[Kernel] Hydra-kernel **UPDATE 8/20** - Droid Incredible Android Development

Get them at http://hydrakernel.net

Has anyone tried this yet?

doesn't work SETcpu can't read it.

Does it break anything? This should allow us to do adb remount too, right?

It 'should'..
I did get into adb/recovery and loaded the new recovery. it looks like it flashed. but on reboot...
Code:
ro.secure=1
so I am guessing my update script failed.

script
Code:
assert(file_getprop("/system/build.prop", "ro.build.fingerprint") == "verizon/inc/inc/inc:2.1-update1/ERE27/161493:user/release-keys" ||
file_getprop("/system/build.prop", "ro.build.fingerprint") == "verizon/inc/inc/inc:2.1-update1/ERE27/161494:user/release-keys");
assert(getprop("ro.product.device") == "inc" ||
getprop("ro.build.product") == "inc");
set_progress(1.000000);
ui_print("Writing boot image...");
write_firmware_image("PACKAGE:boot.img", "boot");
set_progress(1.000000);
*edit*
looks like the update script is the issue. (p.s I miss fastboot )
Code:
// write_firmware_image(file, partition)
//
// partition is "radio" or "hboot"
// file is not used until after updater exits
//

Try this in recovery:
Code:
adb push ./boot.img /sdcard
Then, open a shell to your phone via 'adb shell', get root, and do the following two commands to flash your new boot image:
Code:
# cat /dev/zero > /dev/mtd/mtd2
write: No space left on device [this is ok, you can ignore]
# flash_image boot /sdcard/boot.img

ihtfp69 said:
Try this in recovery:
Code:
adb push ./boot.img /sdcard
Then, open a shell to your phone via 'adb shell', get root, and do the following two commands to flash your new boot image:
Code:
# cat /dev/zero > /dev/mtd/mtd2
write: No space left on device [this is ok, you can ignore]
# flash_image boot /sdcard/boot.img
Click to expand...
Click to collapse
Backup..
cat /dev/mtd/mtd2 > /sdcard/mtd2.img
do we have flash_image?

Yes, sorry. I took that for granted. Here is the revised instructions. I attached flash_image.
Try this in recovery:
Code:
adb push ./boot.img /sdcard
adb push ./flash_image /sdcard
Then, open a shell to your phone via 'adb shell', get root, and do the following two commands to flash your new boot image:
Code:
adb shell
$ su
# /system/bin/cat /sdcard/flash_image > /system/bin/flash_image
# /system/bin/chmod 755 /system/bin/flash_image
# /system/bin/cat /dev/mtd/mtd2 > /sdcard/mtd2.img
# /system/bin/cat /dev/zero > /dev/mtd/mtd2
write: No space left on device [this is ok, you can ignore]
# /system/bin/flash_image boot /sdcard/boot.img

that didnt work.. resetting...... try again tomorrow
the kernels good. just getting it installed...

Tried this. Any ideas?
Code:
android-sdk-windows\tools>fastboot flash zimage boot.img
sending 'zimage' (2272 KB)... OKAY [ 0.344s]
writing 'zimage'... INFOsignature checking...
FAILED (remote: signature verify fail)
finished. total time: 0.766s

Fastboot does not do anything if you are not on an engineering SPL.

So I know this doesn't have much to do with this kernel buuuut for some reason last night in SetCPU the only thing I could adjust was idle speeds updated SetCPU and have access too the full bit? Max says 998400 min 24500... hmmm? Any ideas?

How do you know if the kernel is good if you cannot flash it? I compiled a kernel as well and got it installed but it stuck my phone at the HTC logo...

adrynalyne said:
How do you know if the kernel is good if you cannot flash it? I compiled a kernel as well and got it installed but it stuck my phone at the HTC logo...
Click to expand...
Click to collapse
I used the same build setup i've used for the mytouch. and got no errors building it

shouldnt you make the script ro-secure=o not 1? so it would unlock the nand?

I did. but on reboot it still shows as =1. so i assume the flash failed

I have never done this before but is it possible to just copy the kernel on our phone, unpack it, edit the default.prop and repack it? I don't have Linux or I would try it myself. Check out this wiki. It explains how to do it. It seems easy enough for someone who knows how to compile a kernel.
http://android-dls.com/wiki/index.p...s#Flashing_your_new_image_back_onto_the_phone

ihtfp69 said:
I have never done this before but is it possible to just copy the kernel on our phone, unpack it, edit the default.prop and repack it? I don't have Linux or I would try it myself. Check out this wiki. It explains how to do it. It seems easy enough for someone who knows how to compile a kernel.
http://android-dls.com/wiki/index.p...s#Flashing_your_new_image_back_onto_the_phone
Click to expand...
Click to collapse
this is the process i used to unpack the ramdisk and edit the default.prop and repack the ramdisk and the new kernel

i`ll give it a shot my friend is really good at kernels so i`ll have him look at it to

