Root Technical Details - Nexus One Q&A, Help & Troubleshooting

Hi, I've been searching for technical details of how root is actually obtained on the Android system. Specifically, I'm interesting in the Nexus One, but I'm curious about any methods that are available.
After reading the adb documentation among others, I've come to the belief that at least on the N1 it's as simple as remounting system as root and changing the permissions of su followed by installing busybox. After that the superuser application is installed, and it updates su with it's own version.
(This is only for updating the application on an already rooted system)
Superuser appears to grant root privileges to itself then overwrites su with it's own variation that uses its database for permissions, and calls the app with:
Code:
sprintf(sysCmd, "am start -a android.intent.action.MAIN -n com.koushikdutta.superuser/com.koushikdutta.superuser.SuperuserRequestActivity --ei uid %d --ei pid %d > /dev/null", g_puid, ppid);
I'm curious how cyanogen handles it without having the user install busybox, etc. before flashing his mod. I would think the Android system would only allow signed updates, but I have a feeling that the custom recovery image bypasses that.
If someone could just link me to a forum link/blog/etc. (if they exist) or give me some advice on things to search for, that would be great.
I'm just now getting into Android kernel development, and would love to know everything I can about it. I've been way to busy with a research project at school, but it's pretty much over at this point. I plan on becoming much more involved here especially with some programming some ideas I have for improvements to both the kernel and Google's applications.

meinhimmel said:
I'm curious how cyanogen handles it without having the user install busybox, etc. before flashing his mod. I would think the Android system would only allow signed updates, but I have a feeling that the custom recovery image bypasses that.
If someone could just link me to a forum link/blog/etc. (if they exist) or give me some advice on things to search for, that would be great.
.
Click to expand...
Click to collapse
bingo. upon unlocking the bootloader, you are able to flash a custom recovery which does not require google keys and you are able to install custom roms. the roms usually have busybox and the other applications built in. custom recovery also has all the binaries require for flashing roms.
a good site would be platform.android.com (something like that) for developing roms/editing kernel. you can also check the "android development" on the xda main forum homepage, there are a couple of stickies there worth reading

Related

I think I lost busybox? (and possibly root as well)

Ok, so my problems began after I updated to the the HTC ADP 1.6 ROM. I figured after I got it installed, I would just run fix permissions and be off to the races. That didn't work because I kept getting the error "cp: not found" when attempting to copy the script to /system/bin from the sdcard.
On a possibly related note I couldn't load Cyanogen's 1.4 recovery image either (currently using JF's v1.51) because of the error "flash_image: not found."
Doing some googling I found out that the function 'cp' was enabled by busybox. So I figured that maybe during the course of upgrading to 1.6 I lost busybox. I followed the directions here to reinstall:
http://benno.id.au/blog/2007/11/14/android-busybox
So in short, I'm about 1000% sure I messed up somewhere. The question is, at this point is it possible to fix what's wrong, or should I go through the steps to root my phone again? I'd like to avoid the latter if at all possible.
And at this point I'm not even sure that I have root anymore. I ran a script to reboot the phone (which requires su privies) so I guess I do.
Any and all help is appreciated.
http://forum.xda-developers.com/forumdisplay.php?f=507
Minker17 said:
http://forum.xda-developers.com/forumdisplay.php?f=507
Click to expand...
Click to collapse
...and which thread there should I follow?
the.snks said:
Any and all help is appreciated.
Click to expand...
Click to collapse
ADP1 builds do not have busybox or a su binary installed. You can install them yourself if you need the functionality. The "rooted base" in this thread has an already setup Superuser.apk protected su if you are lazy (you'll still have to install busybox though). Also if you use tethering you'll need to replace the kernel.
the.snks said:
...and which thread there should I follow?
Click to expand...
Click to collapse
Please differentiate between forums. You posted a question in the developepent forum. If you are not presenting something that you have developed for the dream/android platform, you should post in another forum. Questions, of course, go in the Q & A forum.
stogchris81 said:
Please differentiate between forums. You posted a question in the developepent forum. If you are not presenting something that you have developed for the dream/android platform, you should post in another forum. Questions, of course, go in the Q & A forum.
Click to expand...
Click to collapse
Gotcha. I don't see how to move or delete this thread.
Mods?
jashsu said:
ADP1 builds do not have busybox or a su binary installed. You can install them yourself if you need the functionality. The "rooted base" in this thread has an already setup Superuser.apk protected su if you are lazy (you'll still have to install busybox though). Also if you use tethering you'll need to replace the kernel.
Click to expand...
Click to collapse
I wasn't completely clear in the first post, I updated to the HTC ADP 1.6 with rooted base. I'm not sure if I eveb need busybox. That was just part of the attempt to install Cyanogen's 1.4 recovery image using the below instructions:
http://forum.xda-developers.com/showthread.php?p=3915123
I kept getting a "flash_image: not found" error. I would just install the CM's new ROM (http://forum.xda-developers.com/showthread.php?t=567610), but that's a no go since I can't get the recovery image loaded.
At this point I don't care anymore if I have to wipe. If I can get CM's recovery image loaded, I can go from there.
jashsu said:
ADP1 builds do not have busybox or a su binary installed. You can install them yourself if you need the functionality. The "rooted base" in this thread has an already setup Superuser.apk protected su if you are lazy (you'll still have to install busybox though). Also if you use tethering you'll need to replace the kernel.
Click to expand...
Click to collapse
Actually, ADP1 builds *do* have "su", it is just limited to root and shell users (i.e., it'll work if you already have root privileges -- switch user to a RESTRICTED user to test file access permissions, or switch from shell to *any* user from adb).
Eff it. I'm going to totally downgrade and then root again using the sticky in this section. This just isn't worth the hassle.
Thank you to everyone that tried to help.
Mods: You can delete this thread.

