Develop Bugs

[Q] Unroot EVO and still keep a custom rom?

Is this possible? I know most unroot the phone to take it in for service/exchange etc but my situation is different. I have to use Good for Enterprise to access my company's email and as you may know, Good does not allow rooted phones. So, I have no choice but to unroot my Evo.
The image that is used in unrooting is a stock ROM. What I want to do is setup my phone - the way I want it with Mikfroyo - with all the tweaks etc and then "just do the unrooting part". If that makes any sense - I don't need any superuser permissions etc.
Long story short - can a phone be unrooted with a custom ROM instead of a stock ROM?

im pretty sure this is impossible dude, sorry, just leave it all rooted, whats the problem

I know you can't unroot and keep a custom ROM but I wonder if there is a way to hide the fact that you're rooted from the app. What kind of message pops up when you install it?
Sent from my PC36100 using XDA App

It just says that Good cannot run on a rooted phone and just locks the app - I have to call IT to get an unlock code using the device ID that is displayed in Good's pop-up message.

It has to be checking for something specific and I bet there is a way to fudge it but unfortunately that's outside my realm of understanding. I would ask one of the devs here about it.

What permissions does the App request when you install? It could just check for SuperUser

SSjon said:
What permissions does the App request when you install? If could just check for SuperUser
Click to expand...
Click to collapse
I which case you could either delete superuser or use it to block the app... perhaps?

I am sure its more complicated than that - if they are touting themselves as a replacement for blackberry security for iPhones and Android - I seriously doubt a simple fudging of the superuser permissions will deceive it. Also, I'd like to comply with my company's requirements for using an Android phone so I don't get into trouble.
So from what I understand - you cannot have a custom ROM on an unrooted phone. Thanks so much guys - I'll just have to learn to live with the bloated stockware and manual restores arghh......

It's not possible.... to unroot, you'd have to RUU, which returns the phone back to stock. And then, you'd have no way of flashing a custom rom unless you rooted again

ok this is one thing that I am starting to not understand here...
so many people when they answer - say "yes" it can be done or "no" it can not be done...
...ummm where is the why? It would be very informative to know such things or if someone has even tried said thing before.
like why can't you just run a ROM or other flash file from renaming the file and letting the stock loader do the flashing? ......answer: because the stock loader does a file signature check - see? that makes sense and answers the why. it also helps users to retain the information as well as understand it.
I would love to know why the OP can't just run the unrevoked s-on tool from here http://unrevoked.com/rootwiki/doku.php/public/forever#custom_splash (in the FAQ section) without removing his custom ROM and just make sure he doesn't use any apps that need the su access. sounds like it should work? has someone done this and found that it does not work? flashing back to s-on should just prevent flashing to any other ROM's I would think from everything I have read in this forum.
or once s-on is back does it also check the current ROM on the phone and would cause some issues? would be great information to know. because if the security only checks file signatures of flies to be flashed and not the current ROM it seems like the OP could do what he is wanting to.
well, just thought I would ask to see if I could gain some more understanding as to the mechanics of everything

It would be good to know if this works with Good for Enterprise. I am stuck on an SGS 2.1 with Telstra and want a non stock ROM but really need to use Good.

ushkand said:
Is this possible? I know most unroot the phone to take it in for service/exchange etc but my situation is different. I have to use Good for Enterprise to access my company's email and as you may know, Good does not allow rooted phones. So, I have no choice but to unroot my Evo.
Click to expand...
Click to collapse
I did not know that, and that SUCKS. My company's piloting Good now, and I was really looking forward to it. This just infuriates me. Mobile device makers are getting away with things that desktop/laptop makers never dreamed of trying. We shouldn't even NEED to "root" a phone. Imagine if you needed to hack your Windows machine in order to get the admin password and be able to install whatever you want. Now yes, I get that companies often do add those restrictions on their devices, and that they need to protect their data. Allowing access to company data on a personal device might make it a little more of a gray area, but it still blows. Good should be able to develop a system that can be secure, even if you have root access.
Here's a thread I just found. It sounds like you can just delete su and the superuser.apk. I think you can keep the custom rom, but you probably wouldn't be able to run anything that needs root, like Wireless Tether, Titanium Backup, or whatever. But you could probably have a flashable zip to re-add them when you need them. Or maybe one of the temp root methods would work. But it makes me furious that this is needed.
http://androidforums.com/droid-x-all-things-root/207397-good-enterprise.html

