5 seconds): " -t 5 -e -i Y PROMPT
#echo
#if [ -z "$PROMPT" ]; then
# PROMPT="Y"
#fi
#if [[ ! $PROMPT =~ ^[Yy]$ ]]; then
# echo "Response: '$PROMPT', exiting!"
# exit 1
#fi
...
...
#PROMPT=""
#read -r -p "7/7. Build rom (this segment can take hours) <Y/n>? (automatically continues unprompted after 10 seconds): " -t 10 -e -i Y PROMPT
#echo
#if [ -z "$PROMPT" ]; then
# PROMPT="Y"
#fi
#if [[ ! $PROMPT =~ ^[Yy]$ ]]; then
# echo "Response: '$PROMPT', exiting!"
# exit 1
#fi
...
I'd be really interested in knowing what OS you're using (Ubuntu, Mac, etc along with version) perhaps I can use this detail to come up with a more generic version of the script.
Good luck, let me know how you get on.
ko_taka said:
Timte to time I was getting errors while fetching
TLS errors
I found it is due gnutls package and applied the following solution:
I'm using git-openssl build now
Just started the fetching process again
I'm under virtual machine on a host with a proper firewall configuration -- maybe that caused the connection problems while fetching
Click to expand...
Click to collapse
I'd also try changing the value of the variable: REPO_SYNC_THREADS in the script to something lower (more suitable to your internet bandwidth / performance), try 2 or 4 and build up from there. ie: REPO_SYNC_THREADS=2
I think the problem was on GIT .. confusing I think so
I would be waiting a message like (file doesnt exist or something like that)
anyway I still with compiling errors but now is quite different
I am using virtualbox (Xubuntu 17.10) on Mac OS 10.13.2 Mac Mini 2014 entry level
applying packages_services_Telephony to packages/services/Telephony
./apply.sh: line 24: cd: /home/ferran/android/slimrom7/packages/services/Telephony: No such file or directory
6/7. Initialise environment for Build <Y/n>? (automatically continues unprompted after 10 seconds): Y
prepare device specific code...
including device/generic/mini-emulator-arm64/vendorsetup.sh
including device/generic/mini-emulator-armv7-a-neon/vendorsetup.sh
including device/generic/mini-emulator-mips64/vendorsetup.sh
including device/generic/mini-emulator-mips/vendorsetup.sh
including device/generic/mini-emulator-x86_64/vendorsetup.sh
including device/generic/mini-emulator-x86/vendorsetup.sh
including device/samsung/kminilte/vendorsetup.sh
build/envsetup.sh: line 1716: vendor/slim/build/envsetup.sh: No such file or directory
build/core/product_config.mk:250: *** _nic.PRODUCTS.[[device/samsung/kminilte/slim.mk]]: "vendor/slim/config/common_full_phone.mk" does not exist. Stop.
build/envsetup.sh: line 624: vendor/slim/build/tools/roomservice.py: No such file or directory
build/core/product_config.mk:250: *** _nic.PRODUCTS.[[device/samsung/kminilte/slim.mk]]: "vendor/slim/config/common_full_phone.mk" does not exist. Stop.
cat: /home/ferran/android/slimrom7/vendor/slim/build/envsetup.sh: No such file or directory
cat: /home/ferran/android/slimrom7/vendor/slim/build/envsetup.sh: No such file or directory
build/core/product_config.mk:250: *** _nic.PRODUCTS.[[device/samsung/kminilte/slim.mk]]: "vendor/slim/config/common_full_phone.mk" does not exist. Stop.
** Don't have a product spec for: 'slim_kminilte'
** Do you have the right repo manifest?
running croot...
mka clean/clobber needed...
./build_slimrom7_kminilte.sh: line 257: mka: command not found
7/7. Build rom (this segment can take hours) <Y/n>? (automatically continues unprompted after 10 seconds): Y
running mka bacon...
./build_slimrom7_kminilte.sh: line 273: mka: command not found
Click to expand...
Click to collapse
ko_taka said:
I think the problem was on GIT .. confusing I think so
I would be waiting a message like (file doesnt exist or something like that)
anyway I still with compiling errors but now is quite different
I am using virtualbox (Xubuntu 17.10) on Mac OS 10.13.2 Mac Mini 2014 entry level
Click to expand...
Click to collapse
Thanks for the feedback. At first glance it looks to me like your issue is less to do with the script and more to do with not having all the source locally. Seeing commands such as running ./apply.sh (puled down with the source) error reporting "file not found" is the smoking gun.
Right now I'd be tempted to say ensure you've successfully pulled the primary SlimRom7 source locally. It may be easier to do this outside of the script by running the following:
Code:
$ cd /home/ferran/android/slimrom7/
$ repo forall -vc "git reset --hard" --quiet
$ repo sync --jobs="2"
Keep an eye out of timeouts / 404 while it's syncing the repo's (the third of the three commands above). If you get errors just keep rerunning the "repo sync" command given above while in the correct directory until it completes without error. Once you have that done successfully, change the the build_scripts directory and re-run the script. If you see timeouts / 404 in the script output then you might have to manually run the "git clone" commands to see which one is causing the issue(s).
why does need that much space?
I was executing
$ repo forall -vc "git reset --hard" --quiet
$ repo sync --jobs="2"
Click to expand...
Click to collapse
I am getting the message "out of space"
80GB full of source code and even need more space??
ko_taka said:
why does need that much space?
I was executing
I am getting the message "out of space"
80GB full of source code and even need more space??
Click to expand...
Click to collapse
Use a disk usage analysis tool to find out whether earlier failed attempts pulled source down to multiple locations (when the script was failing).. I mentioned in an earlier post the size of the repo, look back 5 or 6 posts. Don't forget the bulk of the source will be contained in a hidden folder named /.repo/ check this folder doesn't exist outside of the build folder (/slimrom7/)...looking at earlier attempts I'd fist check your /build_scripts/ folder for the hidden .repo folder and if there delete it. Good luck