Hi everyone,
I have a Sony Z3 compact I just received, model D5803 running Android 6.0.1 with Firmware 23.5.A.0.575.
I really dislike Google and want to run a phone with the minimum of proprietary software (I guess blobs to communicate with the hardware are mandatory). I guess AOSP (any version, but a recent one would be better ) with F-Droid is a good solution.
Unfortunately when checking the sony website but it tells my the bootloader is not unlockable. What should I do? I'm running Ubuntu and have adb and fastboot installed.
I found [this topic](https://forum.xda-developers.com/z3-compact/general/recovery-root-mm-575-lb-t3418714) which tells it roots the phone (and has a GNU/Linux script) but how does that help me to install a Rom, for example the AOSP provided by Sony at /open-devices/list-of-devices-and-resources/ if the bootloader is still locked? What are TWRP and busybox, is that supposed to help?
Flaburgan said:
I found [this topic](https://forum.xda-developers.com/z3-compact/general/recovery-root-mm-575-lb-t3418714) which tells it roots the phone (and has a GNU/Linux script) but how does that help me to install a Rom, for example the AOSP provided by Sony at /open-devices/list-of-devices-and-resources/ if the bootloader is still locked? What are TWRP and busybox, is that supposed to help?
Click to expand...
Click to collapse
TWRP is a custom recovery that allows you to flash a ROM and other files, that are stored on the normal internal or external storage.
Busybox is a binary that gives you command line tools that are often included in a Linux install and some of which aren't included on normal Android. These are commands that other things may make use of, or that you can make use of at a terminal app or run from Tasker or similar app.
You want to look at backing up your TA partition, which stores your DRM keys, before unlocking the bootloader to install a custom ROM because some functionality, camera quality and anti-distortion, sound quality, and some other stuff which I don't remember, won't work if you go back to the stock ROM unless you have these keys backed up and then restored later. You need to unlock the bootloader in order to flash a custom ROM and doing this erases, permanently, these DRM keys, so they need to be backed up and then put back later if you relock the bootloader and flash a stock ROM.
If you look in the Original Development section, Jaguar Aries ROM has no Google Apps, had the latest patches up to Febuary, and had the best battery life of any custom ROM I've seen for this phone, right on par with stock. There are some builds of Lineage OS that are probably closer to being up to date as well and may have a better camera than Jaguar. The developer of Jaguar has moved on to another phone. That said, if you aren't experienced and don't know what TWRP is, then installing it is an extra step from other ROMs as well since it requires you to setup a firewall app to permit connections on data or wifi before you can use the wifi or data at all. I doubt Lineage OS has this, but presume that battery life would not be good.
Also, if you install microg apps, you can still use things such as cell and wifi based location, google push services, and ... I don't remember what else, however it hasn't been updated recently and many apps will complain and refuse to run saying that you need to update google play services, especially annoying for anything that uses push especially. Microg essentially sits in the place of where some functionality of Google Apps would and fills in some blanks.
When you don't have Google Apps installed, many paid apps will refuse to run as well, specifically the ones you paid for, because they can't verify the purchase with Google servers. There should be a **** list for any developers that don't cooperate when this is a problem for a user. I've only had one app developer help me on this, ever.
Thanks for your detailed answer!
You need to unlock the bootloader in order to flash a custom ROM and doing this erases, permanently, these DRM keys, so they need to be backed up and then put back later if you relock the bootloader and flash a stock ROM.
Click to expand...
Click to collapse
Does that mean that I can't use the DRM keys with another ROM? So I will never have the full quality of my hardware? Would using the AOSP rom provided by Sony solve that problem?
On which version of Android Jaguar Aries ROM is based? I searched for a lineageOS image but didn't find any for the Z3 Compact.
I had another z3c which died and was running Firefox OS, I'm fine with not having access to the Google Play store, I plan to install F-Droid and use only FOSS apps. In fact I would even prefer to go back to Firefox OS even if it is not maintained anymore, its UX is so much better than Android... That said, thanks for telling me about Microg, I didn't know it and that's true that many apps use Play services especially for push. Even Signal had that as a dependency (fortunately not anymore). Still, I would avoid any data coming out from my phone to by sent to Google servers, so I will probably avoid it.
