I've seen lots of people saying its not possible to make the shield an all in one solution for downloading, but after hours of tinkerering I've got a semi easy way of running the above services (and tons more) from the shield. This does requrie a bit of command line-fu , but I think I've got most of the hard work done. When its all said and done, we'll have a working entware-ng installation ( https://github.com/Entware-ng/Entware-ng)
--This guide is a work in progress, there are a few other items I'll add that will improve user experience, but as it stands now it should work as intended. I also haven't gotten a samba config to work yet, so if anyone can figure it out, let me know and I'll update a section on it
I've addapted this guide from a few github projects , but that likely means some commands/steps are actually useless on the shield:
https://github.com/erichlf/AndroidSeedBox
(will add other sources later)
AS ALWAYS MAKE A BACKUP OF DATA -- I AM NOT RESPONSIBLE IF YOUR DEVICE LOSES DATA (to my knowledge, there is no risk of bricking your device doing this, at worst a factory reset/reflash)
Pre-reqs:
Shield has to have ROOT
ADB set up on PC
Busybox : http://www.apkmirror.com/apk/jrummy-apps-inc/busybox-for-android/
Rom Toolbox Lite : Not on apk mirror, so side load from your favorite place
For this process, I recommend having your shield next to your computer, and share inputs with your monitor. You can do 90% of it from an ADB shell, but a few parts you will need to use a terminal on the shield itself, and keyboard is way easier than controller
Install Busybox on the shield, but use the oldest version available (I think the wget for 1.26 messes with the process)
run "ADB Shell" and run these commands on the shield (You can copy/paste multiple lines into the cmd window):
Code:
su
mount -o rw,remount /
ls /data/entware-ng >/dev/null 2>&1 || mkdir /data/entware-ng
cd .; ln -s /data/entware-ng /opt
ls /data/entware-ng/rootbin >/dev/null 2>&1 || mkdir /data/entware-ng/rootbin
cd .; ln -s /data/entware-ng/rootbin /bin
ls /data/entware-ng/rootlib >/dev/null 2>&1 || mkdir /data/entware-ng/rootlib
cd .; ln -s /data/entware-ng/rootlib /lib
ls /data/entware-ng/tmp >/dev/null 2>&1 || mkdir /data/entware-ng/tmp
cd .; ln -s /data/entware-ng/tmp /tmp
ls /data/entware-ng/home >/dev/null 2>&1 || mkdir /data/entware-ng/home
ls /data/entware-ng/home/root >/dev/null 2>&1 || mkdir /data/entware-ng/home/root
ls /data/entware-ng/home/user >/dev/null 2>&1 || mkdir /data/entware-ng/home/user
chmod 0755 /data/entware-ng/home/root
chown root.root /data/entware-ng/home/root
chmod 0755 /data/entware-ng/home/user
We've set up our staging area, and created a new home directory.