Related

Superboot for Tattoo test

Feeling brave? Help me test / develop my superboot!
http://android.modaco.com/content/h...9976/13-jan-1-0-superboot-rooting-the-tattoo/
P
sorry, but your batch makes problemm...
and when i make it manual:
C:\Android\superboot>fastboot-windows boot tattoo.superboot.img
downloading 'boot.img'... OKAY
booting...
then nothing
for me doesn't work... i've got mac and the message in terminal is:
./install-superboot-mac.sh: line 3: unexpected EOF while looking for matching `''
./install-superboot-mac.sh: line 14: syntax error: unexpected end of file
and if i try to do the steps inside the script terminal says:
bash-3.2# chmod +x fastboot-mac
bash-3.2# chmod +x adb-mac
bash-3.2# ./adb-mac shell reboot oem-78
error: device not found
bash-3.2# ./fastboot-mac oem-78
usage: fastboot [ <option> ] <command>
commands:
update <filename> reflash device from update.zip
flashall flash boot + recovery + system
flash <partition> [ <filename> ] write a file to a flash partition
erase <partition> erase a flash partition
getvar <variable> display a bootloader variable
boot <kernel> [ <ramdisk> ] download and boot kernel
flash:raw boot <kernel> [ <ramdisk> ] create bootimage and flash it
devices list all connected devices
reboot reboot device normally
reboot-bootloader reboot device into bootloader
options:
-w erase userdata and cache
-s <serial number> specify device serial number
-p <product> specify product name
-c <cmdline> override kernel commandline
-i <vendor id> specify a custom USB vendor id
bash-3.2# ./fastboot-mac boot tattoo.superboot.img
downloading 'boot.img'... FAILED (remote: not allow)
bash-3.2# ./fastboot-mac reboot
rebooting... (here with no reboot)
i hope this could help you...
You could try fastboot oem boot superboot.img allthough I don't think it will work, we have tried this on the Eris but who knows maybe yours will be different
Any advance on this guys?
If you need my help, just tell me, I'm newbie but I love to take risks!
I tried this method on my HTC.
downloading 'boot.img'... OKAY
booting.....
Click to expand...
Click to collapse
I waited for few min nothing happen.so un plug the cable it goes to RUU.
And then i insert the cable it rebooted.
What about this?
i'm New
Did anyone try what I said, "fastboot oem boot superboot.img" make sure you have oem in there otherwise it will just hang at booting..... I'm just curouse if it works for you guys.
I have a feeling there stuck on it same as we are, the tattoo and eris are more alike than either to the hero
binny1007 said:
Did anyone try what I said, "fastboot oem boot superboot.img" make sure you have oem in there otherwise it will just hang at booting..... I'm just curouse if it works for you guys.
Click to expand...
Click to collapse
Yup, tried that. It just boots the phone to it's current (flashed) rom
I tried using the boot command and, while it's hanging at "booting...", I sent a oem boot, but no luck
If it boots to the current flashed rom then it might have worked. you wont notice a physical different if superboot boots.
FireSokar said:
If it boots to the current flashed rom then it might have worked. you wont notice a physical different if superboot boots.
Click to expand...
Click to collapse
Interesting. When I get mine (tattoo), I'll try it out. Superboot just allows us superuser access, doesn't it? If we boot with this, then run a Terminal emulator, type 'su', we'll be able to get root (temporarily)?
Im pretty sure thats how it works, im not 100% sure im following this thread closely as we are stuck @ the exact same point on getting the droid eris rooted, better side of 2 months working on it.
The wait for my HTC Tattoo is killing me. I really want to try this out before I go back to school...
I ordered it last week sometime and it's supposedly coming next week... If it all comes to the worse, I'll just try this at school.... Hehe
Alright, I did this, and I think it may get me somewhere.
I did this while on the home screen, with USB debugging enabled. I ran the mac fastboot script, and it booted into the HTC logo screen. It said "Booting..." and got stuck.
After a minute, I yanked the USB cord out, and it dumped me at the RUU screen with text like this in my Terminal:
Terminal said:
Matthew-Coburns-MacBook:1.2-tattoo-superboot matthew$ ./install-superboot-mac.sh
Superboot for HTC Tattoo by Paul O'Brien @ http://www.MoDaCo.com
----------------------------------------------------------------
Rebooting device...
* daemon not running. starting it now *
* daemon started successfully *
0
Waiting 10 seconds for reboot...
Booting superboot...
ERROR: could not get pipe properties
downloading 'boot.img'... OKAY
booting... ERROR: usb_read failed with status e00002ed
FAILED (status read failed (No such file or directory))
ERROR: could not get pipe properties
< waiting for device >
ERROR: could not get pipe properties
ERROR: could not get pipe properties
ERROR: could not get pipe properties
ERROR: could not get pipe properties
ERROR: could not get pipe properties
ERROR: could not get pipe properties
Click to expand...
Click to collapse
I then reinserted the USB cable and got this:
rebooting...
Done!
Click to expand...
Click to collapse
After that, I did some exploring with adb-mac:
Matthew-Coburns-MacBook:1.2-tattoo-superboot matthew$ ./adb-mac shell
$ ls
sqlite_stmt_journals
cache
sdcard
etc
system
sys
sbin
proc
logo.rle
init.rc
init.goldfish.rc
init.bahamas.rc
init
default.prop
data
root
dev
$ su
su: permission denied
Click to expand...
Click to collapse
And so, I got the dreaded permission denied error! Oh well, at least I tried...
Any suggestions?
EDIT: I can do 'cat /proc/cpuinfo' and get:
Processor : ARMv6-compatible processor rev 2 (v6l)
BogoMIPS : 244.94
Features : swp half thumb fastmult edsp java
CPU implementer : 0x41
CPU architecture: 6TEJ
CPU variant : 0x1
CPU part : 0xb36
CPU revision : 2
Hardware : bahamas
Revision : 0080
Serial : 0000000000000000
Click to expand...
Click to collapse
Interesting...

