Database Develop

[MODULE] App Systemizer for Magisk v9-v14 -- DEPRECATED

Instead of including the third party APK files in the magisk modules/repo, this module, developed by @loserskater and me, systemizes user-installed apps systemlessly thru magisk. Another benefit of systemizing the user-installed apps is that if you uninstall magisk, your settings for the apps will be retained. If you originally install any of the apps above thru an app-specific magisk module (like Pixel Launcher magisk module for example), then when magisk is uninstalled or disabled, app settings will be gone.
If you're on Oreo ROM, you will need this add-on developed by @yochananmarqos: https://forum.xda-developers.com/apps/magisk/module-privileged-permission-whitelist-t3670646
This module requires installation from Magisk Manager, not recovery.
This module might lead to your device stuck on logo or booting to recovery, I gather it might be a kernel issue -- the closer you're to stock firmware/kernel the more likely it is to work. If it fails, try the "Terminal App Systemizer" instead.
Important links:
README
AppSystemizer commits
Companion app commits
NOW IN OFFICIAL MAGISK REPO!
11.0.6: This is the last "classic/simple" version I could get from github, (11.0.6) which might fail on the larger APKs but doesn't include magisk partition resizing code which might cause problems. It also does NOT include a companion app.
12.0.5: This is the latest "stable" version with the companion app. Based on pre-"magisk 13" template (version 3), but seems to work with magisk 13.
14.0.0: This is the 12.0.5 version migrated to 1400 template (released with magisk 14). Not tested by me, so use at your own risk (but please post back wherever it does/does not work).
The source code (with history) is available here if anyone wants to continue development: https://github.com/stangri/AppSystemizer

So since the new apk for Pixel Launcher is available and it has a different signature than previously leaked apk files, here's the list of steps you need to take to replace your Pixel Launcher if used with this module:
1. Go to Magisk Manager and delete (or disable) the App Systemizer module.
2. Reboot.
3. After step 2 your Pixel Launcher should no longer be a system app and you should be able to uninstall old Pixel Launcher -- do so (with your favourite root uninstall app or thru System Settings -> Apps -> Pixel Launcher -> Uninstall).
4. Install the new Pixel Launcher.
5. Add again (or reactivate) the App Systemizer module.
6. Reboot TWICE.
7. The new Pixel Launcher should be active and working as a system app now.

ForceDoze

Playe said:
ForceDoze
Click to expand...
Click to collapse
Please try the attached ZIP after you have installed the app from the play store and remember to reboot twice. Post back if it works and why do you need it to be a system app.

Does this essentially make it a system app without it actually being in the system, or am I not understanding this correctly?
Sent from my Nexus 6 using XDA-Developers mobile app

pnwsr6 said:
Does this essentially make it a system app without it actually being in the system?
Click to expand...
Click to collapse
Precisely, it makes the user-installed app a system app without actually modifying the /system partition.

Can it support Cerberus anti-theft?
Sent from my Nexus 6 using XDA-Developers mobile app

pnwsr6 said:
Can it support Cerberus anti-theft?
Click to expand...
Click to collapse
It sure can, I'm not sure if the "magiskized" Cerberus would survive data reset tho. Can you try it out please? Just make sure to reboot TWICE after installing the attached module before the big reset.

OK. It will be this weekend before I can get to it. Doing all the research and downloading ahead of time. Figured I would try some of this systemless stuff out before upgrading to far. Not upgrading to N yet but is this systemmless stuff seem to be working OK with N?
Sent from my Nexus 6 using XDA-Developers mobile app

pnwsr6 said:
OK. It will be this weekend before I can get to it. Doing all the research and downloading ahead of time. Figured I would try some of this systemless stuff out before upgrading to far. Not upgrading to N yet but is this systemmless stuff seem to be working OK with N?
Click to expand...
Click to collapse
Smart move. Yeah, no major issues on Nexus 6 and released Nougat. DP5 was draining my battery, but that seems to have been fixed in the release build. There seems to be a problem with magisk CACHE modules (they don't install on Nexus 6) but these are far and few between.
BTW, OTAs which affect the boot partition will kill magiskized Cerberus until you reflash magisk.

stangri said:
Smart move. Yeah, no major issues on Nexus 6 and released Nougat. DP5 was draining my battery, but that seems to have been fixed in the release build. There seems to be a problem with magisk CACHE modules (they don't install on Nexus 6) but these are far and few between.
BTW, OTAs which affect the boot partition will kill magiskized Cerberus until you reflash magisk.
Click to expand...
Click to collapse
Should this make Cerberus show up as a system app in something like Titanium backup? I can't get Cerberus to turn on gps like it would if it was installed as a system app. Shouldn't this allow it to behave like a system app or am I wishing for to much?
FYI
I had Cerberus installed first
Ran the zip file in Magisk
rebooted after install
rebooted again
logged into my Cerberus Dashboard and tried to track my phone and it will not turn on my gps like it will if installed into the system
If this is a limitation that can't be avoided I understand. If I did something wrong or can try something else let me know. Also I did this on my nexus 6 running N. Supersu seems to work and Adaway is installed and seems to be working so far. Latest twrp is also installed, everything is systemless so far. Thanks for your time

pnwsr6 said:
Should this make Cerberus show up as a system app in something like Titanium backup? I can't get Cerberus to turn on gps like it would if it was installed as a system app. Shouldn't this allow it to behave like a system app or am I wishing for to much?
FYI
I had Cerberus installed first
Ran the zip file in Magisk
rebooted after install
rebooted again
logged into my Cerberus Dashboard and tried to track my phone and it will not turn on my gps like it will if installed into the system
If this is a limitation that can't be avoided I understand. If I did something wrong or can try something else let me know. Also I did this on my nexus 6 running N. Supersu seems to work and Adaway is installed and seems to be working so far. Latest twrp is also installed, everything is systemless so far. Thanks for your time
Click to expand...
Click to collapse
If you have a file manager which can browse system partition, can you verify that there's a folder /system/priv-app/CerberusAntiTheft and its permissions are the same as the other folders in /system/priv-app? If it's there and still Cerberus doesn't behave like a proper system app then I don't know what's wrong.
PS. I believe installing twrp prevents OTAs from being installed so kinda contradicts the whole systemless concept. I only boot twrp thru fastboot when needed (usually just once to install magisk/phh root).

