I've rooted and froze everything Knox related yet SELinux switches back to enforcing no matter what I do. Suggestions?
mascondante said:
I've rooted and froze everything Knox related yet SELinux switches back to enforcing no matter what I do. Suggestions?
Click to expand...
Click to collapse
We would need a custom kernel to set it to permissive. For that, we'd need an unlocked bootloader.
Should all Knox app be frozen, what are the pros and cons?
Related
So i just finished the process of rooting my s2 tablet 810 5.1.1 and every time i reboot or turn the phone on and off i notice a message that says
"Kernel is not seandroid enforcing
set warranty bit: kernel"
Ive done some google searches and i would like to think its normal becuase i read in a thread that this is because of the knox trip.
however i also see threads dedicatied on how to resolve this "issue"
As some of you guys might already know if the version is 5.1.1, then you need a kernel to load during the process of root.
when i attempted to root the first time the kernel boot did not restart my tablet for me, so i manually restarted even though the option was set to auto-reset.
I now believe the process was incomplete because the tablet entered a boot loop after i ran the auto-root file. (Failed 1st attemp)
Second attempt i ran the kernel file and then the tablet rebooted successful, howver THIS is when the "Kernel is not seandroid enforcing set warranty bit: kernel"
is something wrong or is all good? gonna check if i have root after this post.
SIDE QUESTION
in the thread of the guy who posted about how to root he mentions how to put a custom recovery. Is that mandatory? or can i do this later when i want to install a custom ROM?
will post agian if anything important comes up after i check if ROOT
Okay so something interesting did come up. It seems i am rooted, however i keep getting a notification that an unauthorized action haas been taken and i must click on a restart to undo the changes that have been done.
its kind of annoying because it keeps popping up. I assumw this is the knox security.
there is an option for "sperate work and play" where i can install knox app in a safe and isolated space. what is this?
should i just ignore this poppup ? or is there a way to get rid of it?
someone to talk to would be nice right now .
This is because your kernel was modified to be permissive in order to root your tablet.
Installing a custom recovery is a must and one of the main reasons of a rooted device, it will give you the possibility of making/restoring backups, installing apps and ROMs between other stuff.
The anoying pop-up can be disabled by freezing/uninstalling SecurityLogAgent
Sent from my SM-T810 using Tapatalk
danyvw said:
This is because your kernel was modified to be permissive in order to root your tablet.
Installing a custom recovery is a must and one of the main reasons of a rooted device, it will give you the possibility of making/restoring backups, installing apps and ROMs between other stuff.
The anoying pop-up can be disabled by freezing/uninstalling SecurityLogAgent
Sent from my SM-T810 using Tapatalk
Click to expand...
Click to collapse
I understand what a custom recovery does, ive had it on my two previous phones and have tried TWRP and CW.
however i only installed them because i wanted to flash a custom rom on those two phones. With my s2 tablet im looking to just stay with root for now, that is why i am asking if the custom recovery is a must? because i dont see any use for it if i am just going to keep my tablet rooted and not flash any roms yet
also any idea on how to get rid of that pop up in notification saying i must click the restart to undo the changes that have been made
danyvw said:
This is because your kernel was modified to be permissive in order to root your tablet.
Installing a custom recovery is a must and one of the main reasons of a rooted device, it will give you the possibility of making/restoring backups, installing apps and ROMs between other stuff.
The anoying pop-up can be disabled by freezing/uninstalling SecurityLogAgent
Sent from my SM-T810 using Tapatalk
Click to expand...
Click to collapse
Originally I said I froze and unistalled SecurityLogAgent, however I did not. So I did it now. I will report back if I go error free.
Thank you!
I am having this same issue. I have twrp recovery installed, I have disabled/unistalled everything with knox security symbol . I continue to get this error. I have wiped everything and started fresh and cannot get rid of this error. The second problem i am having, I cannot reinstall those apps with TB, I tried each of them and I even let it set overnight while I slept and it was still going when I woke up.....
1. How can I get rid of this error?
2. If I can't how can i get tb to reinstall knox or can I unroot without having these reinstalled?
this is everything I have froze, backed up, and unistalled
BBCAgent 2.0
com.samsung.android.bbc.fileprovider
com.samsung.knox.kss
com.sec.knox.containeragent2
com.sec.knox.packagegeverifier
com.sec.knox.sortcutsms
com.sec.knox.switcher
KLMS Agent 2.5.312
KNOX 2.3.0
KNOX II 2.3.0
KNOX SetupWizardClient 2.3.0
KnoxFolderContainer2.4.0
Getting rid of all Knox apps is good when you are rooted but the anoying pop-up comes from SecurityLogAgent app and not from Knox apps, as soon as you freeze or uninstall it the message will stop.
Sent from my SM-T810 using Tapatalk
Hey i got problem with my nexus 6 newest pure nexus and blackbird kernel installed with NO root.
And iam getting message "unable to authenticate", also safetynet shows me the red message i dont know why.
Do you know what can i do with that?
Safety net now fails if your boot loader is unlocked. You need to root with magisk
You don't need to root... A custom kernel can hide the unlocked bootloader. No idea if Blackbird does that. Blackbird, IIRC, though is permissive by default and that will also trigger SafetyNet.