Rooting the Tattoo(its done!) - what we have got so far

Finally the race is over and some brave devs managed to get root on the tattoo and some were able to reproduce it on their own devices already. But notice: We are in an early stage of development. There is no one-klick-get-root app at the moment and there is still much work to be done until we get custom roms.
I will try to keep track of the ongoing development and update this post periodically. I've you find a mistake or get something new, let us know but we can't give support to every linux-nob at this point of development!
At the moment beeing root on the tattoo does NOT enable you to use the usual applications like Wifi Tethering that need root out of the box. You are also unable to write to /system by default. Now there is a new hack to make /system writable (look at the bottom of this post)
[size=+2]Status[/size]
Last update: 26.02.2010 - 12:55 MEZ
[size=+1]Rooting[/size]
The tattoo was successfully rooted the first time on 19.02.2010 ( http://forum.xda-developers.com/showpost.php?p=5672597&postcount=93 ). It was reproduced by some other users already, there is some work to be done make the exploit work more easily.
Because it has been asked many times: If there will ever be an OFFICIAL update with android 2.1 by HTC for the Tattoo (nobody knows definitively), this root-exploit will NOT work! You will lose root then!
It was done by porting this exploit http://www.milw0rm.com/exploits/8678 to the arm plattform and the tattoo. It uses a security hole in kernel 2.6.29 that wasn't patched in tattoos kernel. All began here on 10.2.2010 (the first post doesn't has to do anything with this): http://forum.xda-developers.com/showthread.php?t=631540
Kudos to zanfur, bftb0, mainfram3, HT123 and others (sorry if I forgot an important one).
The exploit was tweaked to deliver root more reliable.
[size=+1]Flashing custom roms[/size]
To develop custom roms won't be the problem, but the tattoo has got some extra security mechanisms that don't make it trivial to flash a new rom even now we have root. There is work going on to solve this.
[size=+1]Howto get root-privileges[/size]
I think it is save to follow but this is done at your own risk. Don't blame me if you Tattoo explodes, eats your hamster or make your girlfriend leave you.
Remember: We're in an early state of development, this is no Klick-an-Run-app, linux knowledge is needed.
Newbis on Windows should follow this howto made by Coburn64, its much easier than this one: http://forum.xda-developers.com/showthread.php?t=637927
Download this to your PC and unzip: View attachment 285070
(the older release was called m6 and can be found here: View attachment r00t.zip)
m7 is the binary. Push m7 to your Tattoo using adb:
Code:
adb push m7 /data/local/bin/m7
adb chmod 755 /data/local/bin/m7
Start a shell:
Code:
adb shell
Start the exploit in the shell:
Code:
cd /data/local/bin
while `true` ; do /data/local/bin/m7; done
The new m7 is an improved version of the old m6, it now should bring you root much more reliable.
With the old m6 while it is running, bring up and close random apps via task manager on the tattoo. This might not be necessary with m7. After a while the exploit should report success and come up with a root-shell. The promt should change from
Code:
$
to
Code:
#
Sometime the exploit stopps but no shell ('#') comes up. Just terminate it with ^C and try again.
You did it, you should be root now!
Let's set some variables:
Code:
export LD_LIBRARY_PATH=/system/lib
export PATH=/system/bin
When you got your shell, check if you are really root:
Code:
id
You should get something like this:
Code:
# id
uid=0(root) gid=1000(shell) groups=1003(graphics),1004(input),1007(log),1011(adb),1015(sdcard_rw),3001(net_bt_admin),3002(net_bt),3003(inet)
uid=0(root) is important.
To get a root-shell more easily next time, we have to make su work.
Take this su binary and push it in your tatto: http://www.fileuploadx.de/45656
Code:
adb push su /data/local/bin/su
Remount /data without the nosuid-option
Code:
# mount -o rw,remount /dev/block/mtdblock3 /data
Change the owner to root and set the suid-bit
Code:
# chown root.root /data/local/bin/su
# chmod 4755 /data/local/bin/su
Now you don't have to run the exploit again, just open a normal shell and run
Code:
$ /data/local/bin/su
Now you should be root!
Attention: If you reboot your phone, you have to run the exploit and the mount command again because /data will be mounted nosuid again!
Thats it!
Some suggestions for going on. When you run mount, you will see that some partitions are mounted read-only and/or with the nosuid-option. You can change this by running:
Code:
mount -o rw,remount /dev/block/mtdblockYOUWANT /DIRtoREMOUNT
[size=+2]Other developer stuff[/size]
Here I will list all other thinks, more dangerous and not with all steps described in detail because you should know how to do this if you want to
New: Make /system writeable
This is a dangerous part, it might break you system forever unless you don't know what you are doing! Don't try it unless you are a dev! That is the reason why the steps you have to do are not described in a more detailed way. If you don't know what to type in, you shouldn't try this hack!
Download View attachment 286072
1. Copy tattoo-hack.ko from the zip to /data/local/bin
2. # insmod /data/local/bin/tattoo-hack.ko
3. Remount system partition to be writeable
Now you can do everything with /system until you reboot. /system is the only partition that is mounted without nosuid after reboot, so copy su over to /system/bin/ to keep root permanently. To be able to use programs like setcpu you have to replace /system/bin/su with this su:
View attachment 286154
Flashing a custom recovery image
This is in alpha-state but we are able to flash custom recovery images what is the determining step to flashing custom roms. Don't ask how to flash android 2.x (we didn't do it right now) or when it will be ready. It will bes sometimes...