Now lets install Entware
Code:
ls /data/entware-ng/bin >/dev/null 2>&1 || mkdir /data/entware-ng/bin
ls /data/entware-ng/lib >/dev/null 2>&1 || mkdir /data/entware-ng/lib
ln -s /system/bin/sh /bin/sh
wget http://pkg.entware.net/binaries/armv7/installer/entware_install.sh -O /data/entware-ng/entware_install.sh
sh /data/entware-ng/entware_install.sh
Now lets install a new Busybox and Wget
Code:
/opt/bin/opkg install busybox
/opt/bin/opkg install wget
cd /bin; ln -s /data/entware-ng/bin/busybox sh
cd /bin; ln -s /data/entware-ng/bin/busybox echo
cd /bin; ln -s /data/entware-ng/bin/busybox rm
cd /bin; ln -s /data/entware-ng/bin/busybox rmdir
cd /bin; ln -s /data/entware-ng/bin/busybox sed
cd /bin; ln -s /data/entware-ng/bin/busybox mkdir
cd /bin; ln -s /data/entware-ng/bin/busybox head
cd /bin; ln -s /data/entware-ng/bin/busybox sort
cd /bin; ln -s /data/entware-ng/bin/busybox dirname
cd /bin; ln -s /data/entware-ng/bin/busybox ln
cd /bin; ln -s /data/entware-ng/bin/busybox mv
cd /bin; ln -s /data/entware-ng/bin/busybox cat
cd /bin; ln -s /data/entware-ng/bin/busybox chown
cd /bin; ln -s /data/entware-ng/bin/busybox chmod
cd /bin; ln -s /data/entware-ng/bin/busybox pgrep
This next step may be optional. Sets up resolv.conf (which may already exist, I'm not sure) and mtab (I don't know what this is)
Code:
echo nameserver 8.8.8.8 >/data/entware-ng/etc/resolv.conf
ls /etc >/dev/null 2>&1 || mkdir /etc
mount -o rw,remount /system
ls /etc/resolv.conf >/dev/null 2>&1 && rm /etc/resolv.conf
cd .; ln -s /data/entware-ng/etc/resolv.conf /etc/resolv.conf
cd .; ln -s /proc/mounts /etc/mtab
Create Passwd file
Code:
echo root:x:0:0:root:/opt/home/root:/bin/sh >/data/entware-ng/etc/passwd
echo shell:x:2000:2000:shell:/opt/home/user:/bin/sh >>/data/entware-ng/etc/passwd
cd .; ln -s /data/entware-ng/etc/passwd /etc/passwd
echo root:x:0:root >/data/entware-ng/etc/group
echo shell:x:2000:shell >>/data/entware-ng/etc/group
cd .; ln -s /data/entware-ng/etc/group /etc/group
echo /bin/sh > /etc/shells
echo PATH=/usr/bin:/usr/sbin:/bin:/sbin:/system/sbin:/system/bin:/system/xbin:/system/xbin/bb:/data/local/bin > /etc/profile
echo export PATH >> /etc/profile
OPTIONAL: If you want to use Open SSH with password instead of certs you can do the following step. I have done this, and haven't noticed any issues, but it may lessen the security of Root
Code:
/data/entware-ng/bin/busybox passwd root
Now let's create a script that will initialize Entware-ng after reboot
Code:
echo \#\!/system/bin/sh > /data/entware-ng/entware-init.sh
echo mount -o rw,remount rootfs / >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng /opt >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng/rootlinb /lib >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng/rootbin /bin >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng/tmp /tmp >> /data/entware-ng/entware-init.sh
echo ln -s /system/bin/sh /bin/sh >> /data/entware-ng/entware-init.sh
echo mount -o ro,remount rootfs >> /data/entware-ng/entware-init.sh
chmod 755 /data/entware-ng/entware-init.sh
Now lets create a start script that calls the initialize script we just made, but also returns a shell in the new environment
Code:
echo \#\!/system/bin/sh > /data/entware-ng/start.sh
echo ls '/opt >/dev/null 2>&1 ||' su -c /data/entware-ng/entware-init.sh >> /data/entware-ng/start.sh
echo export PATH=/opt/sbin:/opt/bin:/opt/rootbin:/opt/local/bin:/system/bin >> /data/entware-ng/start.sh
echo if busybox test $(busybox id -u) = 0; then HOME=/opt/home/root; else HOME=/opt/home/user; fi >> /data/entware-ng/start.sh
echo export HOME >> /data/entware-ng/start.sh
echo '/opt/etc/init.d/rc.unslung start' >> /data/entware-ng/start.sh
echo /bin/sh >> /data/entware-ng/start.sh
chmod 755 /data/entware-ng/start.sh
Now, lets install different services. These are optional, and there are tons more, but this will get transmission/sickbeard/ssh going
Code:
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install vim
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install samba36-server
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install transmission-web transmission-daemon-openssl
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install python
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install python-setuptools
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install python-pip
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install python-cheetah
PATH=/data/entware-ng/bin:/bin /data/entware-ng/bin/opkg install openssh-server
Copy the start.sh and sysinit to the home environment
Code:
cp /data/entware-ng/start.sh /data/entware-ng/home/root/start.sh
cp /data/entware-ng/start.sh /data/entware-ng/home/root/sysinit
chown root.root /data/entware-ng/home/root/start.sh
chmod 755 /data/entware-ng/home/root/start.sh
chown root.root /data/entware-ng/home/root/sysinit
chmod 755 /data/entware-ng/home/root/sysinit
mount -o ro,remount /
mount -o ro,remount /system
Start the new environment
Code:
sh /data/entware-ng/home/root/sysinit
SICKBEARD CONIG
Install a few pre-reqs for sickbeard
Code:
pip install transmissionrpc
pip install cherrypy
Create a file in init.d to allow sickbeard to start on reboot. Please note, you will need to change the path to where your sickbeard directory is.