stangri said:
If you have a file manager which can browse system partition, can you verify that there's a folder /system/priv-app/CerberusAntiTheft and its permissions are the same as the other folders in /system/priv-app? If it's there and still Cerberus doesn't behave like a proper system app then I don't know what's wrong.
PS. I believe installing twrp prevents OTAs from being installed so kinda contradicts the whole systemless concept. I only boot twrp thru fastboot when needed (usually just once to install magisk/phh root).
Click to expand...
Click to collapse
Do not see it.
Sent from my Nexus 6 using XDA-Developers mobile app

pnwsr6 said:
Do not see it.
Click to expand...
Click to collapse
That's weird, but now we found the reason Cerberus is not working as expected.
Can you please check if the following exist:
/magisk/AppSystemizer/system/priv-app/CerberusAntiTheft
/data/app/com.lsdroid.cerberus* (could be -1, -2, etc).
If there's no /data/app/com.lsdroid.cerberus* -- my module couldn't find the installed Cerberus. Can you find out what canonical package ID did they use then?

stangri said:
That's weird, but now we found the reason Cerberus is not working as expected.
Can you please check if the following exist:
/magisk/AppSystemizer/system/priv-app/CerberusAntiTheft
/data/app/com.lsdroid.cerberus* (could be -1, -2, etc).
If there's no /data/app/com.lsdroid.cerberus* -- my module couldn't find the installed Cerberus. Can you find out what canonical package ID did they use then?
Click to expand...
Click to collapse
So I found /magisk/AppSystemizer but no more folders after that. So /system/priv-app/CerberusAntiTheft is missing.
/data/app/com.Isdroid.cerberus-1 directory exists and has the lib and oat directories plus the base.a pk in it. Forgive my lack of knowledge on this but how do I find the canonical package ID?
Sent from my Nexus 6 using XDA-Developers mobile app

Ok, I sincerely hope you just grabbed the attachment from the first post (which I posted before I added Cerberus support) and not from my reply to you down in the thread. Was the ZIP file you installed named AppSystemizer.zip or AppSystemizer-Cerberus.zip?
I still don't want to update the original attachment, so could you please add the ZIP attached to this reply to magisk and then reboot twice.
PS. If you're reading this on mobile, I don't know how the attachments show up for you, but you need the most recent AppSystemizer-Cerberus.zip file from this thread.

OK, so I deleted the old zip, it was AppSystemizer-Cerberus.zip, and removed the module. Rebooted and verified that it was removed from the magisk directory, rebooted one more time, then installed the zip you just posted for me. Rebooted twice. Went through and looked for the directories you had me looking for earlier, and they are still not there. Let me know what else I can do.
Sent from my Nexus 6 using XDA-Developers mobile app

pnwsr6 said:
OK, so I deleted the old zip, it was AppSystemizer-Cerberus.zip, and removed the module. Rebooted and verified that it was removed from the magisk directory, rebooted one more time, then installed the zip you just posted for me. Rebooted twice. Went through and looked for the directories you had me looking for earlier, and they are still not there. Let me know what else I can do.
Click to expand...
Click to collapse
Just installed Cerberus app and got it converted to systemless with the module.
Can you PM me (or post here) the magisk log?
PS. Does magisk have root access?

stangri said:
Just installed Cerberus app and got it converted to systemless with the module.
Can you PM me (or post here) the magisk log?
PS. Does magisk have root access?
Click to expand...
Click to collapse
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Magisk has root access. Or at least I get the toast notification saying it was granted and it shows up in the SuperSU logs. I'm sure I have done something wrong, or something didn't install correctly. Just not sure what.
Sent from my Nexus 6 using XDA-Developers mobile app

pnwsr6 said:
I'm sure I have done something wrong, or something didn't install correctly. Just not sure what.
Click to expand...
Click to collapse
I'm sure it's just MM vs N difference and nothing you didn't do. Thanks for sticking by. Can you please try replacing the module with the attached AppSystemizer-debug.zip, rebooting and posting/PMing the log. This version should print stuff to the magisk log file helping me figure out what's going on.
PS. No need to uninstall existing module, just add this ZIP over the old one.

[2017.10.01] suhide-lite v1.09 [EXPERIMENTAL/UNSUPPORTED]

suhide-lite is an experimental (and officially unsupported) mod for SuperSU that can selectively hide root (the su binary) from other applications. It can also toggle visibility of packages (such as SuperSU).
SafetyNet verified passing on 2017.08.10.
This is ultimately a losing game (see the next post). suhide may stop working at any time.
Requirements
- SuperSU v2.82 SR2 or newer (link)
- SuperSU installed in SBIN mode (default on O+)
- Android 6.0 or newer
- TWRP (3.0.2 or newer with access to /data), FlashFire is not (yet) supported.
Xposed
Not supported.
CyanogenMod/LineageOS
Not currently tested or supported. Might work, might not.
Custom kernels/ROMs
If they changed build props, they will probably fail SafetyNet check (for now).
Installation
First make sure you are using SuperSU in SBIN mode on Android 6.x and 7.x
- Boot into TWRP
--- adb shell: echo "BINDSBIN=true">/data/.supersu
--- OR: flash SuperSU Config and select Systemless SBIN mode
- Reflash SuperSU v2.82 SR2 or newer
- Reboot into Android at least once
With SuperSU in SBIN mode
- Flash the suhide ZIP in TWRP
- Reboot into Android
If your TWRP does not fully decrypt /data, reflashing the SuperSU ZIP and immediately flashing the suhide ZIP without rebooting in between may sometimes allow suhide to be installed as well where it would otherwise throw an error.
Usage
The suhide GUI available from your app drawer should be fairly self-explanatory. The About tab lists further instructions.
Advanced usage
You can manually add/remove/list entries to suhide's blacklist by using these commands:
/sbin/supersu/suhide/add UID-or-processname
/sbin/supersu/suhide/rm UID-or-processname
/sbin/supersu/suhide/list
App package names are usually the same as the process name, but not always. Using the UID is safer. You can find the UID by running 'ps -n' (6.x/7.x) or 'ps -An' (8.x). The UID is the first column, and is a 5-digit number starting with 10: 10xxx.
Uninstall
Remove /data/adb/su/suhide folder in TWRP's file manager. You can uninstall the suhide app through Android's settings.
Download
UPDATE-suhide-v1.09-20171001222116.zip
In case that bootloops, try the old v1.00 version, and let me know your device and firmware:
UPDATE-suhide-v1.00-20170809130405.zip
Sauce @ https://github.com/Chainfire/suhide-lite