http://forum.xda-developers.com/showthread.php?t=639486
Have a lot of fun!
-bm-
BTW.. In order for /data/local/bin to exist it's probably best you do the busybox install to there first.. also the busybox commands are very handy.
Great - bm - thank you very much
-bm- said:
-bm-
Click to expand...
Click to collapse
This is a great day, it's really amazing how people could work together searching the good way to root this awesome little phone. Just to say I've really appreciated your work... I followed all you guys day by day... Thank you everyone, sorry for the OT.
Anyway... risks of bricks?
elvisior said:
BTW.. In order for /data/local/bin to exist it's probably best you do the busybox install to there first.. also the busybox commands are very handy.
Click to expand...
Click to collapse
Youre right, busybox makes further development more handy. But I think it isn't needed for /data/local/bin to exist, because for me it was there and I've got no busybox on my tattoo
chdir /data/local/bin
Click to expand...
Click to collapse
instead of
chdir to /data/local/bin
Click to expand...
Click to collapse
Thanks Man.
Nice team work.
stupid noobie question how Push m6 to your Tattoo using adb! can anyone possible make a noobie tutorial?!
@zoko : Use your favorite linux distribution.
please can you help me?when I do .m6 in shell i get
Code:
[ Overwritten 0xb0000100
but no #, any help for me?
ApotheoZ said:
@zoko : Use your favorite linux distribution.
Click to expand...
Click to collapse
You don't need Linux. Windows or even Mac OS will do just fine.
Zoko, grab adb.exe from the Android SDK. To install m6, just run:
Code:
adb push m6 /data/local/bin/m6
chusen said:
please can you help me?when I do .m6 in shell i get
Code:
[ Overwritten 0xb0000100
but no #, any help for me?
Click to expand...
Click to collapse
As I try to say in my howto (okay, my english is not the best ;-) ): That happens quite often. Just stop it with ^C ([control]+C) and start the exploit again until you have luck!
zoko said:
stupid noobie question how Push m6 to your Tattoo using adb! can anyone possible make a noobie tutorial?!
Click to expand...
Click to collapse
Hi zoko!
Please use google to find a tutorial for pushing files using adb, there are many out there and using adb is not tattoo-specific!
We don't have time to provide more service at the moment ;-)
By the way: I'm happy about everybody testing, but I wonder what you want to do with a root-shell I you even didn't use adb before. But learning and trying is always a good thing but please consider learning by googling also ;-)
Have a lot of fun!
-bm-
thanks but i try and try and try... and same result, more ideas or only try it?
Is there any way to mount /data r/w on boot?
I doubt it because the exploit should be run first... hmm
So now we need a custom rom with root privileges
...first a recovery.. i think
after i run the exploit once I have to reboot the phone to be able run it again or i get
HTML:
$ usage: reboot [-n] [-p] [rebootcommand]
.
any option to be able to run it more than once without rebooting the phone?
The Tattoo Root (kit)
Here's a small installation batch, to make it easier for everyone.
Download the supplied zip (TattooRoot).
Run 'install-tattoo-root'.
Code:
--------------------------------------------------
Creating /data/local/bin (it's ok to get an error)
mkdir failed for /data/local/bin, File exists
300 KB/s (5546 bytes in 0.018s)
1366 KB/s (356916 bytes in 0.255s)
9 KB/s (126 bytes in 0.013s)
--------------------------------------------------
M6 exploit (shoryuken derived with ARM shellcode from Zanfur)
installed to /data/local/bin
STEP 1:
Launch adb shell at the command prompt
Once in a shell type:
while `true` ; do /data/local/bin/m6; done
The exploit has succeded once you get a root prompt (indicated by #)
Retry the while loop above, until you get the root prompt
STEP 2:
Run /data/local/bin/create_su.sh to create a
suid shell in /data/local/bin/su
I think the comments are self-explanatory. If you can't get the m6 into your Tattoo, even with the help of this batch, I suggest you wait a little longer for a more foolproof way to free your Tattoo
Everytime you reboot your Tattoo you'll have to execute steps 1 and 2 again.
@mainfram3 i dont get same results
Code:
--------------------------------------------------
Creating /data/local/bin (it's ok to get an error)
mkdir failed for /data/local/bin, File exists
300 KB/s (5546 bytes in 0.018s)
1366 KB/s (356916 bytes in 0.255s)
9 KB/s (126 bytes in 0.013s)
--------------------------------------------------
M6 exploit (shoryuken derived with ARM shellcode from Zanfur)
installed to /data/local/bin
STEP 1:
Launch adb shell at the command prompt
Once in a shell type:
while `true` ; do /data/local/bin/m6; done
The exploit has succeded once you get a root prompt (indicated by #)
Retry the while loop above, until you get the root prompt
STEP 2:
Run /data/local/bin/create_su.sh to create a
suid shell in /data/local/bin/su
i get
Code:
Creating /data/local/bin (it's ok to get an error)
mkdir failed for /data/local/bin, File exists
34 KB/s (5546 bytes in 0.156s)
796 KB/s (356916 bytes in 0.437s)
7 KB/s (126 bytes in 0.015s)
--------------------------------------------------
where are my error?
chusen said:
i get
Code:
Creating /data/local/bin (it's ok to get an error)
mkdir failed for /data/local/bin, File exists
34 KB/s (5546 bytes in 0.156s)
796 KB/s (356916 bytes in 0.437s)
7 KB/s (126 bytes in 0.015s)
--------------------------------------------------
where are my error?
Click to expand...
Click to collapse
Chusen,
That is allright.
Now, launch a adb shell by typing
Code:
adb shell
and then try the exploit
Code:
$ while `true` ; do /data/local/bin/m6; done
until your greeted with:
Code:
[ Overwritten 0xb0000100
# <---- This # indicates you got root