I'm not going to cover setting up sickbeard, there are other guides for that. I did find that it couldn't be bound to 0.0.0.0 , or local host, it needed to be hard coded for the shields IP, so I recommend setting it up as a static IP in your router.
Code:
echo PATH=/opt/bin:/opt/sbin:$PATH > /opt/etc/init.d/S96sickbeard
echo /opt/bin/python <YOUR PATH TO>/SickBeard.py -d --port 8081 >> /opt/etc/init.d/S96sickbeard
chmod 755 /opt/etc/init.d/S96sickbeard
chmod +x /opt/etc/init.d/S96sickbeard
OPENSSH CONFIG
OPTIONAL - If you want to use SSH we need to generate keys
Code:
ssh-keygen -f /opt/etc/ssh/ssh_host_rsa_key -N '' -t rsa
ssh-keygen -f /opt/etc/ssh/ssh_host_dsa_key -N '' -t dsa
ssh-keygen -f /opt/etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa -b 521
Now you'll have to get on the shield and use a terminal emulator to edit your sshd_config file. Here's a copy of mine, but I do not promise how secure it is.
Code:
# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin:/opt/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
Protocol 2
# HostKey for protocol version 1
#HostKey /opt/etc/ssh/ssh_host_key
#HostKeys for protocol version 2
HostKey /opt/etc/ssh/ssh_host_rsa_key
HostKey /opt/etc/ssh/ssh_host_dsa_key
HostKey /opt/etc/ssh/ssh_host_ecdsa_key
#HostKey /opt/etc/ssh/ssh_host_ed25519_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin yes
StrictModes no
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /opt/etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords yes
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation no
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /opt/var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# enable DSCP QoS values (per RFC-4594)
#IPQoS AF21 AF11
# override default of no subsystems
Subsystem sftp /opt/lib/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
To edit this, on the shield (Rom Toolbox Lite has a terminal emulator) run
Code:
su
cd /opt
sh ./start.sh
cd /opt/etc/ssh
vi ./sshd_config
TRANSMISSION
You'll have to configure your transmission settings, but they're located
/opt/etc/transmission/settings.json
Persist after reboot / Start Transmission/SSH/Sickbeard on boot
On the shield, open Rom Toolbox lite, and go down to "Scripter"
Import the sysinit script located /opt/home/root/sysinit and set the script to run at boot as root
Reboot and you should be able to connect via SSH, and have
Why do we need the passwd and group file ? Won't we use android's UID/GID ?
Can this method somehow be used to create custom group where we could put android's UID ?
I don't know why that step is needed, I got it from the guide I listed, and it worked without any apparent issues, so I left it in. My guess is openssh wants it to be there, but I'm not sure
So after you run all that is there a Interface for Sickbeard etc?
ahoslc said:
So after you run all that is there a Interface for Sickbeard etc?
Click to expand...