Hiding root: a losing game - rant du jour
Quoting myself from the OP of the old suhide thread:
Chainfire said:
Most apps that detect root fall into the payment, banking/investing, corporate security, or (anit cheating) gaming category.
While a lot of apps have their custom root detection routines, with the introduction of SafetyNet the situation for power users has become worse, as developers of those apps can now use a single API to check if the device is not obviously compromised.
SafetyNet is of course developed by Google, which means they can do some tricks that others may not be able to easily do, as they have better platform access and control. In its current incarnation, ultimately the detection routines still run as an unprivileged user and do not yet use information from expected-to-be-secure components such as the bootloader or TPM. In other words, even though they have slightly more access than a 3rd party app, they still have less access than a root app does.
Following from this is that as long as there is someone who is willing to put in the time and effort - and this can become very complex and time consuming very quickly - and SafetyNet keeps their detection routines in the same class, there will in theory always be a way to beat these detections.
While reading that may initially make some of you rejoice, this is in truth a bad thing. As an Android security engineer in Google's employ has stated, they need to "make sure that Android Pay is running on a device that has a well documented set of API’s and a well understood security model".
The problem is that with a rooted device, it is ultimately not possible to guarantee said security model with the current class of SafetyNet tamper detection routines. The cat and mouse game currently being played out - SafetyNet detecting root, someone bypassing it, SafetyNet detecting it again, repeat - only serves to emphasize this point. The more we push this, the more obvious this becomes to all players involved, and the quicker SafetyNet (and similar solutions) will grow beyond their current limitations.
Ultimately, information will be provided and verified by bootloaders/TrustZone/SecureBoot/TIMA/TEE/TPM etc. (Samsung is already doing this with their KNOX/TIMA solutions). Parts of the device we cannot easily reach or patch, and thus there will come a time when these detection bypasses may no longer viable. This will happen regardless of our efforts, as you can be sure malware authors are working on this as well. What we power-users do may well influence the time-frame, however. If a bypass attains critical mass, it will be patched quickly.
More security requires more locking down. Ultimately these security features are about money - unbelievably large amounts of money. This while our precious unlocked bootloaders and root solutions are more of a developer and enthusiast thing. While we're all generally fond of shaking our fists at the likes of Google, Samsung, HTC, etc, it should be noted that there are people in all these companies actively lobbying to keep unlocked/unlockable devices available for us to play with, with the only limitation being that some financial/corporate stuff may not work if we play too hard.
It would be much easier (and safer from their perspective) for all these parties to simply plug that hole and fully lock down the platform (beyond 3rd party apps using only the normal APIs). Bypassing root checks en masse is nothing less than poking the bear.
Nevertheless, users want to hide their roots (so do malware authors...) and at least this implementation of suhide is a simple one. I still think it's a bad idea to do it. Then again, I think it's a bad idea to do anything financial related on Android smartphone that isn't completely clean, but that's just me.
Note that I have intentionally left out any debate on whether SafetyNet/AndroidPay/etc need to be this perfectly secure (most people do their banking on virus ridden Windows installations after all), who should get to decide which risk is worth taking, or even if Google and cohorts would be able to design the systems more robustly so the main app processor would not need to be trusted at all. (the latter could be done for Android Pay, but wouldn't necessarily solve anything for Random Banking App). While those are very interesting discussion points, ultimately it is Google who decides how they want this system to work, regardless of our opinions on the matter - and they want to secure it.
Click to expand...
Click to collapse
I still stand behind this statement I made a year ago.
I will add to this another concern that I've posted before: on the A/B layout devices such as the Google Pixel (XL), it is possible to detect the device is rooted with a handful of lines of code, and I do not see any way to beat this detection aside from custom kernels. As soon as this detection is added to SafetyNet, it is pretty much game over. Frankly I'm surprised it hasn't been added yet.

The new suhide-lite vs the old suhide
The old suhide was completely different under the hood. It proxied zygote and created two different process trees for the real zygote and descendants (apps), one with root and one without, and multiplexed app instantiation calls between them. The new suhide-lite uses a completely different mechanism to achieve a similar outcome (some apps with and some apps without root).
One thing the old suhide had and the new suhide-lite version does not, is full binder interception. It could listen to and change most API calls and responses between apps and the Android system dynamically. While this may not sound like a big deal to some, from a malware-perspective this is almost a holy-grail class hack. suhide only used it to hide application packages (such as SuperSU) from apps selectively, so for example the launcher could still find it, but to some games it was completely invisible.
The binder interception code was the part that really interested me and the desire to get that working was the driving force behind the old suhide implementation. The security measures in Android's November 2016 security update blocked the old mechanism and with it the binder interceptor. Of course, I have actually written the code to bypass those (naive) protections in turn, but since that implementation of suhide was possible to detect in other ways, I kept that patch private. It may still prove useful in other projects, so it didn't make any sense to burn those work-arounds.
It may be possible to port the interceptor to the new mechanism, but it would be a lot of work and I don't think I'll be doing it any time soon, if ever. The lack of this intercepter is what makes the new suhide lite. The new suhide is able to hide packages such as SuperSU from other apps and games, but it does so via a toggle mechanism (3x alternating volup/voldown) that hides and unhides them, rather than handling the whole thing transparently.

Changelogs
2017.10.01 - v1.09
- Remove ODM and OEM mounts
- Setpropex: set multiple properties
- Cleanup: remove /boot
2017.08.15 - v1.08
- Fix a process freeze issue
- Fix framework restart survival (stop && start)
- Fix double free crash
2017.08.11 - v1.07
- Startup: Fix parallelism
2017.08.10 - v1.06
- Startup: Disable parallelism (temporary?), causes things to break sometimes
2017.08.10 - v1.05
- GUI: Synchronize changing items with the same UID
- GUI: Hide system apps (UID < 10000)
- GUI: Fix UID / package display line to ellipsize instead of wrap
- Properties: Adjust various build, adb, debug and security properties
- Startup: Improve performance by running operations in parallel
- ZIP: Allow flashing directly after SuperSU switch from image to SBIN mode, without reboot in between
2017.08.09 - v1.00
- Initial release of new code
- For old code, see https://forum.xda-developers.com/apps/supersu/suhide-t3450396

FIRST! new suhide yay. My 6p is currently running N 7.1.2. STOCK ANDROID, NO customisation whatsoever. Will 2.82 SR2 automatically update the root to sbin mode? If yes is the echo command still needed then?
Sent from my Nexus 6P with Tapatalk

Ch3vr0n said:
FIRST! new suhide yay. My 6p is currently running N 7.1.2. will 2.82 SR2 automatically update the root to sbin mode? If yes is the echo command still needed then?
Sent from my Nexus 6P with Tapatalk
Click to expand...
Click to collapse
Sbin mode is only activated by default on O (as per OP). Everything else requires the echo command.

Cool. I was avoiding using Magisk so far and was without root to be able to use certain apps like Netflix. I have a Pixel XL. Will SuperSU 2.82 SR2 alongwith suhide-lite work on my phone? Will I have to give the commands in TWRP as given in op? I intend to flash August security patch and try this during that update process. Currently I am stock (no root) with ElementalX kernel which I intend to continue using to be able to hide bootloader unlocked status.