[MOD] v0.3.1 Working Full Ubuntu for 1.5.7 and 1.8.3 based on Sogarth's script

Sogarth's webtop2sd will be released soon, you really should wait and install that instead of this! Thanks -The Management
No longer breaks on 1.83, thanks to Romracer
Update: This script worked on my phone. Mind you I was installing it from a fresh SBF flash, but it should work on your phone too. Absolutely no guarantees as usual.
Update 11th April 2011, 06:59 PM: Won't be getting CWM package because it'd be huuuuuuuuuge.
Update 28th April 2011. 16:38 PM: Removing BETA tag since there have been no issues with the script for quite some time.
First off I would like to thank Sogarth for making this script in the first place as well as Romracer for fixing it for 1.83. Since he is busy doing more important work I decided to do this little hack for those of us that updated to 1.5.7 and dont feel like flashing back to earlier versions to get full Ubuntu working.
Again, this is only necessary if you're already running 1.5.7 or 1.8.3.
Secondly, I am still working on this script so it may not work for you. If you have a problem you may post in the thread or PM me showing exactly the error message, word for word, that you receive.
Updates will be included in the OP from time to time as I fix errors.
Instructions:
1) install.bat (from your computer)
2) adb shell (get a shell on your phone)
3) su (get root on your phone in that shell)
4) . /data/local/tmp/install.sh (run the install script *on your phone* don't forget the "." and the space after the dot, or you will have to chmod 755 the shell script manually)
5) ?????
6) profit\
Noob instructions, written by Viamonte (I take no credit or responsibility):
Thanks again for all your help. Now the noob instructions:
"1-Download "Terminal Emulator" from the market, on your phone (or any other terminal), and the file anexed in this thread to your computer.
2-Connect the Atrix to the computer via USB, configuring the connection mode to "None" and enabling USB Debugging mode (Settings>Applications>Development>USB debugging)
3-Unzip the file you downloaded on your pc, and run Install.bat. This will push the script to your phone.
4-Go back to your phone and open the emulator you downloaded. Then type "su" (without quotes) and press enter. Then type ". /data/local/tmp/install.sh" (without quotes) and press enter again.
The script should begin running now. It will stop in two moments where you'll be instructed to get a cup of coffee, and may take several minutes to continue form this point. When finished, the Atrix will reboot.
To check if this worked, use the Webtop either on your multimidia dock or your lapdock and verify if new itens appeared on your task bar and on the right upper side of the screen"
0.3.1 release
0.2 release
0.1 first release
Changelog
0.3.1 fix to gconf file's mdate so it does what its supposed to do =)
0.3 Small typo fixes and cpp package install fix by romracer, now works on 1.83 =)
0.2 Fixed some typos in uninstall.sh and make sure the %gconf file wound up in the right spot.
0.1 - first version. NOT CWM install but ready to be packaged for that more or less
Nice, I'll give this a shot later.
Ill give it a shot when I get home!
Sent from Motorola Atrix on TELUS.
My phone is working perfectly, so why not ruin it?
I'm giving this a try right now!
1.4.57 - Rooted and gingerblurred with HDMI Mirroring and Webtop hack.
I'll update as progress goes along:
Edit 1:
Initial try gave me this
Checking device state...
Obtaining temporary root access...pushing shell scripts
A filesystem file already exists. Reset it? [n] y
Mounting the filesystem...
07.sh
--------------------------------------------
EXECUTION FAILED
Unable to mount the filesystem file. ERR 07
--------------------------------------------
Press any key to continue . . .
Edit 2:
Ok, it doesnt work with resetting it. How about removing?
Checking device state...
Obtaining temporary root access...pushing shell scripts
A filesystem file already exists. Reset it? [n] n
A filesystem file already exists. Delete it? [n] y
Deleting the filesystem file...
--------------------------------------
EXECUTION FAILED
Unable to delete the filesystem file.
--------------------------------------
Press any key to continue . . .
