Magisk: Enable su for apps in custom rom - Magisk

Hey guys,
I am editing a stock rom for a MT6570 based device. I have patched the boot image and rooted the device successfully. I can add MagiskManager in the /userdata partition so that it is installed on first boot after flash, but I still have to manually configure settings for su before my apps work.
Is there a way to grant my apps su permission or, worst cast, automatically grant su permission on first boot? I would also like to turn off notifications.
Thanks
Chris

chrisfraser said:
Hey guys,
I am editing a stock rom for a MT6570 based device. I have patched the boot image and rooted the device successfully. I can add MagiskManager in the /userdata partition so that it is installed on first boot after flash, but I still have to manually configure settings for su before my apps work.
Is there a way to grant my apps su permission or, worst cast, automatically grant su permission on first boot? I would also like to turn off notifications.
Thanks
Chris
Click to expand...
Click to collapse
That sounds like a bad idea.
If your ROM requires root for something extra to function, you have plenty of ways to run your code as root without involving Magisk.
If you really want to preconfigure Magisk to allow root for some apps, you can always alter its settings directly. The su rights are held in a SQLite db. Or patch Magisk for your ROM.
You'd be on your own supporting that however.

Related

Why the root message isn't showed like Hero&Others ?

All others rooted phones have a message showed when an application asks root, why don't we have this on Tattoo ?
On Tattoo root permissions are always enabled
Ok, it's nice but we can't see which application ask root :/
Like Terminal Emulator, when you launch it, the shell is always in normal user "$", not in root :/
JoOoSs said:
Ok, it's nice but we can't see which application ask root :/
Like Terminal Emulator, when you launch it, the shell is always in normal user "$", not in root :/
Click to expand...
Click to collapse
This is true, but I dont know how, after isntalling 5faif ROM, terminal emulator shows me the #, id command shows me that I'm root.
I'm on stock ROM, this is the problem i think!
Anybody has SetCPU ?
The problem with this is that every application can obtain root without our knowledge.
It is a serious security flaw.
Not really. Android is pretty secure. Even if you get a brick from a Andirus (Virus + Android), it's a piece of cake to undo the damage.
Netbuster said:
This is true, but I dont know how, after isntalling 5faif ROM, terminal emulator shows me the #, id command shows me that I'm root.
Click to expand...
Click to collapse
Because that rom you've flashed contains custom boot.img by mainfram3 that gives to you root at startup and loads tattoo-hack.ko (partition r/w always mounted)
Coburn64 said:
Not really. Android is pretty secure. Even if you get a brick from a Andirus (Virus + Android), it's a piece of cake to undo the damage.
Click to expand...
Click to collapse
Actually i wasn't having viruses in mind. More like keyloggers and such. SU prompt wasn't invented for no reason...
I think the OP was asking about SuperUser.apk.
It's a modified su plus a service that asks for user intervention when a program calls /system/bin/su. It's nifty and it should be used by everyone.
Android apps are prevented from looking into other apps data. If su is readily available, a app can escalated it's privileges and steal your personal info, by reading data from other apps.
mainfram3 said:
I think the OP was asking about SuperUser.apk.
It's a modified su plus a service that asks for user intervention when a program calls /system/bin/su. It's nifty and it should be used by everyone.
Android apps are prevented from looking into other apps data. If su is readily available, a app can escalated it's privileges and steal your personal info, by reading data from other apps.
Click to expand...
Click to collapse
Exactly my point.
MoDaCo Custom ROM 1 includes Superuser apk for root access.
P
Anyone know how to fix Superuser Permissions manually?
I have Tattoo with rooted boot.img (mainfram3)
I pushed su into /system/bin/
Made chmod 4577 /system/bin/su
Pushed superuser.apk from Modaco Rom to /system/app/
Restart sure...
SuperUser Permissions can be executed (list is clear)
But any app doesn't send request to Superuser Permissions.
What i could forget?
Finally, I solved it partially.
Sure, i have rooted boot.img
I extracted from Modaco Custom ROM for Tattoo:
su
Superuser.apk
copied su to: /system/bin/su
copied Superuser.apk to: /system/app
run in terminal: chmod 4577 /system/bin/su
restarted and everything works fine now... Superuser Permissions shows all root-requests, Titanium Backup works, other root-things works too
But i notice, that su-binary from Modaco ROM is about 34-36 kb, but
su-binary from guide of getting root is about 80-85 kb.
1-2 months ago we faced with difference in size of su. We choosed bigger su in case, what it can run "flash_image", smaller su can't run.
But maybe it fixed already? I did not test it yet.
Thanks @5[Strogino]
I was trying to use Titanium today to back up my apps but it didn't work.
lukic said:
Thanks @5[Strogino]
I was trying to use Titanium today to back up my apps but it didn't work.
Click to expand...
Click to collapse
What exactly wrote TB?
Did you download busybox via TB?
I don't remember exactly.
It did ask me to download busybox and I did that, but still it didn't work.