Wow.. this works!
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Shamusent

@Chainfire
hi,
maybe you can do something about this :crying:
i'm on nougat 7.1.2 (July security patch) been trying for long time to get this to work on citrix secure hub (by zenprise- formally known as worx)
attaching my logs and pics.
this is what i found from the logs attached:
Code:
"com.citrix.work.MAM.PolicyCheck:Found an APK requiring rooted device: eu.chainfire.supersu"
"com.citrix.work.MAM.PolicyCheck:BuildTag Test advisory ----- > is probably rooted"
SuperUser APKs Test advisory ---- > is probably rooted
the only one thing it didnt find:
Code:
D/"SecureHub"(16939): su In Path Test --- > is NOT rooted
i manged to pass safety net as you can see.
please if you can help.

Hi all and Chainfire. Thank you for this app! I tested it with a search if the Netflix app in the Playstore, but it wasn't found. I hided Playstore app in the list. Is there something I have overseen?
Otherwise I am also passing Safety Net. Thank you Chainfire!

rocky78 said:
@Chainfire
hi,
maybe you can do something about this :crying:
i'm on nougat 7.1.2 (July security patch) been trying for long time to get this to work on citrix secure hub (by zenprise- formally known as worx)
attaching my logs and pics.
this is what i found from the logs attached:
Code:
"com.citrix.work.MAM.PolicyCheck:Found an APK requiring rooted device: eu.chainfire.supersu"
"com.citrix.work.MAM.PolicyCheck:BuildTag Test advisory ----- > is probably rooted"
SuperUser APKs Test advisory ---- > is probably rooted
the only one thing it didnt find:
Code:
D/"SecureHub"(16939): su In Path Test --- > is NOT rooted
i manged to pass safety net as you can see.
please if you can help.
Click to expand...
Click to collapse
Does citrix secure hub run constantly in the background, or do you just need it now and then ?
Have you read the instructions in the About screen as stated ?
Have you tried hiding the SuperSU GUI ? (3x volup/voldown alternate) Because that is what it's detecting.
It's not detecting the su binary, I assume you already hid root from the hub ?
TR2N said:
Hi all and Chainfire. Thank you for this app! I tested it with a search if the Netflix app in the Playstore, but it wasn't found. I hided Playstore app in the list. Is there something I have overseen?
Otherwise I am also passing Safety Net. Thank you Chainfire!
Click to expand...
Click to collapse
Try clear Google Play Store and Google Play Services app data.
Netflix shows for me on a freshly installed device.

Chainfire said:
Does citrix secure hub run constantly in the background, or do you just need it now and then ?
Have you read the instructions in the About screen as stated ?
Have you tried hiding the SuperSU GUI ? (3x volup/voldown alternate) Because that is what it's detecting.
It's not detecting the su binary, I assume you already hid root from the hub ?
Click to expand...
Click to collapse
1. i can use it how ever i want (background or now and then). this is an email from my company.
2. yes. tried that.
3. yes i did. i attached a pic for you to see in the previous replay.

rocky78 said:
1. i can use it how ever i want (background or now and then). this is an email from my company.
2. yes. tried that.
3. yes i did. i attached a pic for you to see in the previous replay.
Click to expand...
Click to collapse
But is SuperSU still available from the app drawer? Did you actually press the volume button as instructed? The screenshot does not (can cannot) show that.

Chainfire said:
But is SuperSU still available from the app drawer? Did you actually press the volume button as instructed? The screenshot does not (can cannot) show that.
Click to expand...
Click to collapse
no.
When im pressing in the right order its hidden from app drawer. Also some other apps gets hidden.
p.s.
from the log i uploaded before it looks like "they" are running a search of supersu.apk in my device and mannage to find that.
is there a way to hide/stop that?

rocky78 said:
no.
When im pressing in the right order its hidden from app drawer. Also some other apps gets hidden.
p.s.
from the log i uploaded before it looks like "they" are running a search of supersu.apk in my device and mannage to find that.
is there a way to hide/stop that?
Click to expand...
Click to collapse
In that case I don't know what's going on. They shouldn't be able to iterate over APKs either. But it's all just guess work on my end at this point.
EDIT: actually I do know of a way they could still detect this even when hidden... but really the only way around that is to uninstall the SuperSU APK.

TR2N said:
... I tested it with a search if the Netflix app in the Playstore, but it wasn't found....
Click to expand...
Click to collapse
I think Safetynet is a server side check.Wait till tomorrow with su hided and check again.

Chainfire said:
In that case I don't know what's going on. They shouldn't be able to iterate over APKs either. But it's all just guess work on my end at this point.
EDIT: actually I do know of a way they could still detect this even when hidden... but really the only way around that is to uninstall the SuperSU APK.
Click to expand...
Click to collapse
do you mean if i clean flash my rom (custom) without root i will be able to use it?
And if so... Wft? No way! The hell with them.

rocky78 said:
do you mean if i clean flash my rom (custom) without root i will be able to use it?
And if so... Wft? No way! The hell with them.
Click to expand...
Click to collapse
No, just uninstall the SuperSU app from Android settings. Your apps will still have root access, you just wont have any way to manage it.

Chainfire said:
No, just uninstall the SuperSU app from Android settings. Your apps will still have root access, you just wont have any way to manage it.
Click to expand...
Click to collapse
look at this....
Do you see in the log-pic? After hiding from app drawer took a log file and suhide worked.
Only one more thing left to hide.
wtf is build tag? is it related to ro.build.tags in props?

rocky78 said:
look at this....
Do you see in the log-pic? After hiding from app drawer took a log file and suhide worked.
Only one more thing left to hide.
wtf is build tag? is it related to ro.build.tags in props?
Click to expand...
Click to collapse
Only citrix knows
Code:
getprop | grep build
may show some obvious problems.

[BUG] MagiskHide does not work on Hanabank app. (strace log attached)

Hello, everyone.
Few days ago, I found Hanabank app (com.hanabank.ebk.channel.android.hananbank) detects Magisk hide. I ran strace against Hanabank app, and I got some suspicious openat(2) returns -EACCES and even some files are not filtered by Magisk Hide (returns file descriptor successfully)
Here are openat(2) calls which don't look good.
Code:
[pid 27855] openat(AT_FDCWD, "/sbin_orig/magisk", O_RDONLY|O_LARGEFILE) = 91
[pid 27855] openat(AT_FDCWD, "/dev/magisk/mirror/system", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
[pid 27855] openat(AT_FDCWD, "/magisk", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
[pid 27855] fstatat64(AT_FDCWD, "99-magisk.sh", {st_mode=S_IFREG|0755, st_size=2011, ...}, 0) = 0
Full strace log of Hanabank app:
Code:
https://pastebin.com/BUiViAbK
I think they should return -ENOENT to pass that magisk detection routine.
I'm using Magisk v14.0
BTW, why Magisk Github issue tracker is disabled?