Flaburgan said:
Thanks for your detailed answer!
Does that mean that I can't use the DRM keys with another ROM? So I will never have the full quality of my hardware? Would using the AOSP rom provided by Sony solve that problem?
On which version of Android Jaguar Aries ROM is based? I searched for a lineageOS image but didn't find any for the Z3 Compact.
I had another z3c which died and was running Firefox OS, I'm fine with not having access to the Google Play store, I plan to install F-Droid and use only FOSS apps. In fact I would even prefer to go back to Firefox OS even if it is not maintained anymore, its UX is so much better than Android... That said, thanks for telling me about Microg, I didn't know it and that's true that many apps use Play services especially for push. Even Signal had that as a dependency (fortunately not anymore). Still, I would avoid any data coming out from my phone to by sent to Google servers, so I will probably avoid it.
Click to expand...
Click to collapse
When you unlock the bootloader the DRM keys get erased permanently, so you'd need to root the phone and back up the partition where they are held before unlocking it. As far as I know, every custom ROM needs to have the bootloader unlocked. If there is an alternative way to install a ROM on a locked bootloader then it would be one of those scenarios where its installed while keeping the stock one, and I don't know if this has been done on the Z3c or not.
I also don't know if Sony's AOSP requires unlocking the bootloader or not.
Jaguar is based on 5.1.1
Its a mix of AOSP, Lineage, and was getting monthly backports of the latest security patches until Febuary when the developer no longer had a Z series phone for his own use. The only criticism it met was that the developer never released the source code for the entire ROM, just the kernel. He never replied to why that was. A lot of the custom ROMs out there are like this, so its still a case of who you choose to trust when it comes to this a lot of times. I liked it because the battery life was really good and assuming the security was what was advertised then that was also a real plus.
Many apps, by the way, were working fine with microg push but then with updates to apps, they complained about needing to update google services framework, which obviously was spoofed and microg hasn't been updated, and it happened to a lot of apps in a short period of time, so I assume there was a change enforced by Google for their requirements in the Play Store. If you just want it for location, for example if you use Osmand maps, then you don't have to enable the feature for push notifications nor have a google account associated with the phone, and it all works as user installed apps, so it can be undone without any real fear of the system getting modified after you try it out. There's a microg repo that can be added to fdroid. The location is based on either databases you download to the phone, which aren't very good, or also you can opt for cell location from Mozilla servers, and if you have to have wifi based location as well then you can hook into the Apple servers but the latter doesn't sound like something you want, if you want to do any of it at all that is.
I think most likely that GPS location would work without any need for microg.
The post you linked to with the Linux script installs TWRP to the /data partition, then you root it, then you back up the DRM keys after its rooted, then unlock the bootloader, install normal TWRP, and go from there. In Linux you'lle want to use the dd command to back up the DRM keys as all that's available on the forum is a Windows script (I think). There is info on it somewhere but it would be hard to find it. If you search my posts the thread will come up somewhere in the history. Anyway, the reason I broght this up is because the script in the thread for installing TWRP and rooting didn't work properly. I don't remember why, but I had to go through it line by line and enter the commands in from a termnial to get it right, I think there was some bad syntax. If you can't figure it out, quote one of my posts and ask, that way I get a notification that I was replied to, I think I have a fixed version of it on my drive somewhere if it causes a problem.
For the DRM keys you want to backup the TA partition bit for bit to a file. I backed up my Fota partition as well as I was unclear what role it plays. You also want to keep a copy of that particular Sony ROM file, and the two kernels involved, to flash with Flashtool in case you relock and restore so you can get root access to restore the partition while the bootloader is locked again.
May I ask why are you going FOSS only? if that's because privacy concerns, then FF OS is not the best solution... Because any Cloud-based OS is a little bit creepy, doesn't matter if it's ChromeOS from Google, or FirefoxOS from Mozilla.
There are plenty of Linux distros dedicated to run on Android phones, but it's not the best UX.