Click to collapse
It would be running on <shield IP>:8081 which you could access from the shield, or any other device on your network. Transmission would be :9091
Thanks for this. I'm trying to get python3-pip, acd_cli, and encfs installed on my Shield TV so I can mount my Amazon Cloud Drive and decrypt files for use with Plex. I have this set up on my NAS but it is too weak to do transcoding. I did set up the NAS as a middleman and mounted shares from it on the Shield TV, and while it does work, the extra step is really slow.
edit: I managed to get acd_cli working but I cannot mount my Amazon Cloud Drive share, I get I/O errors when I try to cd into it. Wonder if there's a kernel issue.
psycho_asylum said:
Thanks for this. I'm trying to get python3-pip, acd_cli, and encfs installed on my Shield TV so I can mount my Amazon Cloud Drive and decrypt files for use with Plex. I have this set up on my NAS but it is too weak to do transcoding. I did set up the NAS as a middleman and mounted shares from it on the Shield TV, and while it does work, the extra step is really slow.
edit: I managed to get acd_cli working but I cannot mount my Amazon Cloud Drive share, I get I/O errors when I try to cd into it. Wonder if there's a kernel issue.
Click to expand...
Click to collapse
So I was able to get this working https://github.com/dsoprea/GDriveFS and could cd into my google drive (But couldn't get Plex to see any files in the directory)
Soooo, even if you do get it working, its possible Plex won't be able to see it
Edit-- Did you install fuse-utils ?
chasx003 said:
Edit-- Did you install fuse-utils ?
Click to expand...
Click to collapse
Not specifically. I would think it would have been listed as a dependency and automatically installed, libfuse was though. I ended up factory restoring my Shield after I botched something, so now I'm just at 5.1 stock using the built-in Samba for now.
which version of busybox works? I am having trouble with wget and I tried v1.21.0
chasx003 said:
I've seen lots of people saying its not possible to make the shield an all in one solution for downloading, but after hours of tinkerering I've got a semi easy way of running the above services (and tons more) from the shield. This does requrie a bit of command line-fu , but I think I've got most of the hard work done. When its all said and done, we'll have a working entware-ng installation ( https://github.com/Entware-ng/Entware-ng)
[..]
FIRST
Now let's create a script that will initialize Entware-ng after reboot
Code:
echo \#\!/system/bin/sh > /data/entware-ng/entware-init.sh
echo mount -o rw,remount rootfs / >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng /opt >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng/rootlinb /lib >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng/rootbin /bin >> /data/entware-ng/entware-init.sh
echo ln -s /data/entware-ng/tmp /tmp >> /data/entware-ng/entware-init.sh
echo ln -s /system/bin/sh /bin/sh >> /data/entware-ng/entware-init.sh
echo mount -o ro,remount rootfs >> /data/entware-ng/entware-init.sh
chmod 755 /data/entware-ng/entware-init.sh
[..]
SECOND
Now lets create a start script that calls the initialize script we just made, but also returns a shell in the new environment
Code:
echo \#\!/system/bin/sh > /data/entware-ng/start.sh
echo ls '/opt >/dev/null 2>&1 ||' su -c /data/entware-ng/entware-init.sh >> /data/entware-ng/start.sh
echo export PATH=/opt/sbin:/opt/bin:/opt/rootbin:/opt/local/bin:/system/bin >> /data/entware-ng/start.sh
echo if busybox test $(busybox id -u) = 0; then HOME=/opt/home/root; else HOME=/opt/home/user; fi >> /data/entware-ng/start.sh
echo export HOME >> /data/entware-ng/start.sh
echo 'for file in /data/opt/etc/init.d/*' >> /data/entware-ng/start.sh
echo do >> /data/entware-ng/start.sh
echo ' $file start' >> /data/entware-ng/start.sh
echo done >> /data/entware-ng/start.sh
echo /bin/sh >> /data/entware-ng/start.sh
chmod 755 /data/entware-ng/start.sh
[..]
THIRD
Copy the start.sh and sysinit to the home environment
Code:
chown root.root /data/entware-ng/home/root/start.sh
chmod 755 /data/entware-ng/home/root/start.sh
chown root.root /data/entware-ng/home/root/sysinit
chmod 755 /data/entware-ng/home/root/sysinit
mount -o ro,remount /
mount -o ro,remount /system
[..]
FOURTH
Start the new environment
Code:
sh /data/opt/home/root/sysinit
Reboot and you should be able to connect via SSH, and have
Click to expand...