Having the same issue but with another app.
https://forum.xda-developers.com/showpost.php?p=73968022&postcount=19348
How did you run strace? I used strace -f -p PID-o /sdcard/strace.txt but no reference to Magisk is shown.

olivercervera said:
Having the same issue but with another app.
https://forum.xda-developers.com/showpost.php?p=73968022&postcount=19348
How did you run strace? I used strace -f -p PID-o /sdcard/strace.txt but no reference to Magisk is shown.
Click to expand...
Click to collapse
First, sorry for late reply. I was on vacation.
I used this script to attach strace to fresh app process.
Code:
while true; do
while ! ps | grep -q -i $1; do :; done;
ps | grep -i $1 | while read a b c; do
strace -e open -f -e trace=file,ptrace -p $b 2>&1;
done;
done
For example, if you saved this script as /sdcard/strace.sh, The procedure I take to attach strace to the app is;
1. use killall command to kill all app process. Android pre-forks app, so we need to kill that first.
2. run script using sh /sdcard/strace.sh <app_process_name>. This will attach strace to the app and redirects strace's stderr output to stdout.
2-1. Do whatever you want (use tee or just redirect it to file, etc..) with stdout stream.
3. Analyze collected result.
That's all.

perillamint said:
First, sorry for late reply. I was on vacation.
I used this script to attach strace to fresh app process.
Click to expand...
Click to collapse
Hi
Just now I realised that I responded in the other thread. However your script never worked
I ran the script in a shell with root permission using
Code:
sh /sdcard/strace.sh com.barclays.android.barclaysmobilebanking
Unfortunately this is what I get when I try to run the script
Code:
/sdcard/strace.sh[5]: syntax error: 'done' unexpected
What have I done wrong?
EDIT: I've done this test on another device, a Nexus 5X stock 7.1.2 + Magisk v14. If I run strace it is not found, I have installed busybox but nothing! WAT??? I'll test with the other device later which has strace (Nexus 5).
EDIT2: Nope, I get the same error on the device which has strace.

olivercervera said:
Hi
Just now I realised that I responded in the other thread. However your script never worked
I ran the script in a shell with root permission using
Code:
sh /sdcard/strace.sh com.barclays.android.barclaysmobilebanking
Unfortunately this is what I get when I try to run the script
Code:
/sdcard/strace.sh[5]: syntax error: 'done' unexpected
What have I done wrong?
EDIT: I've done this test on another device, a Nexus 5X stock 7.1.2 + Magisk v14. If I run strace it is not found, I have installed busybox but nothing! WAT??? I'll test with the other device later which has strace (Nexus 5).
EDIT2: Nope, I get the same error on the device which has strace.
Click to expand...
Click to collapse
Hmm, I used sh which included in LineageOS.... I think Android's default sh couldn't handle that script's syntax properly. Default sh is quite crippled compared to GNU/Linux's one (bash, zsh, etc..)
Could you try running this script using bash instead of sh? If you don't have bash on your Android system, this Magisk module could inject bash binary into your system. https://forum.xda-developers.com/apps/magisk/module-magisk-bash-shell-t3609988

perillamint said:
Hmm, I used sh which included in LineageOS.... I think Android's default sh couldn't handle that script's syntax properly. Default sh is quite crippled compared to GNU/Linux's one (bash, zsh, etc..)
Could you try running this script using bash instead of sh? If you don't have bash on your Android system, this Magisk module could inject bash binary into your system. https://forum.xda-developers.com/apps/magisk/module-magisk-bash-shell-t3609988
Click to expand...
Click to collapse
Thanks for your suggestion. In the end I installed LOS on my test device and ran the script.
The funny thing is that I can't find a single reference to Magisk or Root...
The output is attached.

olivercervera said:
Thanks for your suggestion. In the end I installed LOS on my test device and ran the script.
The funny thing is that I can't find a single reference to Magisk or Root...
The output is attached.
Click to expand...
Click to collapse
Indeed. However the app dies shortly after reading the two property files:
/dev/__properties__/ubject_r:default_prop:s0
/dev/__properties__/ubject_r:logd_prop:s0
I would try to get the output of getprop with and without Magisk installed and see if there are any properties being leaked that could give a hint that Magisk is installed.

Fif_ said:
Indeed. However the app dies shortly after reading the two property files:
/dev/__properties__/ubject_r:default_prop:s0
/dev/__properties__/ubject_r:logd_prop:s0
I would try to get the output of getprop with and without Magisk installed and see if there are any properties being leaked that could give a hint that Magisk is installed.
Click to expand...
Click to collapse
You are the man! You definitely spotted the method being used by this app. Thanks.
I had to leave LOS ROM because even without Magisk it would not run, so I installed another ROM. I verified the app runs, got props, installed Magisk and got new props.
There are all changes:
1. [ro.build.selinux]: [1] is changed to [ro.build.selinux]: [0] when Magisk is installed
2. [ro.runtime.firstboot] shows different values but I believe it's fine
3. The following are entirely missing when Magisk is installed
[selinux.reload_policy]: [1]
[service.adb.tcp.port]: [-1]
[sys.retaildemo.enabled]: [0]
[init.svc.clear-bcb]: [stopped]
I have the feeling that [ro.build.selinux]: [1] and [selinux.reload_policy]: [1] are key elements and Magisk is not hiding them properly. I would suppose these elements show that SELinux is not enforcing anymore. I tried changing these values, but at reboot they don't change.
I know obviously Magisk does not enforce SELinux, but hides that got set to Permissive. System thinks that is enforcing, and using command getenforce i get as a result Enforcing, but Barclays (and possibly other apps) are reading that SELinux is not actually being enforced.
Interesting. Will post these finding in the main thread.
Do you have anything to add that could be helpful?

olivercervera said:
You are the man! You definitely spotted the method being used by this app. Thanks.
I had to leave LOS ROM because even without Magisk it would not run, so I installed another ROM. I verified the app runs, got props, installed Magisk and got new props.
There are all changes:
1. [ro.build.selinux]: [1] is changed to [ro.build.selinux]: [0] when Magisk is installed
2. [ro.runtime.firstboot] shows different values but I believe it's fine
3. The following are entirely missing when Magisk is installed
[selinux.reload_policy]: [1]
[service.adb.tcp.port]: [-1]
[sys.retaildemo.enabled]: [0]
[init.svc.clear-bcb]: [stopped]
I have the feeling that [ro.build.selinux]: [1] and [selinux.reload_policy]: [1] are key elements and Magisk is not hiding them properly. I would suppose these elements show that SELinux is not enforcing anymore. I tried changing these values, but at reboot they don't change.
I know obviously Magisk does not enforce SELinux, but hides that got set to Permissive. System thinks that is enforcing, and using command getenforce i get as a result Enforcing, but Barclays (and possibly other apps) are reading that SELinux is not actually being enforced.
Interesting. Will post these finding in the main thread.
Do you have anything to add that could be helpful?
Click to expand...
Click to collapse
If you use "resetprop ro.build.selinux 1" in a root shell, does the app start?
That will disappear at reboot of course, but it's easy to add to /magisk/.core/props to make it stick until Magisk is fixed.
Now, I don't think Magisk disables SELinux, why do you have it disabled?