[HACK] [Script] Semi-Automated Unlock/Root Script for Linux

Script pulled; should have it back up by Wednesday.
Hey guys. I've written a shell script to automate some of the more menial tasks involved with unlocking the Nexus S bootloader and rooting it. It also guides you through the various tasks involved in the process, and IMO is a more noob-friendly alternative to my guide on manually rooting.
Disclaimer again: I take no responsibility if something goes wrong (if it does, it should be fixable though), Unlocking your bootloader voids your warranty (but you can lock it back), Unlocking the bootloader will wipe your entire phone, including USB Storage; so make a copy of all those family photos and other files you may have put onto the USB storage if you want to keep them.
The script should run fine on most configurations; if you have issues post them below. The script isn't very elegant, but it gets the job done. Pay attention to the terminal as you go through it and you should be fine.
Some Notes:
- OTA updates will not flash because the modified boot.img flashed in this script causes an MD5 mismatch. You should flash the latest OTA update before running this script, if you aren't already running the latest update.
- The latest OTA update, GRH78 (2.3.1) can be found with instructions on flashing here: http://forum.xda-developers.com/showthread.php?t=884097
- You do not need root to flash OTA updates.
How to run
1. Download the attached file and rename it to 'nsrootscript.sh'
2. Mark it as executable either by navigating to it, right-clicking it, Properties > Permissions tab, and checking 'Allow executing file as program', or running this command:
Code:
chmod +x /path-to-file-here/nsrootscript.sh
3. Double-click it and choose 'Run In Terminal' or use the command:
Code:
./path-to-file-here/nsrootscript.sh
4. Follow the instructions given in the script, and you should be rooted in no time.
Special Thanks
Koush; Developer of ClockworkMod Recovery and ROM Manager. Buy him a beer here: https://www.paypal.com/us/cgi-bin/w...63663d3faee8d9384d85353843a619606282818e091d0
Paul; Developer of Superboot. Help him raise money for Cancer Research and possibly win yourself a nice gadget here: http://android.modaco.com/content/charitable-projects/317387/10k-for-p10k-for-childhood-leukemia/
If you have any issues, concerns, or comments, feel free to leave them below.
I just looked through your script. Noticed it is using superboot boot.img's to root. You might want to put a note that this will probably prevent future OTA updates from flashing, since those boot.img's are modified and will get MD5 mismatches.
Luxferro said:
I just looked through your script. Noticed it is using superboot boot.img's to root. You might want to put a note that this will probably prevent future OTA updates from flashing, since those boot.img's are modified and will get MD5 mismatches.
Click to expand...
Click to collapse
Thanks for the heads up, I'll put that in the OP.
Thanks man, looking forward to getting and trying this out
works like a charm thank you very much!
I'm sorry but I just don't see the point it rooting a DEVELOPER phone? You open up lots of features that are not available to non root so therefore make developing useless as you will lose more than half your market! I understand if you are specifically making a root application but I'm sure most of you aren't!
[/Rant]
stothy862 said:
I'm sorry but I just don't see the point it rooting a DEVELOPER phone? You open up lots of features that are not available to non root so therefore make developing useless as you will lose more than half your market! I understand if you are specifically making a root application but I'm sure most of you aren't!
[/Rant]
Click to expand...
Click to collapse
Root isn't just of interest to developers. Root allows the end user to do many interesting things, a small set:
- Applying custom themes
- Blocking annoying ads
- Take screenshots
- Set CPU clock speeds / overclock for better performance, underclock for better battery life
- Replacing system apps / files (There are various reasons for this, one example is the modified MMS.apk floating around that fixes the blurry MMS issue)
- Flash custom ROMs which can offer performance increases, battery life increases and add useful features not found in stock (CyanogenMod is a good example)
-And there's a lot more, but it's 2 AM where I live, lol.
As for people that develop applications that require root, that's because what they do (blocking ads, theming, taking screenshots, etc.), well requires root. There's no way around that. And since root is obtainable on most Android devices without too much hassle, what's the harm in coding something to make people's Android experience a little better?