Click to collapse
In my quote there has to be something missing between the "first" and "second" steps and the "third" one.. are the two files we've just made the missing files in the home/root directory? Or where they supposed to come from somewhere else?
Also the "fourth" step, there are no /data/opt directory in my installation.
MartiniGM said:
In my quote there has to be something missing between the "first" and "second" steps and the "third" one.. are the two files we've just made the missing files in the home/root directory? Or where they supposed to come from somewhere else?
Also the "fourth" step, there are no /data/opt directory in my installation.
Click to expand...
Click to collapse
Ah! Sorry for not replying until now, life has been busy.
You are correct, there are some typos / things out of order! I'm going to go through this and fix it and will update the OP
I've taken this guide and installed rTorrent (due to superior web client and RSS capability). If anyone needs help on that, I can chime in.
Great tuto !
Working fine one Nvidia Shield TV 2017 with latest update (whithout reboot)
But after reboot I lost /opt and /bin on root :-O
mkdir /opt working fine after mount -o rw,remount /
but if i reboot it disappear
any idea ?
android.stackexchange.com said:
(root) directory is not a persistent filesystem on Android. It's a initramfs, which is packed into the boot image on your device. Although you can remount it with write permissions, changes will always be lost the next time you boot because the original ramdisk will be re-extracted from the boot image on the next boot.
Click to expand...
Click to collapse
So we need to :
$ mkboot boot.img /output-folder
$ cd /output-folder
$ gunzip -c ramdisk | cpio -i
... make some changes in the ramdisk and possibly /output-folder/img_info ...
$ find . | cpio -o -H newc | gzip > newramdisk.cpio.gz
$ cd ..
$ mkboot /output-folder newboot.img
If you're rooted, a better solution is to simply install in a chroot, either using debootstrap or other; you can obtain a nearly complete Linux system this way (init in a chroot is weird, stuff like openssh will still have to be started separately after boot, either manually or by an app/script).
If you're not rooted, you can use proot for simple path redirection; this is how termux installs arch on unrooted devices.
Using either option (chroot, proot) requires having binary files that aren't in a noexec partition; generally this means private app storage, not sdcard that's accessible to other apps. If you're building a chroot, you should be able to include the external/public storage folder in it, however a chroot also requires the partition not be mounted with nodev option.
***Note that I don't actually have a shield TV*** (I'm just interested in getting one) so I can't say if the shield's storage is mounted noexec, but the android data partition generally is. I can, however, verify that the process in general works on Android, however, as I've got two tablets running Lineage/Nougat with chroots, and a stock Moto G6 with archlinux arm in proot. To check for partitions mounted as nodev or noexec, run `mount|TERM=xterm grep --color -E 'nodev|noexec'`. You might check to see if you can use /data/local instead of app's private storage.
For installing BusyBox, *should* be a `busybox --install -s [DIR]` option that copies the binary to the destination, then symlinks applets. This should be simpler than symlinking a bunch of applets manually.
If you want a system-wide BusyBox I recommend stericson busybox: https://play.google.com/store/apps/details?id=stericson.busybox
For a terminal emulator on Android, I highly recommend termux, which is available on Google play and F-Droid. It has support for 256 color, styles, a package manager, Android integration (ie notifications from Linux scripts), boot scripts, widgets, etc: https://play.google.com/store/apps/details?id=com.termux
Another alternative: you can set up user-mode Linux for something closer to virtualization, but I have yet to see any UML binaries for use with Android; this would also make it difficult to run networking and to access files from outside the guest, but will provide a full working system with init support, and would not require root to set up and run--however, I think UML networking requires root and/or kernel support, though, and UML generally requires a disk image much like other virtualization tools. Qemu might be workable instead of UML with fewer issues.
Note that all of these solutions are still running under an Android app, and as such are subject to the android task killer. Not sure if there's any way around this without having something run directly by Android's own init system.