Fif_ said:
If you use "resetprop ro.build.selinux 1" in a root shell, does the app start?
That will disappear at reboot of course, but it's easy to add to /magisk/.core/props to make it stick until Magisk is fixed.
Now, I don't think Magisk disables SELinux, why do you have it disabled?
Click to expand...
Click to collapse
Yes, Magisk changes SELinux to Permissive and hides this status.
Although my findings would be legit and those props should be hidden, in my Bank's case is not the issue.
I have discovered that if I uninstall Magisk Manager (but not uninstall root, just the app) my bank app works. However it does not work if I use "Hide Magisk".
Since the hidden app is called Unhide Magisk Manager, probably this app is looking for Magisk keyword.
For whatever reason when I run strace the app does crash and always reports that message (crash after reading prop).
I will post these findings in the support thread.
I don't know how to do it, but I would recompile Magisk Manager changing package ID and name, in theory should work.

I am having the same issue on my Galaxy S8 with the Barclays Mobile Banking app. I have tried using every option in Magisk but nothing seems to be working. In fact, the Barclays app actually asked for SU permissions when I first ran it which is odd to me.
Did anyone find a workaround for this? I read the posts in this thread but I am not savvy enough to understand all the codes and technical information written, so please excuse my ignorance in the matter. Is reverting to a completely stock ROM my only option at this point? I really need to start using this application as soon as possible.
Thank you.

Quick update guys!
The great Topjohnwu is working on a new update that includes a key feature for us: reinstalling Magisk Manager with a random package ID.
These changes are in his Github Repo. On this thread you can find unofficial versions of Magisk compiled from Github.
I have tested Magisk-v14.4-20171102-091345.zip: HELL IT WORKS!
In Magisk Manager: go to settings and you will have the option to reinstall Magisk Manager with a random package ID
Install Barclays from Play Store
Add Barclays to Magisk Hide
Open Barclays, it will behave correctly and will work!
This solves my problem, so I will be able to use the latest version of this app very soon (will wait for public beta).
On a side note, this update should als hide /Magisk partition, which was detected by @perillamint banking app, so might be worth trying it.
I have installed this Hanabank app (hopefully is the right one!) and added it to Magisk Hide. The app opens up correctly but I can't understand anything. I see some stuff moving on screen and on the upper left I see a lock icon (to login?)
If I don't add the app to Magisk Hide it shows an incomprehensible message and closes.
Hope you find this helpful.
Please see photos below.

@olivercervera
What are your exact steps? I installed the latest version from this thread, and added barclays to magisk hide, and then in settings, clicked in hide magisk manager. When I clicked in unhide magisk manager, it asked me for root permision for something with a random name, so I guess it worked, but I couldn't get the Barclays app to run. Is that a fresh install of your phone? I remember that if it detected your root once, it would be blocked forever, until you get a new ID. Did you call barclays to get your app working again?
On top of that, I clicked on hide magisk manager again, and now I can't unhide it, the app does nothing when I click on it... :crying:
Thanks for your help in any case, and thanks for the tip regading the new functionality!

mundodisco8 said:
@olivercervera
What are your exact steps? I installed the latest version from this thread, and added barclays to magisk hide, and then in settings, clicked in hide magisk manager. When I clicked in unhide magisk manager, it asked me for root permision for something with a random name, so I guess it worked, but I couldn't get the Barclays app to run. Is that a fresh install of your phone? I remember that if it detected your root once, it would be blocked forever, until you get a new ID. Did you call barclays to get your app working again?
On top of that, I clicked on hide magisk manager again, and now I can't unhide it, the app does nothing when I click on it... :crying:
Thanks for your help in any case, and thanks for the tip regading the new functionality!
Click to expand...
Click to collapse
Yes, a fresh start from a stock Nexus 5X I have at work. I did not register the app with my account during the test, all I needed to do was to get to the Welcome Screen: if Barclays detects root you don't get anything. Probably you need to reinstall Barclays App.
Once Magisk Manager is hidden with the new ID you can't go back to the original: you don't have any option. So if you still have it means there is a problem.

mundodisco8 said:
@olivercervera
What are your exact steps? I installed the latest version from this thread, and added barclays to magisk hide, and then in settings, clicked in hide magisk manager. When I clicked in unhide magisk manager, it asked me for root permision for something with a random name, so I guess it worked, but I couldn't get the Barclays app to run. Is that a fresh install of your phone? I remember that if it detected your root once, it would be blocked forever, until you get a new ID. Did you call barclays to get your app working again?
On top of that, I clicked on hide magisk manager again, and now I can't unhide it, the app does nothing when I click on it... :crying:
Thanks for your help in any case, and thanks for the tip regading the new functionality!
Click to expand...
Click to collapse
He's talking about a new Hide Manager feature that is much improved from the current implementation. It's not yet available officially, so you'll have to build yourself from the GitHub repo, or download from the unofficial snapshots thread that @olivercervera linked.

Didgeridoohan said:
He's talking about a new Hide Manager feature that is much improved from the current implementation. It's not yet available officially, so you'll have to build yourself from the GitHub repo, or download from the unofficial snapshots thread that @olivercervera linked.
Click to expand...
Click to collapse
I didn't even consider the possibility he didn't realise I was using the unofficial/self compiled version... I even linked it!!!
Thanks

olivercervera said:
I didn't even consider the possibility he didn't realise I was using the unofficial/self compiled version... I even linked it!!!
Thanks
Click to expand...
Click to collapse
It's actually quite apparent that he's talking about the current implementation, since the updated, unreleased, feature doesn't have anything named "unhide" to click.
With the new implementation you unhide the hidden Manager by reinstalling and opening it.