[Q] Could this actually work for our milestones (Q)

Could this possibly work for our milestones? (Just a question, beginner here)
http://www.phonedog.com/2011/01/20/why-is-motorola-continuing-to-lock-bootloaders/ :
Motorola made it extra difficult – for some – to do what they wanted in terms of software and loading ROMs. Some developers got smart about this though, and an application named Droid X Recovery Bootstrap (by Koush) popped up in Android Market. This application hijacked parts of the boot process and fooled the system into thinking everything was okay. In other words, it was a workaround for Motorola's sneaky and unwelcome software. Point being, no matter how hard a company works to prevent users from loading ROMs on their Android devices or jailbreaking their iPhones, developers find a way around it. Every time. Most people are fond of Motorola's nice build quality, but not everyone is a fan of MOTOBLUR; the same could be said of HTC and Sense UI. So why not give users a choice or at least assist them in making their phone what they want it to be?
Yes, but there is an easier way to boot into recovery.
It doesn't help us at all;
http://www.koushikdutta.com/2010/08/droid-x-recovery.html
So can we now install custom ROMs?
Yes, but you can't replace the kernel or boot image. But really, once you have access to /system, anything is possible. It will just take a little hackery.
Click to expand...
Click to collapse
we don't need tht to gain access to /system. we already got access to /system thts why u can see alot of custom mods downs here. which i think is much better compared to any others custom rom as alot of our dev's are pro's and really spent alot of time to make the mods almost perfect.
We are using similar way to boot custom ROMs on Milestone for some time already.
1. sh-hijack to take over the control during the early init phase (on init)
https://github.com/nadlabak/android_system_core/commit/6c27adb5b0e33f214c48ee2411a717f6343c81b8
(hacked sh will run /system/bin/sh_hijack.sh instead of /init_prep_keypad.sh)
2. 2nd-init run from sh-hijack script, to restart the init process with custom init.rc scripts in use
https://github.com/nadlabak/android_device_motorola_umts_sholes/blob/froyo/prebuilt/bin/sh_hijack.sh
(copy init scripts from /etc/rootfs to root and run 2nd-init)
https://github.com/nadlabak/android_device_motorola_umts_sholes/blob/froyo/prebuilt/bin/2nd-init.c
(restart init)

Got Semi-Root-- Is Anyone Still Full-Rooted?