bkrodgers said:
I did not know that, and that SUCKS. My company's piloting Good now, and I was really looking forward to it. This just infuriates me. Mobile device makers are getting away with things that desktop/laptop makers never dreamed of trying. We shouldn't even NEED to "root" a phone. Imagine if you needed to hack your Windows machine in order to get the admin password and be able to install whatever you want. Now yes, I get that companies often do add those restrictions on their devices, and that they need to protect their data. Allowing access to company data on a personal device might make it a little more of a gray area, but it still blows. Good should be able to develop a system that can be secure, even if you have root access.
Here's a thread I just found. It sounds like you can just delete su and the superuser.apk. I think you can keep the custom rom, but you probably wouldn't be able to run anything that needs root, like Wireless Tether, Titanium Backup, or whatever. But you could probably have a flashable zip to re-add them when you need them. Or maybe one of the temp root methods would work. But it makes me furious that this is needed.
http://androidforums.com/droid-x-all-things-root/207397-good-enterprise.html
Click to expand...
Click to collapse
My thoughts exactly

Update- I was able to get Good running finally on a custom rom - However, I had to forgo my superuser capabilities. I just renamed both the Su and Superuser.apk and then was able to run Good without any issues. I can easily restore Superuser access by adb when I need to. The good thing is that with the recovery being there, I can still flash updates without needing superuser access.
Thank you all for your help.

ushkand said:
Update- I was able to get Good running finally on a custom rom - However, I had to forgo my superuser capabilities. I just renamed both the Su and Superuser.apk and then was able to run Good without any issues. I can easily restore Superuser access by adb when I need to. The good thing is that with the recovery being there, I can still flash updates without needing superuser access.
Thank you all for your help.
Click to expand...
Click to collapse
Thanks for the information. What is the ROM that you are using?

bkrodgers said:
Or maybe one of the temp root methods would work.
Click to expand...
Click to collapse
are there still temp root methods that work on the EVO?

I am using Mikfroyo 4.5.

Just came across this thread and was seeing if your GFE was still working? I have a DX and put a custom ROM and could not get it to work. I'm waiting for my new PIN and have removed SU to see if it works.

ushkand said:
Update- I was able to get Good running finally on a custom rom - However, I had to forgo my superuser capabilities. I just renamed both the Su and Superuser.apk and then was able to run Good without any issues. I can easily restore Superuser access by adb when I need to. The good thing is that with the recovery being there, I can still flash updates without needing superuser access.
Thank you all for your help.
Click to expand...
Click to collapse
I rooted my HTC Salsa to install apps2sd which is great, but what commands do i have to run and where to be able to rename su.apk ?
Thanks,
Mike

[Q] Rooting works as in Linux/Os X by entering password or it is permanent?

Maybe this can be a banal question, but i'm a noob in android.
So i would to root my device (Samsung I9001), and i would to know if it works as for linux: i need to put a password somewhere when i need root privileges, or this is a permanent feature (or is complex to remove)?
I'm concerned about some programs that can harm my device with a permanent root feature.
Thanks

mandelbort said:
Maybe this can be a banal question, but i'm a noob in android.
So i would to root my device (Samsung I9001), and i would to know if it works as for linux: i need to put a password somewhere when i need root privileges, or this is a permanent feature (or is complex to remove)?
I'm concerned about some programs that can harm my device with a permanent root feature.
Thanks
Click to expand...
Click to collapse
Superuser app acts as an intermediary when asking/granting root privileges, similar when performing a sudo and being asked for the password. The app will then have permanent root privis until you revoke them in superuser application.

russ18uk said:
Superuser app acts as an intermediary when asking/granting root privileges, similar when performing a sudo and being asked for the password. The app will then have permanent root privis until you revoke them in superuser application.
Click to expand...
Click to collapse
So, is there an app which act a superuser grant/revoke?
Can you provide some screenshot?
Thanks

mandelbort said:
So, is there an app which act a superuser grant/revoke?
Can you provide some screenshot?
Thanks
Click to expand...
Click to collapse
Yes, when you root, normally Busybox and Superuser applications are installed. When you first open an app like Titanium Backup, Superuser will pop up and ask you whether to allow or deny root privileges. When you then open Superuser you will see a screen like the attached.

russ18uk said:
Yes, when you root, normally Busybox and Superuser applications are installed. When you first open an app like Titanium Backup, Superuser will pop up and ask you whether to allow or deny root privileges. When you then open Superuser you will see a screen like the attached.
Click to expand...
Click to collapse
Perfect, this is very good because you can selectively add superuser privileges.