Efreak2004 said:
If you're rooted, a better solution is to simply install in a chroot, either using debootstrap or other; you can obtain a nearly complete Linux system this way (init in a chroot is weird, stuff like openssh will still have to be started separately after boot, either manually or by an app/script).
If you're not rooted, you can use proot for simple path redirection; this is how termux installs arch on unrooted devices.
Using either option (chroot, proot) requires having binary files that aren't in a noexec partition; generally this means private app storage, not sdcard that's accessible to other apps. If you're building a chroot, you should be able to include the external/public storage folder in it, however a chroot also requires the partition not be mounted with nodev option.
***Note that I don't actually have a shield TV*** (I'm just interested in getting one) so I can't say if the shield's storage is mounted noexec, but the android data partition generally is. I can, however, verify that the process in general works on Android, however, as I've got two tablets running Lineage/Nougat with chroots, and a stock Moto G6 with archlinux arm in proot. To check for partitions mounted as nodev or noexec, run `mount|TERM=xterm grep --color -E 'nodev|noexec'`. You might check to see if you can use /data/local instead of app's private storage.
For installing BusyBox, *should* be a `busybox --install -s [DIR]` option that copies the binary to the destination, then symlinks applets. This should be simpler than symlinking a bunch of applets manually.
If you want a system-wide BusyBox I recommend stericson busybox: https://play.google.com/store/apps/details?id=stericson.busybox
For a terminal emulator on Android, I highly recommend termux, which is available on Google play and F-Droid. It has support for 256 color, styles, a package manager, Android integration (ie notifications from Linux scripts), boot scripts, widgets, etc: https://play.google.com/store/apps/details?id=com.termux
Another alternative: you can set up user-mode Linux for something closer to virtualization, but I have yet to see any UML binaries for use with Android; this would also make it difficult to run networking and to access files from outside the guest, but will provide a full working system with init support, and would not require root to set up and run--however, I think UML networking requires root and/or kernel support, though, and UML generally requires a disk image much like other virtualization tools. Qemu might be workable instead of UML with fewer issues.
Note that all of these solutions are still running under an Android app, and as such are subject to the android task killer. Not sure if there's any way around this without having something run directly by Android's own init system.
Click to expand...
Click to collapse
Using chroot isn`t good solution. Emulators not effective too.
Stericon`s busybox is paid, meefik`s busybox is free and has more utils.
Termux is heavy, I use Teeminal Emulator: https://f-droid.org/app/jackpal.androidterm
You be able to install a lot of lightweight linux utils by installing entware-ng. For example, git pkg has 300 Mb size in termux and 15 Mb in entware.
Entware has a lot of conmon with optware and openwrt
this is a wonderful guide I'm surprised more people don't use it great job!
hi,
i show you, how i rooted my Philips 65OLED873/12 with last firmware TPM171E_107.1.140.0. This method is absed on using Magisk manager (https://magisk.me/apk/).
1) 1.st what you need is:
- boot.img (if your device use ramdrive...it is my case of OLED873/12)
- or recovery.img (other devices which don´t use ramdrive...more info https://topjohnwu.github.io/Magisk/install.html)
- so, for this step you need original firmware from this site: https://toengel.net/philipsblog/firmware-download/, specifically for my OLED873 TPM171E_107.1.140.0 (this is last update from 8.12.2021) and rename this file "update.zip" ( this ZIP contain a "autorun.upg" file -> this is still ZIP package, inside are many files factory.img.zip, boot.img.zip, recovery.img.zip...etc., but these files are encrypted, not usable in this state for magisk patching).
Now the fun begins with decryption of these files...
I used a part of project Sebastian "Yath" Schmidt from https://github.com/yath/tpm171e, concrete part of "unpack firmware" https://github.com/yath/tpm171e/blob/master/unpack-firmware.
for this process i used - virtualized KALI linux in VM Ware (is possible use other linux distros). In Kali linux you need install a few tools:
- abootimg -> sudo apt install abootimg
- squashfs-tools -> sudo apt-get update && sudo apt-get install squashfs-tools ......or optional git clone https://github.com/plougher/squashfs-tools.git -> go to higher folder with cd /squshfs-tools/squashfs-tools/ and here build it with command "make"
- extfstools -> git clone https://github.com/nlitsme/extfstools.git -> get in the /extfstools and build it with command "make"
- maybe is better add extfstools and squasfs-tools add to PATH
2) extract "recovery-resource.dat" file from your TV (OLED873) device. This file is located here: /system/etc/recovery-resource.dat (for accessing this file is root permissions not required).