Hi guys,
Yes, I installed the latest version, following the link OliverCervera linked. I hid it using the usual method of going to options/hide magisk, and I got a new app, as usual. clicking on it to unhide prompted for root permissions for an app with a random ID (as expected). The next time, I wasn't that lucky, and the whole thing crashed. Anyway, it's a nightly, so I won't complain, and I will check it later, as sadly I don't have time to do it now.
In any case, my app was marked, because I opened it with the official release of Magisk and it detected root, and once it does, it keeps the "this phone is rooted" status until you do a factory reset. I think you can call them to tell them that it was a mistake, and they can unlock it but I'm not 100% sure about this last point.
Thanks for the work, anyway!

mundodisco8 said:
Hi guys,
Yes, I installed the latest version, following the link OliverCervera linked. I hid it using the usual method of going to options/hide magisk, and I got a new app, as usual. clicking on it to unhide prompted for root permissions for an app with a random ID (as expected). The next time, I wasn't that lucky, and the whole thing crashed. Anyway, it's a nightly, so I won't complain, and I will check it later, as sadly I don't have time to do it now.
In any case, my app was marked, because I opened it with the official release of Magisk and it detected root, and once it does, it keeps the "this phone is rooted" status until you do a factory reset. I think you can call them to tell them that it was a mistake, and they can unlock it but I'm not 100% sure about this last point.
Thanks for the work, anyway!
Click to expand...
Click to collapse
If you install the correct version of the Manager you won't have an unhide app after hiding the Manager. That's changed...
Your problem is probably that the unofficial Manager has a different signature, so it won't install over the official Manager. Solution: Uninstall the official Manager before installing the unofficial snapshot.
Have you tried just clearing all data for the app after it detects root? That usually works for an app that "remembers" root. But, I've never tested the app in question so...

Didgeridoohan said:
If you install the correct version of the Manager you won't have an unhide app after hiding the Manager. That's changed...
Your problem is probably that the unofficial Manager has a different signature, so it won't install over the official Manager. Solution: Uninstall the official Manager before installing the unofficial snapshot.
Have you tried just clearing all data for the app after it detects root? That usually works for an app that "remembers" root. But, I've never tested the app in question so...
Click to expand...
Click to collapse
I think they keep your signature and store it on their servers. Barclays is really focused when it comes to not allowing people to use their app on rooted phones, but as I said, I would need to double check. And I kind of get why they do it, as they went all the way to avoid to pay Android to use Android Pay and they developed their own platform to pay over NFC (not judging here, it's up to them if they think it's the best solution). At the end of the day, root is exploited through a security flaw, and "the bad guys could get your moneys", and even though they could display a message at launch that says "hey, you are rooted, the bad guys could get AAAALLL of the moneys, it's up to you" people would still want to sue them if they mess up... but it's funny that they allow you to get into the online banking web on a rooted phone, where the bad guys could see your password...

PADRadar2.7.1 now detecting magisk.

Updated the game PADRadar to 2.7.1, the game can not run now.Every method is tried,the only way is uninstalling the magisk.Who can help me?

Jacky Zhou said:
Updated the game PADRadar to 2.7.1, the game can not run now.Every method is tried,the only way is uninstalling the magisk.Who can help me?
Click to expand...
Click to collapse
First of all, ensure that Magisk Hide is set up properly and you have selected PADRadar within Magisk Hide list. Second, delete the Magisk Manager folder that can be found on your internal storage. Third, use the option to re-pack Magisk Manager with a random package name (can be done from within Magisk options). Last, force-stop the game and clear its cache and maybe data (be aware that you might lose your game process if you delete the game data, so be careful). Reboot your device and check again.

seems like a lot of apps are now detecting magisk
maybe they are looking for more than just magisk folder, su, busybox etc..
like samsung pay for the gear

TheUndertaker21 said:
seems like a lot of apps are now detecting magisk
maybe they are looking for more than just magisk folder, su, busybox etc..
like samsung pay for the gear
Click to expand...
Click to collapse
that would be impossible to detect magisk's folder since it's like an img file which needs to be mounted first before accessing it. However there is always a way, i suppose

[DEBLOAT] OOS 9.5.x De-bloat (Systemless+Automated+Easily Reversible) [Aug 28]