Dear forum,
Long time no talk! I have been able to get "root" for our phones on G925VVRU4BOG7, which anyone can downgrade to. The catch is that even with /system mounted as rw, I am unable to write to it directly through most conventional means. (I can write to /data, though, which means i can patch dalvik-cache, which means my mods are coming ) However, I am able to still write to it using another, more complicated way (I can go into more detail for those interested), as a whole. Here's where you come in-- is anyone still full-rooted? If so, please message me as soon as possible! I may be able to have users who are on newer builds downgrade to older builds and get su properly installed, then manually upgrade back up to the later builds again!
If you are rooted still, all i'm going to have you do is perform this command:
Code:
su
dd if=/dev/block/platform/15570000.ufs/by-name/SYSTEM bs=4096 of=/sdcard/system.img
Then send me that system.img file on your sdcard! It'll be pretty big, so you can zip it or .7z (7-zip), whatever you'd like to do.
I will also need what build you are on. You can just send me your Build number within "Settings->About phone".
First one who does it gets credits on the official release thread i'll make, when I get a procedure down that people can follow!
Thanks!
-Trailblazer101
i have an s6 edge on 5.0.2 rooted. Would that be of help?
Did you get the system.img file? I really wish I could help you. I have this phone on 6.0.1 and stuck without root, but the thing is I really need the root because I bought it used, worked fine the first few days, then didn't get any signal (turns out that it was reported as stolen and of course the IMEI got blacklisted; I tried to contact the seller but he was gone, and his ebay account deleted, so basicly I'm stucked with a ' 5.1" tablet' . I got scammed :/ )
I would be very grateful if you could explain how did you get root on G925VVRU4BOG7 . I know that you want the file mentioned for creating some kind of universal root for the phone, but right now I'm kind of desperate and need root as soon as possible to fix my IMEI issue and I would follow your steps if you made a tutorial.
Thank you very much!
trailblazer101 said:
Dear forum,
Long time no talk! I have been able to get "root" for our phones on G925VVRU4BOG7, which anyone can downgrade to. The catch is that even with /system mounted as rw, I am unable to write to it directly through most conventional means. (I can write to /data, though, which means i can patch dalvik-cache, which means my mods are coming ) However, I am able to still write to it using another, more complicated way (I can go into more detail for those interested), as a whole. Here's where you come in-- is anyone still full-rooted? If so, please message me as soon as possible! I may be able to have users who are on newer builds downgrade to older builds and get su properly installed, then manually upgrade back up to the later builds again!
If you are rooted still, all i'm going to have you do is perform this command:
Code:
su
dd if=/dev/block/platform/15570000.ufs/by-name/SYSTEM bs=4096 of=/sdcard/system.img
Then send me that system.img file on your sdcard! It'll be pretty big, so you can zip it or .7z (7-zip), whatever you'd like to do.
I will also need what build you are on. You can just send me your Build number within "Settings->About phone".
First one who does it gets credits on the official release thread i'll make, when I get a procedure down that people can follow!
Thanks!
-Trailblazer101
Click to expand...
Click to collapse
I am currently running on A0E2 using your rooted rom for this phone. It runs great....except I tried flashing xposed framework using Flashfire and it of course failed...due to the fact that xposed only works on 5.1.1 or above...sucks we are in such a catch 22 with our devices...although I'm happy because I am still rooted.. Anyway...I set up ADB and entered that command you posted and it worked...I just don't know where the storage location of the system.img file is for me to transfer to my PC, 7zip, and send to you. Any help would be excellent....as I desperately want to run xposed framework on my device....but am stuck on 5.0.2
r0ckinb0i said:
I am currently running on A0E2 using your rooted rom for this phone. It runs great....except I tried flashing xposed framework using Flashfire and it of course failed...due to the fact that xposed only works on 5.1.1 or above...sucks we are in such a catch 22 with our devices...although I'm happy because I am still rooted.. Anyway...I set up ADB and entered that command you posted and it worked...I just don't know where the storage location of the system.img file is for me to transfer to my PC, 7zip, and send to you. Any help would be excellent....as I desperately want to run xposed framework on my device....but am stuck on 5.0.2
Click to expand...
Click to collapse
Looking at the last part of the command and if it ran successfully, it should be in /sdcard. Did you ever find it?
gabes100 said:
Looking at the last part of the command and if it ran successfully, it should be in /sdcard. Did you ever find it?
Click to expand...
Click to collapse
Thank you I found it...I'm new to command prompt although I am learning quickly. I found it. I just need to load it onto my computer and compress it so I can send it to Trailblazer. I will do that tomorrow night when I get back home.
I have the img on my computer. It is 4.3G. How do I get it to Trailblazer? Google Drive? EDIT: it is 4.58GB. I am uploading now to google drive, it will an hour
Hi Trailblazer,
Here is a link to system.img:
https :// drive google com / open?id=0B-j3XfGrnj9PbUdwaml5eERvbFU
I am too new to post links the correct way.
Are there any updates on this topic? When I first saw this thread last week, It got me thinking about what a Tethered Root (Temporary/Semi - Root) would still be capable of doing for those of us still on Official Firmware in this day and age.
And really it occurred to me at that moment, that if we could just attain a Root Shell even if it was only for 60 seconds to five minutes, that would be sufficient to get enough root information off of the phone and into a PC editable format.
I ask, because I am in the process of forming a method for the G925V 6.0.1 [PI2] Build. The problem I'm pretty sure I'm going to run into sooner or later in my experiments/research, is the fact that I am one of the few who have the 64GB Verizon S6 Edge. Technically speaking, my device refers to itself in Download/ODIN mode as a SM-G925VZKE model. This also means that my Stock .PIT file is going to be very different than most people's, also meaning my FSTAB configuration probably will be different.
Because there shouldn't be a reason I can't at least get a temporary Root Shell very soon.