[MOD] Adfree System without RW Access to /system

Hey there,
this is my first thread ever created by me in a development forum.
I wanted to share my sollution for a adfree Android system, without unlocking the boatloader to get R/W access to /system.
I did try it on my device, everything went fine, but i will not take any kind of reponsibility for your devices. Also your warranty may be void!
What you need:
- rooted XTZ (i tried it on the 16GB Wifi only version)
- busybox installed
- Android SDK or adb.exe
- patched hosts file, I took mine from my HTC ONE with adaway installed (unzip first)
Click to expand...
Click to collapse
How to do it:
- get a patched hosts file from another device, or use mine (attached)
- put the file on the root of your sd card (so it will be /sdcard/hosts)
- connect your tablet to your PC, make sure usb debuggig is turned on
- launch cmd window, where your adb.exe is located
- entering following commands:
Code:
0. adb shell
1. su
2. stop ric
3. busybox pkill -f /sbin/ric
4. mount -ro remount,rw /system
5. busybox cp -af /sdcard/hosts /system/etc/hosts
- if everything went ok, you should now be able to see all the entries in your /system/etc/hosts file
- sadly you have to update the file if there some new adhosts, but it will remove a lot of annoying ads from all apps and the browser
- the changes are permanent, even at a reboot
Click to expand...
Click to collapse
Just let me know, if you have some kind of questions!
thanks @juanyunis for the [TEMPORAL-FIX] Remount RW /system reboot thread, from which i got some ideas.
Greetings from Germany
I have been using the AdAway app continuously since Google decided to eliminate all ad blocking apps from its Play Store and from my experience, AdAway does not require an unlocked boot loader to work, it only requires root access, and AdAway has no problem installing a hosts file in the /system/etc directory, so I am curious about why you have to go through all that.
The problem is, that if you using vroot like i did, and you doing nothing else, you don't have read write access to /system. So adaway, adfree and whatever can't edit the hosts file. Therefore is my little mod to get it done manually
Havoc2k said:
The problem is, that if you using vroot like i did, and you doing nothing else, you don't have read write access to /system. So adaway, adfree and whatever can't edit the hosts file. Therefore is my little mod to get it done manually
Click to expand...
Click to collapse
after vroot, install SuperSU and then all app ad-blocking apps are working good.
nope sorry, i did it, installed vroot, switched to normal superSU and installed busybox. But there is no RW access, so the ad blocking apps will work, but only to the next systemreboot / userswitch
tried all of them, and tried to manually edit the host file, but without access it will not happen
greetings
Havoc2k said:
But there is no RW access
Click to expand...
Click to collapse
strange thing that with root there is no RW access.
Havoc2k said:
nope sorry, i did it, installed vroot, switched to normal superSU and installed busybox. But there is no RW access, so the ad blocking apps will work, but only to the next systemreboot / userswitch
tried all of them, and tried to manually edit the host file, but without access it will not happen
greetings
Click to expand...
Click to collapse
I have tested and have for several months ran AdAway on my XTZ, on which Vroot was used to gain root access and SuperSU is installed, and AdAway has no problem writing a hosts file to the /system/etc directory even though the permissions for the /system and /system/etc directories are set to read-only. So, because I have no problem with AdAway and you apparently have a problem with AdAway, I believe it is likely there is a flaw in your root access setup. But hey, I could be wrong.