And yes, you can enjoy clean AOSP install (LOS is fine) without flashing G-Apps. But you won't have Google play at all! F-Droid is fine but you won't find there Gmail alternatives, you can't find Gmail even on Amazon AppStore... Sadly if you install Gmail then you'll find out that it installed bunch of google apps and hidden services behind the scenes... So only option is to use Gmail web app.
But then again, F-Droid is fine, there are many FOSS alternatives to youtube and other apps.
And if privacy (and security) is your concern, use LOS privacy guard / Android's builtin Permission Manager, and on Rooted ROMs you can use AFwall firewall which is the best.
Good luck
GadgetAvi said:
Because any Cloud-based OS is a little bit creepy, doesn't matter if it's ChromeOS from Google, or FirefoxOS from Mozilla.
Click to expand...
Click to collapse
Firefox OS is not a Cloud-based OS at all. It runs perfectly without internet connection.
GadgetAvi said:
F-Droid is fine but you won't find there Gmail alternatives, you can't find Gmail even on Amazon AppStore...
Click to expand...
Click to collapse
Be sure that if I don't want Google on my phone, my e-mails are already **not** on GMail...
Ok, if so, then you'll be fine with any AOSP clean rom. LOS is great, and F-Droid as well. Cheers!
PantsDownJedi said:
The post you linked to with the Linux script installs TWRP to the /data partition, then you root it, then you back up the DRM keys after its rooted, then unlock the bootloader, install normal TWRP, and go from there. In Linux you'lle want to use the dd command to back up the DRM keys as all that's available on the forum is a Windows script (I think).
Click to expand...
Click to collapse
I ran the commands and the phone is now booted on TWRP from the /data partition. I did a backup with TWRP of all proposed options (Boot, TrimArea, Recovery, System, Cache and Data). Is that "TrimArea" enough to have a backup of the DRM keys? The other topic talks about Backup-TA but looking at their github https://github.com/DevShaft/Backup-TA/releases it looks very old and unmaintained.
The current TWRP I'm running is 3.1.0-0.
Also, it looks like I'm not root (at least, su is not available). Do I have to install SuperSu by giving this zip https://download.chainfire.eu/696/supersu/ to TWRP?
Flaburgan said:
I ran the commands and the phone is now booted on TWRP from the /data partition. I did a backup with TWRP of all proposed options (Boot, TrimArea, Recovery, System, Cache and Data). Is that "TrimArea" enough to have a backup of the DRM keys? The other topic talks about Backup-TA but looking at their github https://github.com/DevShaft/Backup-TA/releases it looks very old and unmaintained.
The current TWRP I'm running is 3.1.0-0.
Click to expand...
Click to collapse
I don't know. I haven't looked at a TWRP backup to see what format it is. Back when Clockwork Mod was all that was available, it merely made a tar.gz of partitions. Ideally you want a bit for bit image of the TA partitions to make sure it was exactly what it was when you restore it. I don't know if that's necisarry, or if TWRP does this anyway, but using the dd command is still prudent.
You want to either use a terminal emulator app or run 'adb shell' at a linux terminal (much easier), run 'su' once in the phone environment, allow it at the phone supersu app popup, and then do it like this.
https://forum.xda-developers.com/showpost.php?p=61307511&postcount=6
And store a copy of the image file where it won't get lost.
Edit: Sorry, I didn't see the other post. Yes, you need to flash that supersu zip file. When you try to access root from an app or the command line, it will have a popup on the phone screen asking you if you want to allow access or not, so when you run it from a terminal, 'adb shell' to get into the phone OS, there will be a popup for allowing that often times. Then 'su' there's a popup from the supersu app you just flashed. Then 'cd' to the sdcard or external sd. Then the 'dd' command. The dd command in what I linked to is inevitbaly what all those .bat files in the Windows TA Backup thing does after it does a bit of looking around to find the TA partition for a particular phone model.
The md5sum part of what I linked to compares the partitionn itself to the image file you just wrote, you just look at it to see that there are two of them (that it didn't fail) and that they are the same.
The last part pulls the image file to the hard drive, but there are other ways to accomplish this obviously. If you have a cloud storage you can upload it there, or send it as an email attahment, put it on the external sd, etc etc.
Also, in many cases, once you unlock the bootloader to flash something else, you'lle need to install TWRP again from the command line, pushing it straight to a phone partition. You'lle need help with this if you haven't done it before.