Edit 3:
Ok, only one option left then.
Checking device state...
Obtaining temporary root access...pushing shell scripts
A filesystem file already exists. Reset it? [n] n
A filesystem file already exists. Delete it? [n] n
--------------------------------------------------------------------------
EXECUTION FAILED
The filesystem file already exists, but no operations have been selected.
--------------------------------------------------------------------------
Press any key to continue . . .
=====================================================================
Edit 4:
Since execution is failing I'm trying to find the problem. Using ADB Shell i tried to manually run the shell scripts and stumbled here:
(I tried chmod 777 @ 02.sh to see if that was the problem, no change is results)
# ls -l
...
...
-rwsr-sr-x shell shell 87 2011-04-06 12:13 03.sh
-rwxrwxrwx shell shell 82 2011-04-06 12:11 02.sh
-rwsr-sr-x shell shell 251 2011-04-06 12:04 01.sh
# pwd
pwd
/data/tmp/shell
# /data/tmp/shell/02.sh
/data/tmp/shell/02.sh
/data/tmp/shell/02.sh: not found
I had the same issue as flybob when I tried to run the script.
Sent from my MB860 using XDA Premium App
Good effort, but 1.57 changes how we have to run commands as root. On a normal linux box, I'm sure your methods would work fine, but we're not dealing with a normal su binary. You should look into doing this as CWM as opposed to .bat files. I had a hell of a time getting around the restrictions since the psneuter exploit was closed.
Ah, I did not think about that Ririal, thanks for the info. I am not familiar with CWM though.
Why is the /tmp directory in /data ? That would certainly cause every script to fail.
I'll look at this some more tonight.
Ririal said:
Good effort, but 1.57 changes how we have to run commands as root. On a normal linux box, I'm sure your methods would work fine, but we're not dealing with a normal su binary. You should look into doing this as CWM as opposed to .bat files. I had a hell of a time getting around the restrictions since the psneuter exploit was closed.
Click to expand...
Click to collapse
How about a shell script that we can run in terminal emulator ? and the output goes to screen and a log file for debug !
molotof said:
How about a shell script that we can run in terminal emulator ? and the output goes to screen and a log file for debug !
Click to expand...
Click to collapse
most of the script is now run by shell scripts, no reason you couldn't run them in the terminal emulator, just get the order right. There are also a few lines I didn't translate to shell so you'd have to enter them by hand.
In any case I'll keep working on this until Sogarth releases his version with union mounts =D
You might be interested to know this;
# cd /tmp
cd /tmp
# pwd
pwd
/data/tmp
# ls -l /tmp
lrwxrwxrwx root root 2011-04-09 14:47 tmp -> /data/tmp
I'll happily help with the script, i know tons of linux and got my Atrix ready to be bricked
flybob said:
You might be interested to know this;
# cd /tmp
cd /tmp
# pwd
pwd
/data/tmp
# ls -l /tmp
lrwxrwxrwx root root 2011-04-09 14:47 tmp -> /data/tmp
I'll happily help with the script, i know tons of linux and got my Atrix ready to be bricked
Click to expand...
Click to collapse
That's just a symlinked directory. I won't make a difference if you call either.
Yes, just replied to the previous question
Why is the /tmp directory in /data ? That would certainly cause every script to fail.
I'll look at this some more tonight.
Click to expand...
Click to collapse
However, why doesn't the scripts run as wanted...?
# cat /tmp/shell/02.sh
cat /tmp/shell/02.sh
#!/bin/sh
/system/bin/su
/bin/rm /data/ubuntu.disk > /dev/null 2>&1 && echo PASS#
# ls -l /tmp/shell/02.sh
ls -l /tmp/shell/02.sh
-rwxrwxrwx shell shell 82 2011-04-06 12:11 02.sh
# /tmp/shell/02.sh
/tmp/shell/02.sh
/tmp/shell/02.sh: not found
flybob said:
Yes, just replied to the previous question
However, why doesn't the scripts run as wanted...?
# cat /tmp/shell/02.sh
cat /tmp/shell/02.sh
#!/bin/sh
/system/bin/su
/bin/rm /data/ubuntu.disk > /dev/null 2>&1 && echo PASS#
# ls -l /tmp/shell/02.sh
ls -l /tmp/shell/02.sh
-rwxrwxrwx shell shell 82 2011-04-06 12:11 02.sh
# /tmp/shell/02.sh
/tmp/shell/02.sh
/tmp/shell/02.sh: not found
Click to expand...