So whats up with this? My wife has 6.0.1 on Verizon and I have international much better choice. Will we have root on this phone?
If you are currently on 6.0.1 on your Verizon device. It would serve you well for the time being to disable Automatic Security Updates.
Settings > Lock Screen and Security > Other Security Settings > Security Policy Updates
Turn OFF Automatic Updates, and Turn OFF Wi-Fi Only.
If you leave these on, any potential root option will be patched by Samsung/Google before you know it exists. Disable it for now so you can find an exploit for the build the device is on.
UPDATE:
So apparantly, I've had a rooted 6.0.1 PI2 device persistent through factory resets for over a week, but didn't realize just how much was achieved on my device! According to diagnostics.
I'm already started on writing up the combination of methods that the OP was walking into. Turns out it works up to the September patch too.
But lucky me and not you this time. I got my device essentially decommissioned because I ran my code too soon. But in the sweetest possible way after being so pissed when my tech coach said my warranty was void.
By the end of tomorrow night I should have a thread.
Anyone still working on this?
d0lph said:
Anyone still working on this?
Click to expand...
Click to collapse
Yes. Using the dirtycow vulnerability we've managed to get an arm64 version running that will indeed allow a root console on MM builds.
The last thing standing in the way, for at least a tethered root, is for someone to help me convert the script from the flashable zip version of the SuperSu installer into basically a batch script. Because the how-to guide ChainFire wrote in comments inside his installer script is kind of hard to read because it covers all the different versions of android in a tiny block of text and not every device sets up the same SELinux environment.
Not to mention, if I could get SuperSU to try and install itself as a System Application, it would probably work with what I have already. But for some reason I CANNOT find a single guide anywhere on how to perform a "System" Install of SuperSU, everyone wants to use the "Systemless" version, which is NOT going to work I believe.
We can manage booting the device in the event of DM-Verity Failure, when that happens with the 5.1.1 OG ENG Kernel, we can indeed mount "/system" as read/write, and we can indeed change the contents of the System partition that persist through a reboot.
I just need help setting Perms & Contexts. Because at one point in time, I DID actually manage to get SuperSU to give me a root shell instead of a user shell, but only on the ADB Command Line. In that test I could not get an application to start from the launcher and have Root Permissions.
Delgoth said:
Yes. Using the dirtycow vulnerability we've managed to get an arm64 version running that will indeed allow a root console on MM builds.
The last thing standing in the way, for at least a tethered root, is for someone to help me convert the script from the flashable zip version of the SuperSu installer into basically a batch script. Because the how-to guide ChainFire wrote in comments inside his installer script is kind of hard to read because it covers all the different versions of android in a tiny block of text and not every device sets up the same SELinux environment.
Not to mention, if I could get SuperSU to try and install itself as a System Application, it would probably work with what I have already. But for some reason I CANNOT find a single guide anywhere on how to perform a "System" Install of SuperSU, everyone wants to use the "Systemless" version, which is NOT going to work I believe.
We can manage booting the device in the event of DM-Verity Failure, when that happens with the 5.1.1 OG ENG Kernel, we can indeed mount "/system" as read/write, and we can indeed change the contents of the System partition that persist through a reboot.
I just need help setting Perms & Contexts. Because at one point in time, I DID actually manage to get SuperSU to give me a root shell instead of a user shell, but only on the ADB Command Line. In that test I could not get an application to start from the launcher and have Root Permissions.
Click to expand...
Click to collapse
Thank you for taking the time to still work on this. Subscribed. Following this to the T.
Rand0lph said:
Thank you for taking the time to still work on this. Subscribed. Following this to the T.
Click to expand...
Click to collapse
If you want to follow the complete story of what I just mentioned please follow and contribute to this thread: Injecting Root & Setting SELinux - End Stages?
This is the thread that contains the Greyhat Root console, first designed for the AT&T Galaxy Note 5. But that device uses the same Exynos7420 Mainboard as the Galaxy S6 Edge, so the project is still compatible.
I haven't kept the OP maintained as I should yes. But it is actually worth it to read that whole thread as @droidvoider went out of his way explaining some of his methods. I have a bit of R&D that isn't posted in that thread as well, if you can read up on the project. I'd be more than happy to share what I know with anyone wanting to help as long as they can catch up with what we have accomplished so far.
Look at some of the other threads I've started as well for the initial methods.
Delgoth said:
If you want to follow the complete story of what I just mentioned please follow and contribute to this thread: Injecting Root & Setting SELinux - End Stages?
This is the thread that contains the Greyhat Root console, first designed for the AT&T Galaxy Note 5. But that device uses the same Exynos7420 Mainboard as the Galaxy S6 Edge, so the project is still compatible.
I haven't kept the OP maintained as I should yes. But it is actually worth it to read that whole thread as @droidvoider went out of his way explaining some of his methods. I have a bit of R&D that isn't posted in that thread as well, if you can read up on the project. I'd be more than happy to share what I know with anyone wanting to help as long as they can catch up with what we have accomplished so far.
Look at some of the other threads I've started as well for the initial methods.
Click to expand...
Click to collapse
Sorry, I didn't even acknowledge this is for the EDGE S6. I have a regular Verizon S6.
Rand0lph said:
Sorry, I didn't even acknowledge this is for the EDGE S6. I have a regular Verizon S6.
Click to expand...
Click to collapse
I don't really think that matters as much for the thread I referred to.
I tested the Greyhat Root Console on my S7 Edge, and it worked as well using the September build.
The S6 Line plus the Note 5, all use the same System on a Chip.
If anything, there may be just a couple tweaks to make when compiling it using the NDK.