Anybody using Good for Enterprise on Rooted Gnex?

I've read a couple of threads about this, but nothing recent.
I'll be changing employers to one that uses Good for Enterprise for exchange email/calendar. I understand that the administrator may set Good up such that it will not work on a rooted device. Has anybody found a workaround for this yet?
Also, I was under the impression that Touchdown, for instance, would work with any MS Exchange server. Is it possible for the administrator to set up the Exchange server so that it will NOT work with Touchdown and that it will ONLY work with Good? Or should it always be possible to use Touchdown so long as I can get the server information?
Any advice appreciated.

There is not a work around for it if the administrator checks for rooted devices. Personally, I wouldn't even mess around with it. They are trying to protect the company email, and you could end up with a career altering event - if you know what I mean.
Also, if the company doesn't provide access to activesync or allow external access, then there will be no way to sync directly with exchange.

You could use TWRP since it more easily allows you to switch roms. You could use one for work and one for play and stay away from rooting the work rom. You should use a stick ROM. However you could use a custom rom so long as it doesn't include su or superuser.apk.
You could use a modified version of su and superuser.apk but it defeats the purpose because then all apps that require su and superuser will break. You would have to be a dev to modify your app to work with the modified su.
I feel that in the future someone will create a emulator or virtual machine that can sandbox an app. You could then sandbox gfe and it would never know the phone was rooted.

bunklung said:
You could use TWRP since it more easily allows you to switch roms. You could use one for work and one for play and stay away from rooting the work rom. You should use a stick ROM. However you could use a custom rom so long as it doesn't include su or superuser.apk.
You could use a modified version of su and superuser.apk but it defeats the purpose because then all apps that require su and superuser will break. You would have to be a dev to modify your app to work with the modified su.
I feel that in the future someone will create a emulator or virtual machine that can sandbox an app. You could then sandbox gfe and it would never know the phone was rooted.
Click to expand...
Click to collapse
Thanks for the suggestions. My current plan is to unroot by deleting su, superuser, and busy box, and hope it doesn't break my Rom. And I just won't have any apps that require root. I think I can live with that.
-Sent from my GSM Galaxy Nexus (RAScream+Trinity).-

chrikenn said:
Thanks for the suggestions. My current plan is to unfold by deleting su, superuser, and busy box, and hope it doesn't break my Rom. And I just don't have any apps that require root. I think I can live with that.
-Sent from my GSM Galaxy Nexus (RAScream+Trinity).-
Click to expand...
Click to collapse
If your kernel is insecure then even if you delete su and superuser.apk you might still have a rooted phone as far as gfe is concerned. I am not expert on that.

bunklung said:
If your kernel is insecure then even if you delete su and superuser.apk you might still have a rooted phone as far as gfe is concerned. I am not expert on that.
Click to expand...
Click to collapse
Hmm guess I'll try to find out if trinity kernel is insecure then.
-Sent from my GSM Galaxy Nexus (RAScream+Trinity).-

chrikenn said:
Hmm guess I'll try to find out if trinity kernel is insecure then.
-Sent from my GSM Galaxy Nexus (RAScream+Trinity).-
Click to expand...
Click to collapse
Were you able to work something out? I am a sprint gnex user running gfe and no jelly bean is killing me. Really want to drop a custom on it but can't screwbsround with something that isn't 100%

robber said:
Were you able to work something out? I am a sprint gnex user running gfe and no jelly bean is killing me. Really want to drop a custom on it but can't screwbsround with something that isn't 100%
Click to expand...
Click to collapse
Unfortunately I decided to go unrooted. Makes the whole gfe thing simpler, and honestly a stock unrooted nexus is still pretty good experience.
Sent from my Nexus 7 using xda app-developers app

robber said:
Were you able to work something out? I am a sprint gnex user running gfe and no jelly bean is killing me. Really want to drop a custom on it but can't screwbsround with something that isn't 100%
Click to expand...
Click to collapse
You can run JB, just unroot the ROM if you are nervous before you re-install and activate GFE.
I can recommend Vicious 4.1.1. You can user supersu to unroot the phone, it's in the settings menu. Then use terminal emulator and verify "su" is not found when you try to run the command. The ROM will NOT re-root automatically on reboot thankfully.
GFE runs faster on JB and the graphics glitch I had on the inbox/sent header icon is gone. It's no longer overshaded.
ROM:
http://forum.xda-developers.com/showthread.php?t=1738018
Good luck.