Click to collapse
Ah ok my mistake, you didn't quote anything I didn't realize that's what you were responding too
Likely noexec flag causing that issue.
Also, you can't invoke su from inside a shell script. It just doesn't work with this su binary.
yeah, I guess not. I hadn't realized that it wasn't a real 'su' before making this... too bad.
If anyone figures out how to get around that we'll be in business Unfortunately that's way beyond my expertise.
Okay, after fiddling a little bit and talking to a friend I may have solved some of the problems, mainly with the scripts executing and su working.
I will have to rewrite a bunch of things but should report back tonight.
the2dcour said:
Okay, after fiddling a little bit and talking to a friend I may have solved some of the problems, mainly with the scripts executing and su working.
I will have to rewrite a bunch of things but should report back tonight.
Click to expand...
Click to collapse
su -c "command"
You'll have to allow superuser on the phone for every single command.
PM'd you my error. I tried manually editing the permissions, but that didn't work.
Running on GladAtrix2 v3
USB debugging on; USB set to none
Checking device state...
Obtaining temporary root access...pushing shell scripts
-------------------------
EXECUTION FAILED
Unable to chmod scripts.
-------------------------
Press any key to continue . . .
Changed /sdcard-ext to /sdcard in script. Got this error
Checking device state...
Obtaining temporary root access...pushing shell scripts
-------------------------
EXECUTION FAILED
Unable to chmod scripts.
-------------------------
* server not running *
Press any key to continue . . .
Running BETA_ubuntu-1.0.6.4.zip. File extracts to BETA_ubuntu-1.0.6.2 directory. Ran ubuntu-1.5.7.bat
Moved BETA_ubuntu-1.0.6.2 to C:\ Same error
The only easy workaround to that I can see at the moment is to
Code:
adb shell
su
chmod 777 /path-to-scripts/*
ls -l /path-to-scripts/*
make sure all the files are executable (should say rwxrwxrwx)
then remove the bit of code from 1.5.7.bat
Code:
set retval=
for /f "tokens=*" %%l in ('%~dps0adb.exe shell "/bin/chmod 6755 /mnt/sdcard-ext/shell/* > /dev/null 2>&1 && echo PASS"') do set retval=%%l
if "%retval%" neq "PASS" set message=Unable to chmod scripts. && goto abort
If anyone can help me fix this problem I should be able to automate the chmod process using ririal's suggestion of su -c. The problem is that there are too many nested quotation marks in this section of the batch file, and I can't for the life of me figure out how to escape quotes so they pass through to adb:
Code:
set retval=
for /f "tokens=*" %%l in ('%~dps0adb.exe shell "/system/bin/su -c [U]'/bin/chmod 6755 /mnt/sdcard-ext/shell/*'[/U] > /dev/null 2>&1 && echo PASS"') do set retval=%%l
if "%retval%" neq "PASS" set message=Unable to chmod scripts. && goto abort
The underlined bit is where I need to escape either single or double quotes.
the2dcour said:
The only easy workaround to that I can see at the moment is to
Code:
adb shell
su
chmod 777 /path-to-scripts/*
ls -l /path-to-scripts/*
make sure all the files are executable (should say rwxrwxrwx)
then remove the bit of code from 1.5.7.bat
Code:
set retval=
for /f "tokens=*" %%l in ('%~dps0adb.exe shell "/bin/chmod 6755 /mnt/sdcard-ext/shell/* > /dev/null 2>&1 && echo PASS"') do set retval=%%l
if "%retval%" neq "PASS" set message=Unable to chmod scripts. && goto abort
If anyone can help me fix this problem I should be able to automate the chmod process using ririal's suggestion of su -c. The problem is that there are too many nested quotation marks in this section of the batch file, and I can't for the life of me figure out how to escape quotes so they pass through to adb:
Code:
set retval=
for /f "tokens=*" %%l in ('%~dps0adb.exe shell "/system/bin/su -c [U]'/bin/chmod 6755 /mnt/sdcard-ext/shell/*'[/U] > /dev/null 2>&1 && echo PASS"') do set retval=%%l
if "%retval%" neq "PASS" set message=Unable to chmod scripts. && goto abort
The underlined bit is where I need to escape either single or double quotes.
Click to expand...
Click to collapse
^ escapes batch, \ escapes shell. Hope this helps. If you zip up and send me the whole process in a single .sh file I can wrap it up in CWM for you.