How to have a clean Android without any Google app? Install AOSP?

Hi everyone,
I have a Sony Z3 compact I just received, model D5803 running Android 6.0.1 with Firmware 23.5.A.0.575.
I really dislike Google and want to run a phone with the minimum of proprietary software (I guess blobs to communicate with the hardware are mandatory). I guess AOSP (any version, but a recent one would be better ) with F-Droid is a good solution.
Unfortunately when checking the sony website but it tells my the bootloader is not unlockable. What should I do? I'm running Ubuntu and have adb and fastboot installed.
I found [this topic](https://forum.xda-developers.com/z3-compact/general/recovery-root-mm-575-lb-t3418714) which tells it roots the phone (and has a GNU/Linux script) but how does that help me to install a Rom, for example the AOSP provided by Sony at /open-devices/list-of-devices-and-resources/ if the bootloader is still locked? What are TWRP and busybox, is that supposed to help?
Flaburgan said:
I found [this topic](https://forum.xda-developers.com/z3-compact/general/recovery-root-mm-575-lb-t3418714) which tells it roots the phone (and has a GNU/Linux script) but how does that help me to install a Rom, for example the AOSP provided by Sony at /open-devices/list-of-devices-and-resources/ if the bootloader is still locked? What are TWRP and busybox, is that supposed to help?
Click to expand...
Click to collapse
TWRP is a custom recovery that allows you to flash a ROM and other files, that are stored on the normal internal or external storage.
Busybox is a binary that gives you command line tools that are often included in a Linux install and some of which aren't included on normal Android. These are commands that other things may make use of, or that you can make use of at a terminal app or run from Tasker or similar app.
You want to look at backing up your TA partition, which stores your DRM keys, before unlocking the bootloader to install a custom ROM because some functionality, camera quality and anti-distortion, sound quality, and some other stuff which I don't remember, won't work if you go back to the stock ROM unless you have these keys backed up and then restored later. You need to unlock the bootloader in order to flash a custom ROM and doing this erases, permanently, these DRM keys, so they need to be backed up and then put back later if you relock the bootloader and flash a stock ROM.
If you look in the Original Development section, Jaguar Aries ROM has no Google Apps, had the latest patches up to Febuary, and had the best battery life of any custom ROM I've seen for this phone, right on par with stock. There are some builds of Lineage OS that are probably closer to being up to date as well and may have a better camera than Jaguar. The developer of Jaguar has moved on to another phone. That said, if you aren't experienced and don't know what TWRP is, then installing it is an extra step from other ROMs as well since it requires you to setup a firewall app to permit connections on data or wifi before you can use the wifi or data at all. I doubt Lineage OS has this, but presume that battery life would not be good.
Also, if you install microg apps, you can still use things such as cell and wifi based location, google push services, and ... I don't remember what else, however it hasn't been updated recently and many apps will complain and refuse to run saying that you need to update google play services, especially annoying for anything that uses push especially. Microg essentially sits in the place of where some functionality of Google Apps would and fills in some blanks.
When you don't have Google Apps installed, many paid apps will refuse to run as well, specifically the ones you paid for, because they can't verify the purchase with Google servers. There should be a **** list for any developers that don't cooperate when this is a problem for a user. I've only had one app developer help me on this, ever.
Thanks for your detailed answer!
You need to unlock the bootloader in order to flash a custom ROM and doing this erases, permanently, these DRM keys, so they need to be backed up and then put back later if you relock the bootloader and flash a stock ROM.
Click to expand...
Click to collapse
Does that mean that I can't use the DRM keys with another ROM? So I will never have the full quality of my hardware? Would using the AOSP rom provided by Sony solve that problem?
On which version of Android Jaguar Aries ROM is based? I searched for a lineageOS image but didn't find any for the Z3 Compact.
I had another z3c which died and was running Firefox OS, I'm fine with not having access to the Google Play store, I plan to install F-Droid and use only FOSS apps. In fact I would even prefer to go back to Firefox OS even if it is not maintained anymore, its UX is so much better than Android... That said, thanks for telling me about Microg, I didn't know it and that's true that many apps use Play services especially for push. Even Signal had that as a dependency (fortunately not anymore). Still, I would avoid any data coming out from my phone to by sent to Google servers, so I will probably avoid it.