[Q] Custom ROM with un-root ability

Hey everyone,
Just got a GN a few weeks ago, and I am dying to try a custom ROM, but I got dinged by my work with my infuse because they have a no-root policy strickly enforced when accessing our corporate email.
I was not able to use an un-root app like root keeper, apparently because the ZEUS rom I was using had an autoroot on startup.
I am hoping the nexus has better options for using the un-root app, to (temporarily) unroot my phone when accessing my mail.
I have been reading that it is better to manually root the handset, rather than use a toolkit, which I am OK with; but I really would be interested in hearing from someone that has successfully used an unroot app to remove root.
- Thanks!

KevinAlbrecht said:
Hey everyone,
Just got a GN a few weeks ago, and I am dying to try a custom ROM, but I got dinged by my work with my infuse because they have a no-root policy strickly enforced when accessing our corporate email.
I was not able to use an un-root app like root keeper, apparently because the ZEUS rom I was using had an autoroot on startup.
I am hoping the nexus has better options for using the un-root app, to (temporarily) unroot my phone when accessing my mail.
I have been reading that it is better to manually root the handset, rather than use a toolkit, which I am OK with; but I really would be interested in hearing from someone that has successfully used an unroot app to remove root.
- Thanks!
Click to expand...
Click to collapse
C m9 has this option I believe
Sent from my Galaxy Nexus

How can they tell if you are rooted just through email use?

CM9 lets you restrict root access to ADB only. Might want to check that out

imnuts said:
How can they tell if you are rooted just through email use?
Click to expand...
Click to collapse
We access our corporate mail through the GOOD for enterprise application, and and that scans for root on load.
Sent from my Galaxy Nexus using xda premium

If the app scans for just the root binary or Superuser app, then I don't see a way to prevent it from detecting root without actually being unrooted. It likely looks in all $PATH dirs for su, and then in /system/app or /data/app for the application to grant permissions. Any ROM can be unrooted, just remove the su binary (and any symlinks) and the Superuser app before flashing.

Damn, they take the fun out of the whole Nexus experience.
Sent from my Galaxy Nexus using Tapatalk 2

imnuts said:
If the app scans for just the root binary or Superuser app, then I don't see a way to prevent it from detecting root without actually being unrooted. It likely looks in all $PATH dirs for su, and then in /system/app or /data/app for the application to grant permissions. Any ROM can be unrooted, just remove the su binary (and any symlinks) and the Superuser app before flashing.
Click to expand...
Click to collapse
Yeah, thanks. I guess what I am asking is if any of the unroot apps work with the custom ROMs the Nexus has. The ZEUS rom I was using with the infuse had something related to voodoo that kept ROOT, and the unroot apps did not have an affect.
I have only flashed two android ROMs with my infuse, but am an application developer by trade, so I am not skeered by the command prompt. I know there are a few CM9 based ROMs out there. I was looking at the PARANOID rom just cause that seemed interesting with the tablet hybrid. I just would like to know before I go through the whole flashing proc. that I can unroot before I connect to my work email (about once a week).
- Thanks for the replys so far. - Kevin

Just wondering...what is so dangerous about having root when accessing email?

fredryk said:
Just wondering...what is so dangerous about having root when accessing email?
Click to expand...
Click to collapse
Depending on the apps, root permission allows an app to gain full control of your device, so if one is not careful, he may let a rouge app into the phone. From a security standpoint, the rouge app may steal data from the email, which no company wants.
Think root as your computer's "Run as Administrator", same reason companies/schools limit user permission using User Policy(or whatever it's called)