SuperSu not granting automatic permissions anymore

hey guys i have one problem with supersu.
i installed clean master and do cleaning **** and startup cleaning things and after reboot all apps that have granted root permission( foldermount, gmd gestures, lightflow, etc), these apps shows no toast popup after boot and to make them grant permissions i have to open them. Same thing when i installed boot manager and did not do anything but boot and again no supersu toast popups about root permissions after boot.
is there a way to keep the root grants after the boot? ( i have checked default acces to grant in supersu app)
I'm having problems with clean master working with SuperSu too.
clean master is so powerfull that disables supersu permissions.
They probably change some file permissions that SuperSU frowns at.
Chainfire said:
They probably change some file permissions that SuperSU frowns at.
Click to expand...
Click to collapse
i want to maintain supersu permissions after every boot no matter what. is there some option in supersu to be activated for that?
i'm on note 3 rooted with stock tw.
''enable supersu during boot''
please explain to me for what is this option
thx :good:
bump
dancapitan said:
''enable supersu during boot''
please explain to me for what is this option
thx :good:
Click to expand...
Click to collapse
This option has a summary that's pretty unclear. I've emailed the dev, hope to receive an answer soon. Fact is apps running during the boot_completed seem to get root randomly if this option is not enabled! Let me insist on the random fact, as my apps get root on boot frequently but not all the time. Other users have reported the same random behavior. Once the option is enabled everything works as expected!
However the option seem to imply that any root request on boot will be granted!? Regardless of user choice????
To make it short, check the option "enable supersu during boot" and root apps will receive root on boot as they used to!
3c said:
This option has a summary that's pretty unclear. I've emailed the dev, hope to receive an answer soon. Fact is apps running during the boot_completed seem to get root randomly if this option is not enabled! Let me insist on the random fact, as my apps get root on boot frequently but not all the time. Other users have reported the same random behavior. Once the option is enabled everything works as expected!
However the option seem to imply that any root request on boot will be granted!? Regardless of user choice????
To make it short, check the option "enable supersu during boot" and root apps will receive root on boot as they used to!
Click to expand...
Click to collapse
You should turn this into a proper bug report in the proper thead (either the beta or its own new thread) with all the useful information you think may be relevant. There is no email support, all support is here.
The option itself is for apps that run before Android is fully up and running, or su from adb shell during a bootloop, etc. I thould not influence apps running su from bootcomplete receivers, and if it does, then that needs to be investigated.
Is there currently any way to enable this feature via ADB on a boot looped phone? I really wish I would have known about this! I wouldn't be stuck where I'm at if I had only checked this option. Device is stuck at LG logo, no download or recovery, but has access to ADB. SU was installed, but I don't have root via ADB since the phone isn't finished booting...thus I'm not able to copy over the proper system.img or change the recovery/laf. Dang!
I have the problem too, when I install Fake Wifi, the automatic SuperSU granted is not working. Please help some advance. Thank's.
Hey guys why root required apps request for root access after installing super su
I have the same problem, have to add a task in tasker, auto open supersu and root granted apps once after boot,

Flashed Chainfire's modified boot.img, still no root? (solved: can't edit build.prop)