Hya,
i have a sagit phone, with lineageos 18.1 on it, pioneer head unit capable of AA and CP. Until last weekend, it worked fine. After an error, where i had to factory default the phone and reinstall the apps again,i get the message "Phone permission needed to take calls. When it's safe, turn on the phone permission in Settings."
But all permissions are set for AA, including phone.
Any hint in how to solve this?
Thx in advance!
Did you check your Bluetooth settings if phone permission is on for your pioneer head unit Bluetooth connection?
Hi, same problem, not tried yet with bluetooth settings as suggested above. Did it work? ('m lazy to make a new attempt with LOS 18.1, I explain why below)
So if it's not working with the tip above, I give here some clues :
I recently upgraded my Sony X Compact from Android 8 to lineageos 18.1 (Android 11) with MindTheGapps installed. Everything works fine except these call permissions.
I decided, after several failures, to test LOS 17 and calls are now possible from AA.
In Android 11, AA is natively integrated. In A10, it's not, it doesn't appear in the bluetoth/NFC settings, like in Android 8. Does this make the difference? A8 and A10 seem using the same permissions process, A11 not.
About permissions, I found another thread close to my issue and could be related: https://forum.xda-developers.com/t/linageos-16-overlay-permission-denied-but-it-is-checked.3924101/ . I tried the second method (Magisk) but it gave nothing and I'm just a newbie in Android world to try the other methods.
Any suggestions ?
Update from last reply
I finally installed LOS 19.1 (Android 12) with still MindTheGapps and everything works perfectly with AA. So it doesn't seem to be an Android version issue but rather LOS 18.1 itself or MindTheGapps. Maybe by using other gapps you'll get it work (I didn't try).
Hi,
I've upgraded my 9 y.o. Galaxy Note 4 to LineageOS 18.1 recently and was very happy with it until I stumbled on the same problem.
Android Auto claimed to have phone permission in the Application settings but the permission was impossible to change (mandatory/grayed out) and the unit in my Civic 10 was showing the same error as pw44's.
Having no UI to fiddle with, I thought maybe that can be tweaked with some ADB command, and after some reading here:
How to Grant Permissions Using ADB in Android
It can be tricky to grant advanced permissions to Android apps without rooting your phone. Here's how you can use ADB to achieve it.
www.makeuseof.com
and there:
Listing permissions of Android application via adb
Using adb, how can I find out the which permissions an Android application requires? Because I want to display the permissions of multiple applications on different devices, viewing them in Google...
stackoverflow.com
I came up with a command that fixed it:
adb shell pm grant com.google.android.projection.gearhead android.permission.CALL_PHONE
Obviously, I googled that exact command and found confirmation here:
Lineage OS 18.1 Xiaomi Redmi Note 6 Pro cant phone calls in Android Auto (#5092) · Issues · LineageOS / issues / android · GitLab
Expected Behavior Realize phone calls in Android auto Current Behavior Android auto...
gitlab.com
Hi guys,
new here and went through quite a few threads on Magisk before posting.
Situation is as follows:
- got my Xiaomi Mi 11 Ultra from Aliexpress a few days ago.
- the seller unlocked the bootloader and instealled global ROM instead of the original Chineese ROM.
- the phone works fine, but Google Wallet would not allow me to add any of my credit/debit cards for contactless payments showing the usual "Your phone doesn't meet security requirements"
- NETFLIX wouldn't work.
- Quite a few of my banking apps work fine, including HSBC bank, Paypal, Revolut, IG Index and some others as well.
The obvious solution is to go ahead with Magisk Hide (or what's currently available instead as Hide module is phased out as far as I understand).
Now, I'm really new to all this (have rooted a couple of phones/tablets a few years back) and have a few questions:
1. I was going through the process of installing Magisk on my phone, folloing the instructions here: https://www.xda-developers.com/how-to-install-magisk/?newsletter_popup=1
So according to this, I'm supposed to find a boot.img file in the ROM archive as far as I understand, but my issue is that I don't have the installed ROM details or data as it wasn't me who installed the ROM in the first place.