Could just make a script to delete su and superuser and busybox, and make a flashable zip to put them back again.
Would require a couple of reboots every time but would still be quick to do once you had the zips set up
Sent from my Cyanogenmodded GNex

dr.m0x said:
Could just make a script to delete su and superuser and busybox, and make a flashable zip to put them back again.
Would require a couple of reboots every time but would still be quick to do once you had the zips set up
Sent from my Cyanogenmodded GNex
Click to expand...
Click to collapse
That's why I asked if anyone had success with the RootKeeper app. Although I would be interested in building an android script, my experience is soley with vb/C# web & desktop applications.
https://play.google.com/store/apps/details?id=org.projectvoodoo.otarootkeeper&hl=en

Use SuperSU. What I did was temporarily block root, installed whatever MDM app was needed, set up the stock Exchange information, and allowed root again.
Let me know if this works for you.
Sent from my Galaxy Nexus using Tapatalk 2

Thanks shanky,
I will look into super su. The GOOD application checks on every launch, and so I will need to run it whenever I need to check work email, and but that is only once or twice a week from my phone.
Sent from my Galaxy Nexus using xda premium

KevinAlbrecht said:
Thanks shanky,
I will look into super su. The GOOD application checks on every launch, and so I will need to run it whenever I need to check work email, and but that is only once or twice a week from my phone.
Sent from my Galaxy Nexus using xda premium
Click to expand...
Click to collapse
Hi Kevin,
did you have success with that? Or any other suggestion?
I have the same problem, my IT wants to wipe GFE container if my device keeps rooted.
Thanks..

Hi RTHppc,
Sorry for the very late reply. I can confirm this does work with GFE. The unroot effectively does not cause a compliance violation.
Overall it was a hassle to verify, even though our infrastructure team was completely on board. GOOD was balking when I attempted to register a second device (even temporarily) with the same sim card. It would only throw an ambiguous error 'unknown error'.
I could go on, but that is the subject for a rant thread.
Sent from my SGH-I997 using xda app-developers app

LG new root idea

Today I've realized something interesting. LG's built in backup and recovery does a lot more than just copying your pictures over, it can actually copy over account APIs (like Snapchat for example) which allowed me to have 2 instances running at once. Could this be a new route for root? Help me reach out to the developers and at least have an attempt at this. I think there's a good chance it will work, but I'm not anywhere near the level of expertise as some. It's worth a shot! Feel free to shoot me an email! :good:
[email protected]

Markb001 said:
Today I've realized something interesting. LG's built in backup and recovery does a lot more than just copying your pictures over, it can actually copy over account APIs (like Snapchat for example) which allowed me to have 2 instances running at once. Could this be a new route for root? Help me reach out to the developers and at least have an attempt at this. I think there's a good chance it will work, but I'm not anywhere near the level of expertise as some. It's worth a shot! Feel free to shoot me an email! :good:
[email protected]
Click to expand...
Click to collapse
I don't understand, how does having 2 instances of snapchat running at once give you root access?

MDW 100 said:
I don't understand, how does having 2 instances of snapchat running at once give you root access?
Click to expand...
Click to collapse
The API for Snapchat requires access to the /data section of the root folder. This means it can access parts of the phone nobody has figured out on the newer LG's yet. Theoretically, a possible root can be made by injecting into a backup you've made of your phone, and all you'd need to do is restore from that backup, correct?

Markb001 said:
The API for Snapchat requires access to the /data section of the root folder. This means it can access parts of the phone nobody has figured out on the newer LG's yet. Theoretically, a possible root can be made by injecting into a backup you've made of your phone, and all you'd need to do is restore from that backup, correct?
Click to expand...
Click to collapse
What?
There are tons of apps that allow duplicate any app data in Android. And evey app can access data, is where the data is stored... And for root you need system r/w access, not data...

MDW 100 said:
I don't understand, how does having 2 instances of snapchat running at once give you root access?
Click to expand...
Click to collapse
DJPRMF said:
What?
There are tons of apps that allow duplicate any app data in Android. And evey app can access data, is where the data is stored... And for root you need system r/w access, not data...
Click to expand...
Click to collapse
But keep in mind, to get the API, you need root access. This was a feature expressed in the "Casper" app. This was a third-party app that you could save pictures, etc. with.

What API are you talking about?

Don't forget that this phone runs LG's custom version of android, allowing certain features that other phones would require root access for, like duplicating app data and double tapping the status bar to lock with fingerprint enabled. Just having one of these features implemented by LG doesn't mean you have root access.