I searched, but didn't want to hijack a thread...
I just flashed marshmallow from the factory images (full wipe) with TWRP and chainfire's boot.img (http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344). Then I downloaded Chainfire's SuperSU 2.52 beta, and flashed it via TWRP. SuperSU is now installed but it doesn't look like root is working, even though SuperSU "grants" apps root access.
What did I do wrong?
Thanks
Edit: Check posts 6/7 for setting SElinux to permissive to be able to edit build.prop
EvanVanVan said:
I searched, but didn't want to hijack a thread...
I just flashed marshmallow from the factory images (full wipe) with TWRP and chainfire's boot.img (http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344). Then I downloaded Chainfire's SuperSU 2.52 beta, and flashed it via TWRP. SuperSU is now installed but it doesn't look like root is working, even though SuperSU "grants" apps root access.
What did I do wrong?
Thanks
Click to expand...
Click to collapse
Can you define "not working?" I had to free up some space in /system before I could properly install Busybox in order for root apps to function properly.
Yeah, that's probably my exact problem. How can I free up space in system without having root? I tried to uninstall a half dozen Google apps from the play store (at least uninstall them back to their "base version"), but it only freed up like .17mb (Root Explorer said I had 16.17MB free in System instead of the 16MB it said originally).
Edit: Ok, I bought I was able to delete a couple Google Systems apps (Sheets/Slides/PingmeKeyboardwhatever) and have 200MB free in the System partition. I installed BusyBox successfully. I still can't get Root Explorer to open up the build.prop in a text editor.
EvanVanVan said:
Yeah, that's probably my exact problem. How can I free up space in system without having root? I tried to uninstall a half dozen Google apps from the play store (at least uninstall them back to their "base version"), but it only freed up like .17mb (Root Explorer said I had 16.17MB free in System instead of the 16MB it said originally).
Click to expand...
Click to collapse
to get root on marshmallow, you need to flash a custom kernel(or modified stock) and supersu 2.5 or 2.51. the custom kernel part is very important.
simms22 said:
to get root on marshmallow, you need to flash a custom kernel(or modified stock) and supersu 2.5 or 2.51. the custom kernel part is very important.
Click to expand...
Click to collapse
I was thinking that's what chainfire's boot.img (http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344) was?
BetterBatteryStats seems to be installed as a System app properly now, and I could delete file in System/apps with Root Explorer. But I still can't edit my build.prop...
Edit: yeah, root checker says I have full root access. Now just to figure out how to edit the stupid build.prop.
When trying to open the build.prop in the text editor via Root Explorer:
"Root Explorer was unable to read this file. Please check that your device is rooted correctly and that access has been granted at the Superuser prompt."
EvanVanVan said:
I was thinking that's what chainfire's boot.img (http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344) was?
BetterBatteryStats seems to be installed as a System app properly now, and I could delete file in System/apps with Root Explorer. But I still can't edit my build.prop...
Edit: yeah, root checker says I have full root access. Now just to figure out how to edit the stupid build.prop.
Click to expand...
Click to collapse
lol, i had the same issue. pissed me off, couldnt change my build.prop. so i kept on setting up, and rebooted a few times. then, it just starting working properly. and edited my build.prop
it could because i used an app to change SElinux to be permissive.
simms22 said:
lol, i had the same issue. pissed me off, couldnt change my build.prop. so i kept on setting up, and rebooted a few times. then, it just starting working properly. and edited my build.prop
it could because i used an app to change SElinux to be permissive.
Click to expand...
Click to collapse
Aha, thank you. Setting SElinux to permissive allowed me to edit the build.prop.
For future reference, I was able to temporarily set SElinux to permissive from the instructions in this thread (http://forum.xda-developers.com/xposed/how-to-set-selinux-to-permissive-boot-t3034245).
Basically:
Code:
adb shell
su
setenforce 0
Then I was able to edit my build.prop (for my lcd density), and after restarting SElinux reverts back to enforced.
EvanVanVan said:
Aha, thank you. Setting SElinux to permissive allowed me to edit the build.prop.
For future reference, I was able to temporarily set SElinux to permissive from the instructions in this thread (http://forum.xda-developers.com/xposed/how-to-set-selinux-to-permissive-boot-t3034245).
Basically:
Code:
adb shell
su
setenforce 0
Then I was able to edit my build.prop (for my lcd density), and after restarting SElinux reverts back to enforced.
Click to expand...
Click to collapse
ive been using an app for viper4android, it also needs SElinux to be permissive. all i do is press a button to make it permissive or enforcing. it can be done in a terminal emulator app as well.

Multiuser - Howto?

Hello Magisk Users,
since v13.1 supports Multiuser. Is there a certain way i need to install it, to get Magisk SU working for the second user?
I flashed the Zip, which also lets the second User use the Magisk Manager, without installing it. But the settings on the owner user for su have not effect.
If i switch to seperate su settings for every user or device user managed, i have no option to configure the su settings and with the second options, they also dont apply.
Logfiles show that the surequests get rejected. Did i miss something? Do i need to install Magisk Manager on the second user too?
Anybody made simular experience?
You're not the only one: https://github.com/topjohnwu/Magisk/issues/247
There seems to be issues with the multiuser implementation in MagiskSU.

Categories

Resources