Is there any way to find out what ROM is installed and perhaps I could download the package and get the boot.img file from there? (ramdisk parameter show YES)
2. I will be installing ADB on my computer to be able to install Magisk as per the following instructions: https://www.xda-developers.com/install-adb-windows-macos-linux/
is there anything else I'd need?
3. Lastly, there is a bunch of good tutorials on your tube on how to use the latest Magysk + shamiko module etc. If someone knows a really good one, I would appreicate if you could post it
Would really appreciate any other feedback etc for a person who is completely new to this
Thank you very much!
I'm not sure how to completely proceed as I am totally unfamiliar with Xiaomi, but I had a couple of ideas...
Kotofeus said:
- the seller unlocked the bootloader and instealled global ROM instead of the original Chineese ROM.
The obvious solution is to go ahead with Magisk Hide (or what's currently available instead as Hide module is phased out as far as I understand).
Now, I'm really new to all this (have rooted a couple of phones/tablets a few years back) and have a few questions:
1. I was going through the process of installing Magisk on my phone, folloing the instructions here: https://www.xda-developers.com/how-to-install-magisk/?newsletter_popup=1
So according to this, I'm supposed to find a boot.img file in the ROM archive as far as I understand, but my issue is that I don't have the installed ROM details or data as it wasn't me who installed the ROM in the first place.
Click to expand...
Click to collapse
I imagine you can find exactly what ROM you are using in the Settings -> "About Phone" or something similar; Probably under something like "Android version" or "Build number". You can google search (most likely by build number or something similar) and find the Factory image needed to flash/install the ROM. Once you download that specific ROM installation file (most likely a .zip file), you should be able to extract it (or go inside the zipped file and extract the specific boot.img file) to be able to patch it in Magisk.
Kotofeus said:
2. I will be installing ADB on my computer to be able to install Magisk as per the following instructions: https://www.xda-developers.com/install-adb-windows-macos-linux/
is there anything else I'd need?
Click to expand...
Click to collapse
Best place to get the adb (and you'll also need fastboot.exe so you'll also get it from) is from the Platform Tools from Google's developer's site here: https://developer.android.com/studio/releases/platform-tools
I'm unsure (but I doubt) if Xiaomi Mi 11 Ultra has 2 slots (A and B), but if it does, don't download the latest version of platform tools but version r33.0.3 because any version r34.0.0 and above has a known bug that will wreck devices with 2 slots (namely Google Pixels).
Anything else you'd need is to be sure to have USB debugging enabled and the proper Google USB drivers installed on your computer (there are Windows, Mac, and Linux drivers that can be installed).
Kotofeus said:
3. Lastly, there is a bunch of good tutorials on your tube on how to use the latest Magysk + shamiko module etc. If someone knows a really good one, I would appreicate if you could post it
Click to expand...
Click to collapse
There are a number of root hide methods that hide root from Netflix and Google Wallet. One usually starts with using Magisk and Zygisk Denylist and making sure that Wallet, Netflix, Google Play Services, Google Play Store, Google Play Protect, and Google Service Framework are all "ticked" with all their sub-selections ticked as well. Also, be aware that after implementing any/all of these, usually clearing all these Google services data and cache is required & a reboot of the device is a must, but re-entering your cards will also be required as well; as well as signing back into some Google services. Then, if all that doesn't work, there's Universal SafetyNet Fix -- or even Displax's Mod branch if the official USNF isn't enough. Then also any of the further root hiding methods; Shamiko, Magisk Delta, HideMyApp, etc..
Kotofeus said:
Would really appreciate any other feedback etc for a person who is completely new to this
Thank you very much!
Click to expand...
Click to collapse
Again, I'm coming only from Pixels and have absolutely no experience with Xiaomi and I can't be sure any of these will apply since you have a "custom" ROM (sort of) so things might not be as usual. These are just general dealings with Magisk and Android OS as I know them... But you state that you are "completely new to this", so I'm just trying to cover all the bases as much as I can, even if you would be already knowledgeable of them. If anything, these can be taken as just ideas and/or pointing to a direction that might work...
simplepinoi177 said:
I'm not sure how to completely proceed as I am totally unfamiliar with Xiaomi, but I had a couple of ideas...