Flaburgan said:
Thanks for your detailed answer!
Does that mean that I can't use the DRM keys with another ROM? So I will never have the full quality of my hardware? Would using the AOSP rom provided by Sony solve that problem?
On which version of Android Jaguar Aries ROM is based? I searched for a lineageOS image but didn't find any for the Z3 Compact.
I had another z3c which died and was running Firefox OS, I'm fine with not having access to the Google Play store, I plan to install F-Droid and use only FOSS apps. In fact I would even prefer to go back to Firefox OS even if it is not maintained anymore, its UX is so much better than Android... That said, thanks for telling me about Microg, I didn't know it and that's true that many apps use Play services especially for push. Even Signal had that as a dependency (fortunately not anymore). Still, I would avoid any data coming out from my phone to by sent to Google servers, so I will probably avoid it.
Click to expand...
Click to collapse
When you unlock the bootloader the DRM keys get erased permanently, so you'd need to root the phone and back up the partition where they are held before unlocking it. As far as I know, every custom ROM needs to have the bootloader unlocked. If there is an alternative way to install a ROM on a locked bootloader then it would be one of those scenarios where its installed while keeping the stock one, and I don't know if this has been done on the Z3c or not.
I also don't know if Sony's AOSP requires unlocking the bootloader or not.
Jaguar is based on 5.1.1
Its a mix of AOSP, Lineage, and was getting monthly backports of the latest security patches until Febuary when the developer no longer had a Z series phone for his own use. The only criticism it met was that the developer never released the source code for the entire ROM, just the kernel. He never replied to why that was. A lot of the custom ROMs out there are like this, so its still a case of who you choose to trust when it comes to this a lot of times. I liked it because the battery life was really good and assuming the security was what was advertised then that was also a real plus.
Many apps, by the way, were working fine with microg push but then with updates to apps, they complained about needing to update google services framework, which obviously was spoofed and microg hasn't been updated, and it happened to a lot of apps in a short period of time, so I assume there was a change enforced by Google for their requirements in the Play Store. If you just want it for location, for example if you use Osmand maps, then you don't have to enable the feature for push notifications nor have a google account associated with the phone, and it all works as user installed apps, so it can be undone without any real fear of the system getting modified after you try it out. There's a microg repo that can be added to fdroid. The location is based on either databases you download to the phone, which aren't very good, or also you can opt for cell location from Mozilla servers, and if you have to have wifi based location as well then you can hook into the Apple servers but the latter doesn't sound like something you want, if you want to do any of it at all that is.
I think most likely that GPS location would work without any need for microg.
The post you linked to with the Linux script installs TWRP to the /data partition, then you root it, then you back up the DRM keys after its rooted, then unlock the bootloader, install normal TWRP, and go from there. In Linux you'lle want to use the dd command to back up the DRM keys as all that's available on the forum is a Windows script (I think). There is info on it somewhere but it would be hard to find it. If you search my posts the thread will come up somewhere in the history. Anyway, the reason I broght this up is because the script in the thread for installing TWRP and rooting didn't work properly. I don't remember why, but I had to go through it line by line and enter the commands in from a termnial to get it right, I think there was some bad syntax. If you can't figure it out, quote one of my posts and ask, that way I get a notification that I was replied to, I think I have a fixed version of it on my drive somewhere if it causes a problem.
For the DRM keys you want to backup the TA partition bit for bit to a file. I backed up my Fota partition as well as I was unclear what role it plays. You also want to keep a copy of that particular Sony ROM file, and the two kernels involved, to flash with Flashtool in case you relock and restore so you can get root access to restore the partition while the bootloader is locked again.
May I ask why are you going FOSS only? if that's because privacy concerns, then FF OS is not the best solution... Because any Cloud-based OS is a little bit creepy, doesn't matter if it's ChromeOS from Google, or FirefoxOS from Mozilla.