With franco works, but blackbird is smooth as ****
Yeah. Franco hides the unlocked bootloader state and doesn't mess with SELinux.
Have you tried changing Blackbird to enforcing? If you really want to use it, that is...
siorek11 said:
With franco works, but blackbird is smooth as ****
Click to expand...
Click to collapse
have you gone into developer option and turned off usb-debugging? If not do that and reboot and try to go into Pokemon go again. I have managed to get it work with Magisk but haven't tried without root at all. Try turning off usb-debugging and let us know if that worked.
I need it for V4A and some other stuff I tried several things such as terminal emulator, SELinux mode changer etc. nothing worked I don't want to flash kernel or ROM do I have any options to get it on stock nougat ? I have N920C device by the way. Thanks in advance...
Jaqen Hghar said:
I need it for V4A and some other stuff I tried several things such as terminal emulator, SELinux mode changer etc. nothing worked I don't want to flash kernel or ROM do I have any options to get it on stock nougat ? I have N920C device by the way. Thanks in advance...
Click to expand...
Click to collapse
Install busybox(from google play) and use this Arise zip: https://androidfilehost.com/?fid=457095661767141554
If you only want Viper, select it and skip the others. There is an option to set the policy as Permissive, select it too. It ''may'' work. You havent mentioned that your device is rooted or not. Viper as I know works on rooted devices.
Kalisfura1001 said:
Install busybox(from google play) and use this Arise zip: https://androidfilehost.com/?fid=457095661767141554
If you only want Viper, select it and skip the others. There is an option to set the policy as Permissive, select it too. It ''may'' work. You havent mentioned that your device is rooted or not. Viper as I know works on rooted devices.
Click to expand...
Click to collapse
Of course it's rooted but I already tried something else and it's worked I flashed the NForce kernel and it's already permissive
So im trying to root the stock s7 boot.img (G935U) and so far I've gotten Xposed, Dolby, and a ton of build.prop tweaks. So I obviously disabled all the Knox and TIMA stuff, as well as kap and Selinux.
Now, after flashing eng boot, and running the root.bat (system root, not systemless like usual) it is rooted. Then I flash stock boot.img and all the apps are present, and in SuperSU is says that the SU binary is occupied.
I pulled a logcat and it was a SELinux issue, SELinux being set to Enforcing seems to be preventing root and scripts to run.
So, my question... With Xposed being fully functional, is there any way to set SELinux to permissive with ONLY Xposed, no root?
Thanks for reading, awaiting a response
Edit: Forgot this isn't an s7 thread.... Whoops. So let me clerify the eng boot:
The eng boot is what we use to root, it's insecure and adb is insecure, and dm verity is disabled (aside from custom images like twrp, the eng boot is still signed by Sammy) and with it being insecure and no dm verity, we can do about anything we want. Dope right? Well, aside from the horrendous lag and crappy battery life, hence my efforts towards root on stock.
Craz Basics said:
...So, my question... With Xposed being fully functional, is there any way to set SELinux to permissive with ONLY Xposed, no root?
Click to expand...
Click to collapse
From what I know, xposed is more "system-mod-inject", so simple script like selinux changer are not made for xposed, instead they are for magisk.
Just asking: since supersu is slowly dying and magisk growing, why not try with Magisk, which adds/replaces things systemlessly?
I found a guide for your phone: here
Not sure if there is a better method now, but then you will be able to install useful magisk modules + xposed systemless with other useful modules, everything easy to remove or update.
So, no need to set permissive for root. Just saying.
TENN3R said:
From what I know, xposed is more "system-mod-inject", so simple script like selinux changer are not made for xposed, instead they are for magisk.
Just asking: since supersu is slowly dying and magisk growing, why not try with Magisk, which adds/replaces things systemlessly?
I found a guide for your phone: here
Not sure if there is a better method now, but then you will be able to install useful magisk modules + xposed systemless with other useful modules, everything easy to remove or update.
So, no need to set permissive for root. Just saying.
Click to expand...
Click to collapse
I would definitely try Magisk, but I'm unable to. First and foremost, I don't have the Exynos variant so my bootloader isn't unlockable.
Because of that, I can't flash custom boot/recovery imgs. Magisk modifies the boot.img. I'm able to do some system mods because of a dm-verity "spoof" where it allows system mods on stock. I use eng to flash everything and then flash stock boot again.
Thanks for the reply though
May I know if this is normal?
Preserve Force Encryption is always checked & i cannot Set Linux to Permissive
Please see attachment for reference
aoshi62 said:
May I know if this is normal?
Preserve Force Encryption is always checked & i cannot Set Linux to Permissive
Please see attachment for reference
Click to expand...
Click to collapse
You can't set SELinux to permissive because of the Kernel from the Stock ROM B360.
If you want SELinux on permissive you have to flash another Kernel, But if you think after that
you will install viper4android successfully, you are wrong.
I tried, I flashed another kernel, this one:
https://forum.xda-developers.com/p10-plus/development/kernel-hyperplus-kernel-oreo-t3753128
can now get busybox working, but the driver for viper4android will still not install/load.
MyPhone: VTR-L29c636 dual sim on Oreo 8.0 B360