I imagine you can find exactly what ROM you are using in the Settings -> "About Phone" or something similar; Probably under something like "Android version" or "Build number". You can google search (most likely by build number or something similar) and find the Factory image needed to flash/install the ROM. Once you download that specific ROM installation file (most likely a .zip file), you should be able to extract it (or go inside the zipped file and extract the specific boot.img file) to be able to patch it in Magisk.
Best place to get the adb (and you'll also need fastboot.exe so you'll also get it from) is from the Platform Tools from Google's developer's site here: https://developer.android.com/studio/releases/platform-tools
I'm unsure (but I doubt) if Xiaomi Mi 11 Ultra has 2 slots (A and B), but if it does, don't download the latest version of platform tools but version r33.0.3 because any version r34.0.0 and above has a known bug that will wreck devices with 2 slots (namely Google Pixels).
Anything else you'd need is to be sure to have USB debugging enabled and the proper Google USB drivers installed on your computer (there are Windows, Mac, and Linux drivers that can be installed).
There are a number of root hide methods that hide root from Netflix and Google Wallet. One usually starts with using Magisk and Zygisk Denylist and making sure that Wallet, Netflix, Google Play Services, Google Play Store, Google Play Protect, and Google Service Framework are all "ticked" with all their sub-selections ticked as well. Also, be aware that after implementing any/all of these, usually clearing all these Google services data and cache is required & a reboot of the device is a must, but re-entering your cards will also be required as well; as well as signing back into some Google services. Then, if all that doesn't work, there's Universal SafetyNet Fix -- or even Displax's Mod branch if the official USNF isn't enough. Then also any of the further root hiding methods; Shamiko, Magisk Delta, HideMyApp, etc..
Again, I'm coming only from Pixels and have absolutely no experience with Xiaomi and I can't be sure any of these will apply since you have a "custom" ROM (sort of) so things might not be as usual. These are just general dealings with Magisk and Android OS as I know them... But you state that you are "completely new to this", so I'm just trying to cover all the bases as much as I can, even if you would be already knowledgeable of them. If anything, these can be taken as just ideas and/or pointing to a direction that might work...
Click to expand...
Click to collapse
Thank you very much for taking time and going through all my queries, really appreicate it!
I started losing hope really as looked through a number of vide tutorials involving installing magisk via custom recovery, which would mean I needed to install a custom recovery first... so this was becoming a bit of a Russian Doll thing and a never ending quest.
Looked at "Detailed info and specs" on my phone and I have:
Baseband version
Kernel Version
I presume I can search by Kernel Version to find the ROM - will try that.
If I can't find the ROM, than the only way is to try and install custom recovery, download Magisk apk, rename it into zip, get into custom recovery mode and try to flash the zip file. Saw a few tutorials on youtube like that and it looked fairly straightforward, however not sure how easy or difficult it would be to install a custom recovery like TWRP on this phone.
I also looked through a tutorial of using Magisk with Zygisk and Denylist and again, looked pretty straightforward, but Magisk needs to be properly installed of course.
Yes, thank you - I understand that you need to clear cash and re-enter the cards once again, that would have been the least of my troubles.
Will try to search that kernel number on google once I have a moment and see if I get any luck.
Will also reasearch on how to install TWRP. If that's easier than I may go with that option instead of extracting and patching the boot.img
Kotofeus said:
Looked at "Detailed info and specs" on my phone and I have:
Baseband version
Kernel Version
I presume I can search by Kernel Version to find the ROM - will try that.
Click to expand...
Click to collapse
You can't find what MIUI version you have? That's all you basically need...
From a small bit of research, you state you are on a "global ROM" of a Xiaomi Mi 11 Ultra, which should just be a "global" version of the MIUI. You just need to find the MIUI global version and extract it (boot.ini) from the firmware update file. Once you find the version, you could search and find the firmware update file in places like here: https://xiaomirom.com/en/rom/mi-11-pro-ultra-11-ultra-star-global-fastboot-recovery-rom/ or other sites I imagine.
It's just important that you get the exact right version of the MIUI Global ROM you are currently running as patching and flashing a boot.ini of a different version could soft-brick/bootloop your device....