There are plenty of Linux distros dedicated to run on Android phones, but it's not the best UX.
And yes, you can enjoy clean AOSP install (LOS is fine) without flashing G-Apps. But you won't have Google play at all! F-Droid is fine but you won't find there Gmail alternatives, you can't find Gmail even on Amazon AppStore... Sadly if you install Gmail then you'll find out that it installed bunch of google apps and hidden services behind the scenes... So only option is to use Gmail web app.
But then again, F-Droid is fine, there are many FOSS alternatives to youtube and other apps.
And if privacy (and security) is your concern, use LOS privacy guard / Android's builtin Permission Manager, and on Rooted ROMs you can use AFwall firewall which is the best.
Good luck
GadgetAvi said:
Because any Cloud-based OS is a little bit creepy, doesn't matter if it's ChromeOS from Google, or FirefoxOS from Mozilla.
Click to expand...
Click to collapse
Firefox OS is not a Cloud-based OS at all. It runs perfectly without internet connection.
GadgetAvi said:
F-Droid is fine but you won't find there Gmail alternatives, you can't find Gmail even on Amazon AppStore...
Click to expand...
Click to collapse
Be sure that if I don't want Google on my phone, my e-mails are already **not** on GMail...
Ok, if so, then you'll be fine with any AOSP clean rom. LOS is great, and F-Droid as well. Cheers!
PantsDownJedi said:
The post you linked to with the Linux script installs TWRP to the /data partition, then you root it, then you back up the DRM keys after its rooted, then unlock the bootloader, install normal TWRP, and go from there. In Linux you'lle want to use the dd command to back up the DRM keys as all that's available on the forum is a Windows script (I think).
Click to expand...
Click to collapse
I ran the commands and the phone is now booted on TWRP from the /data partition. I did a backup with TWRP of all proposed options (Boot, TrimArea, Recovery, System, Cache and Data). Is that "TrimArea" enough to have a backup of the DRM keys? The other topic talks about Backup-TA but looking at their github https://github.com/DevShaft/Backup-TA/releases it looks very old and unmaintained.
The current TWRP I'm running is 3.1.0-0.
Also, it looks like I'm not root (at least, su is not available). Do I have to install SuperSu by giving this zip https://download.chainfire.eu/696/supersu/ to TWRP?
Flaburgan said:
I ran the commands and the phone is now booted on TWRP from the /data partition. I did a backup with TWRP of all proposed options (Boot, TrimArea, Recovery, System, Cache and Data). Is that "TrimArea" enough to have a backup of the DRM keys? The other topic talks about Backup-TA but looking at their github https://github.com/DevShaft/Backup-TA/releases it looks very old and unmaintained.
The current TWRP I'm running is 3.1.0-0.
Click to expand...
Click to collapse
I don't know. I haven't looked at a TWRP backup to see what format it is. Back when Clockwork Mod was all that was available, it merely made a tar.gz of partitions. Ideally you want a bit for bit image of the TA partitions to make sure it was exactly what it was when you restore it. I don't know if that's necisarry, or if TWRP does this anyway, but using the dd command is still prudent.
You want to either use a terminal emulator app or run 'adb shell' at a linux terminal (much easier), run 'su' once in the phone environment, allow it at the phone supersu app popup, and then do it like this.
https://forum.xda-developers.com/showpost.php?p=61307511&postcount=6
And store a copy of the image file where it won't get lost.
Edit: Sorry, I didn't see the other post. Yes, you need to flash that supersu zip file. When you try to access root from an app or the command line, it will have a popup on the phone screen asking you if you want to allow access or not, so when you run it from a terminal, 'adb shell' to get into the phone OS, there will be a popup for allowing that often times. Then 'su' there's a popup from the supersu app you just flashed. Then 'cd' to the sdcard or external sd. Then the 'dd' command. The dd command in what I linked to is inevitbaly what all those .bat files in the Windows TA Backup thing does after it does a bit of looking around to find the TA partition for a particular phone model.
The md5sum part of what I linked to compares the partitionn itself to the image file you just wrote, you just look at it to see that there are two of them (that it didn't fail) and that they are the same.
The last part pulls the image file to the hard drive, but there are other ways to accomplish this obviously. If you have a cloud storage you can upload it there, or send it as an email attahment, put it on the external sd, etc etc.
Also, in many cases, once you unlock the bootloader to flash something else, you'lle need to install TWRP again from the command line, pushing it straight to a phone partition. You'lle need help with this if you haven't done it before.

Categories

Resources