This script was made to 9.5.8 OP7 OxygenOS, some things can be different in future, so report if something is broken. Use at your own risk and feel free to experiment as this is a systemless mod.
First, the prerequisites:
1- Unlocked bootloader with Magisk and TWRP (you can use temporary TWRP if you please). If you don't know what is that, take a look at the XDA threads about it, it's easy. Please don't ask about "how to unlock bootloader" or "how to install Magisk".
2- Debloater (Terminal Emulator) Magisk module. Download it from Magisk Manager.
3- Any Terminal Emulator app.
4- import-debloat.txt config file. Download it here
5. Backup (yeah, this module doesn't change anything in /system and can be reverted at any time, but backups are always welcome)
6. Magisk Mount script. Download it from here
Magisk mount is needed to "reinstall" system apps by deleting the dummy folders from Magisk partition if something breaks.
If you have everything handy it should be a matter of few seconds to debloat.
Let's deal with useless system apps, temeletry, some ****ty apps. According from the @Tomatot- thread:
Tomatot- said:
-You'll get more privacy: I've removed Qualcomm telemetry, OnePlus telemetry as well as some Google Telemetry (but you can't expect too much as long as you use gapps)
-You'll get better battery life: less apps running in the background, less wakelocks, less services communicating with servers to send telemetry.
-You'll get better performance: for the same reasons. Don't expect a huge difference as our phone is very smooth already.
-The feeling of having a clean device. And this has no price.
Click to expand...
Click to collapse
Debloated apps list (It's the same Tomatot-'s Light app list):
Code:
AntHalService^=/system/app/AntHalService
AutoRegistration^=/system/app/AutoRegistration
BasicDreams^=/system/app/BasicDreams
BookmarkProvider^=/system/app/BookmarkProvider
BTtestmode^=/system/app/BTtestmode
PrintService^=/system/app/BuiltInPrintService
card^=/system/app/card
EasterEgg^=/system/app/EasterEgg
EgineeringMode^=/system/app/EngineeringMode
EngSpecialTest^=/system/app/EngSpecialTest
GooglePrint^=/system/app/GooglePrintRecommendationService
GoogleTTS^=/system/app/GoogleTTS
LogKitSdService^=/system/app/LogKitSdService
NetflixActivation^=/system/app/Netflix_Activation
NetflixStub^=/system/app/Netflix_Stub
NFCTestMode^=/system/app/NFCTestMode
OEMTCMA^=/system/app/oem_tcma
OEMAutoTestServer^=/system/app/OemAutoTestServer
OEMLogKit^=/system/app/OEMLogKit
OnePlusBugReport^=/system/app/OPBugReportLite
OnePlusCommonLogTool^=/system/app/OPCommonLogTool
OPSesAuthentication^=/system/app/OPSesAuthentication
PartnerBoorkmarksProvider^=/system/app/PartnerBookmarksProvider
PhotosOnline^=/system/app/PhotosOnline
PlayAutoInstallConfig^=/system/app/PlayAutoInstallConfig
QdcmFF^=/system/app/QdcmFF
RFTuner^=/system/app/RFTuner
SensorTestTool^=/system/app/SensorTestTool
SoterService^=/system/app/SoterService
Stk^=/system/app/Stk
Talkback^=/system/app/talkback
Traceur^=/system/app/Traceur
UIMRemoteClient^=/system/app/uimremoteclient
Video^=/system/app/Videos
WallpaperBackup^=/system/app/WallpaperBackup
WAPICertManage^=/system/app/WapiCertManage
WIFIRFTestApk^=/system/app/WifiRfTestApk
GoogleFeedback^=/system/priv-app/GoogleFeedback
OnePlusCellBroadcastReceiver^=/system/priv-app/OPCellBroadcastReceiver
Tag^=/system/priv-app/Tag
USBDrivers^=/system/etc/usb_drivers.iso
Reserve^=/system/reserve
RFToolkit^=/vendor/app/Rftoolkit
AmazonShittyApps^=/vendor/etc/apps
Account^=/system/app/Account
OPBackup^=/system/app/Backup
BackupRestoreRemoteService^=/system/app/BackupRestoreRemoteService
CarrierDefaultApp^=/system/app/CarrierDefaultApp
CTSShimPrebuilt^=/system/app/CtsShimPrebuilt
GoogleDrive^=/system/app/Drive
GoogleDuo^=/system/app/Duo
GooglePay^=/system/app/GooglePay
HTMLViewer^=/system/app/HTMLViewer
GooglePlayMusic^=/system/app/Music2
NVBackupUI^=/system/app/NVBackupUI
OnePlusPush^=/system/app/OPPush
YouTube^=/system/app/YouTube
BackupRestoreConfirmation^=/system/priv-app/BackupRestoreConfirmation
CallLogBackup^=/system/priv-app/CallLogBackup
CTSShimPrivPrebuilt^=/system/priv-app/CtsShimPrivPrebuilt
GoogleRestore^=/system/priv-app/GoogleRestore
GoogleBackupTransport^=/system/priv-app/GoogleBackupTransport
GoogleOneTimeInitializer^=/system/priv-app/GoogleOneTimeInitializer
ManagedPrivisioning^=/system/priv-app/ManagedProvisioning
OnePlusWizard^=/system/priv-app/OnePlusWizard
OPAppLocker^=/system/priv-app/OPAppLocker
OnePlusDeviceManager^=/system/priv-app/OPDeviceManager
OnePlusDeviceManagerProvider^=/system/priv-app/OPDeviceManagerProvider
SharedStorageBackup^=/system/priv-app/SharedStorageBackup
Let's start this!
1. Copy the import-debloat.txt config file to the folder /data/cache in the root. (you can copy it by a root explorer or reboot into recovery and copy it by TWRP file explorer)
2. Install the Debloater (Terminal Emulator) Magisk module using the Magisk Manager.
3. Open the terminal emulator app
> Type 'su' and press enter
> Grant root permissions
> Type debloat and press enter.
4. You will see the options to debloat in various categories which are self explanatory. As we have the config file which has a predefined app list to de-bloat stored in /data/cache folder in root already. Type 'i' which says import config and press enter 2 times.
5. Reboot 2 times and you're done most probably if nothing breaks.
Ta-dah! Fully debloated OOS. To keep the debloat after update the ROM, just reflash Magisk and you're fine. You don't need to do the procedure every update.
Read from here if something breaks (from @Sreekant)
If it breaks the system or causes boot-loop which shouldn't be the case as I'm using the OP7 9.5.8 and everything is fine, but well, **** happens. Don't worry! It's pretty easy to reinstall all of them in one click by TWRP.
Did you download the Magisk Mount script which I asked to earlier? If yes, just flash it with TWRP and the magisk will be mounted and accessible in TWRP file explorer. If you didn't download the script earlier, Just adb sideload it in recovery.
After mounting the Magisk in TWRP > Click on Advanced and go to file explorer.
Then delete the app folder of the system app you've uninstalled in /Magisk/terminal_debloater/system/app (/sbin/.core/img/terminal_debloater/system/app) or /Magisk/terminal_debloater/system/priv-app (/sbin/.core/img/terminal_debloater/system/priv-app) then that should undo it.
Click to expand...
Click to collapse
----------------------
Feel free to give any feedback about the script.
Special thanks to:
@Tomatot- (the apps list and some explanations are from his thread)
@Sreekantt (the thread base and original idea from debloat for Poco F1)
@topjohnwu (Magisk developer)
The Debloater (terminal) team

Hi, welcome and thanks for your work..as I understand , that is magisk module to use for debloat ? If you used script from Tomato, is it light debloat or which one. More info about that will be nice..thanks again

marko94 said:
Hi, welcome and thanks for your work..as I understand , that is magisk module to use for debloat ? If you used script from Tomato, is it light debloat or which one. More info about that will be nice..thanks again
Click to expand...
Click to collapse
I took the Light debloat from Tomatot and converted to Debloat (Terminal Emulator) module syntax. I will let it more clear in the thread.
I can convert the other two ones (Extreme and Invisible), specially Invisible would be fine to less experienced users.

Dan_Jacques said:
I took the Light debloat from Tomatot and converted to Debloat (Terminal Emulator) module syntax. I will let it more clear in the thread.
I can convert the other two ones (Extreme and Invisible), specially Invisible would be fine to less experienced users.
Click to expand...
Click to collapse
Yes, that will be cool.. also if we want edit some of script, for example we don't want debloat one app ,is it possible ? Thanks

marko94 said:
Yes, that will be cool.. also if we want edit some of script, for example we don't want debloat one app ,is it possible ? Thanks
Click to expand...
Click to collapse
Yes, just follow the syntax do add another system app to debloat:
Appname^=/system/path/to/appfolder
If you don't want to debloat some app, just erase the entry with the app that you don't want to remove.
You can find the system apps folder browsing /system/app and /system/priv-app. After every change to import-debloat.txt you have to run debloat and import again (to create the dummy empty folders.)
Edit it in Notepad++ to avoid format issues (at PC) or Quickedit (at cell phone).

Light it's the best choice.
Invisible it's to low and Extreme could be too hard on cleaning up. But it's up to you, of course.:good:

Dev any update for OB Q oos ? Thanks

Updated to Android 10 and doesnt appear to be working. Any debloat solutions for android 10 around?