[Q] Booting to recovery with ADB

Good morning guys,
I potentially have a couple of hundred of these to update with an AOSP ROM. I dont have any problems with the update, all smooth sailing, but I'm trying to script as much as possible to automated the process - Unlock bootloader, get root, push all the files then install the ROM.
For some reason though the command 'adb reboot recovery' doesn't work as expected. It just reboots the phone back to the normal OS.
Has anyone else encountered this? or a work around?
I can issue 'adb reboot-bootloader' and it will reboot into the bootloader correctly where I can issue fastboot commands but not to the recovery (Which is CWM latest as of today, which I think is 6.1.1?)
Thanks in advance!
Code:
adb shell
su
echo "boot-recovery" | /system/bin/dd of=/dev/block/mmcblk0p5 bs=1 count=13
reboot / reboot recovery
Adam77Root said:
Code:
adb shell
su
echo "boot-recovery" | /system/bin/dd of=/dev/block/mmcblk0p5 bs=1 count=13
reboot / reboot recovery
Click to expand...
Click to collapse
Your a genius.
As a side note this didn't require root access.
Adam77Root said:
Code:
adb shell
su
echo "boot-recovery" | /system/bin/dd of=/dev/block/mmcblk0p5 bs=1 count=13
reboot / reboot recovery
Click to expand...
Click to collapse
Maybe you can help me out a little futher. What I'm trying to do is automate the superuser install.
From the look of that, is that writing to one of the recovery commands located under /cache/recovery ? Perhaps the command file?
If it is or not, perhaps you know of a way to write the /cache/recover/command file to run an update ZIP immediately on rebooting into the recovery? My reading seems to be going in circles.
From my reading what I would need to do is:
* Copy the superuser.zip to the sdcard
* write 'boot-recovery' to 'a' file as you mentioned above
* write '--update_package=/sdcard/superuser.zip' to the file /cache/recovery/command
Obviously without root already I cant just write to that file so I thought it might be possible to use 'dd' as above?
Then rebooting into recovery should automatically run the update zip? Or am I mad?
You do need root to write into the command file. 'dd' tool also needs root.

need help if there is any hope

Hey there.
i have my old sgs, and it cant boot to recovery. just to the rom.
the problem i have is that the usb port of the phone is messed up and only charges, cant be fixed.
so i cant use Odin.
is there any way to restore recovery? ive tried flashify and Rom Manager, both fails
purpleraintoxicity said:
Hey there.
i have my old sgs, and it cant boot to recovery. just to the rom.
the problem i have is that the usb port of the phone is messed up and only charges, cant be fixed.
so i cant use Odin.
is there any way to restore recovery? ive tried flashify and Rom Manager, both fails
Click to expand...
Click to collapse
We have recovery united with boot kernel if i'm not wrong, so it's risky for you.
If it isn't problem with keys, then you can flash kernel from terminal (i don't know on which ROM you are). I'm not too familiar with 2.3.6 layout, but on MTD you should:
- get any MTD ROM .zip.
- extract those files: bml_over_mtd \ bml_over_mtd.sh \ erase_image \ flash_image
- Take files to /sdcard
- Go in terminal (some file managers don't like copying to /sbin):
Code:
cp /sdcard/flash_image /sbin/flash_image
cp /sdcard/erase_image /sbin/erase_image
cp /sdcard/bml_over_mtd.sh /sbin/bml_over_mtd.sh
mkdir /tmp
cp /sdcard/bml_over_mtd /tmp/bml_over_mtd
chmod 755 /sbin/flash_image
chmod 755 /sbin/erase_image
chmod 755 /tmp/bml_over_mtd
chmod 755 /sbin/bml_over_mtd.sh
- Those files (^^^) should be in given locations (except /sbin/bml_over_mtd.sh - it can be somewhere else).
- Take desired boot.img to /sdcard/boot.img
- And make this:
Code:
su
erase_image boot
sh /sbin/bml_over_mtd.sh boot 72 reservoir 2004 /sdcard/boot.img
- Check /sdcard/bml_over_mtd.log for errors (it should be successful).
- If failed, don't restart! You must try different method.
Maybe wait before i will test it on my own (i can roll back anyway, you can't).
PS: Why not in General?
EDIT: It worked on PAC-ROM @ 4.4.4, so all MTD can be ok. BUT didn't tested on 2.3.6 firmware, here you shouldn't use bml_over_mtd i think, so try:
Code:
/sbin/flash_image boot /sdcard/boot.img
Still didn't guaranteed!!!
Ill try it. Thanks
Im on PA 4.4.4
on the lines:
cp /sdcard/flash_image /sbin/flash_image
cp /sdcard/erase_image /sbin/erase_image
i get error in terminal that this location is read-only
edit:
all went well after remounting this dir
the log was successful, now rebooted, waiting on boot logo for 5 min now. hope itll work, even though i dont really mind, i have my daily G2
thank you!
One more thing :you can always use mobile Odin...

Categories

Resources