- copy this file from TV to computer with adb command: adb pull /system/etc/recovery-resource.dat
- extract this file (it is an ZIP archive with dat extension), or extract from this file only "keyfile.txt" (if you communicating with adb under Windows -> copy this keyfile.txt to Kali linux)
- now use this command to getting the correct and usable passfile.txt for decrypting original philips firmware file autorun.upg: dd if=keyfile.txt of=passfile.txt bs=127 count=1
3) use scipt file form https://raw.githubusercontent.com/yath/tpm171e/master/unpack-firmware, save this in to the file e.g. "decrypt.sh" in same location like passfile.txt and update.zip
- change file permissions with chmod +x decrypt.sh
#!/bin/bash
set -euo pipefail
# tools. change paths if necessary.
abootimg=abootimg # https://github.com/ggrandou/abootimg
unsquashfs=unsquashfs # https://android.googlesource.com/platform/external/squashfs-tools
ext2rd=ext2rd # https://github.com/qmfrederik/extfstools
cpio=cpio
openssl=openssl
# https://toengel.net/philipsblog/firmware-download/
if [[ "$#" -lt 1 ]]; then
echo "Usage: $0 <update.zip>" >&2
exit 1
fi
passfile="$(dirname "$(readlink -f "$0")")/passfile.txt"
if [[ ! -e "$passfile" ]]; then
echo "passfile.txt not found (looked at $passfile)" >&2
echo "try: make -C $(dirname "$passfile") $(basename "$passfile")" >&2
exit 1
fi
zipfile="$1"
outdir="${zipfile%.zip}"
if [[ "$outdir" == "$zipfile" ]]; then
outdir="${zipfile}.out"
fi
echo "Unpacking $zipfile to $outdir"
# Unpack *.upg file from .zip into temporary directory. Extract the upg file
# to outdir.
tmpdir="$(mktemp -d)"
trap "rm -rf '$tmpdir'" EXIT
unzip -d "$tmpdir" "$zipfile"
upgfiles=("$tmpdir"/*.upg)
if [[ "${#upgfiles[@]}" -ne 1 ]]; then
echo "update.zip '$zipfile' contains ${#upgfiles[@]}, want exactly one" >&2
echo "update.zip contents:" >&2
ls -l -R "$tmpdir" >&2
exit 1
fi
# The .upg file is an Android recovery update.zip.
upgfile="${upgfiles[0]}"
unzip -d "$outdir" "$upgfile"
rm -f "$upgfile"
# Decrypt .zip files
rc=0
for enczip in "$outdir"/*.zip; do
deczip="${enczip}.dec"
if ! "$openssl" enc -d -aes-256-cbc -md md5 -p -pass file:"$passfile" -out "$deczip" -in "$enczip"; then
echo "Failed to decrypt $enczip" >&2
rc=1
continue
fi
if ! file -bi "$deczip" | grep -q '^application/zip'; then
echo "WARNING: $deczip might not be a .zip file, not renaming" >&2
rc=1
continue
fi
mv -vf "$deczip" "$enczip"
done
# Unpack all .zip files
for zip in "$outdir"/*.zip; do
if ! unzip -d "$outdir" "$zip"; then
echo "Unpacking $zip failed, not removing" >&2
rc=1
continue
fi
img="${zip%.zip}" # system.img.zip -> system.img, for system.img.{sh,lst}.
rm -vf "$zip" "$img".sh "$img".lst
done
# Concatenate system image
if ! cat "$outdir"/system?.img > "$outdir"/system.img; then
echo "Concatenating system images failed" >&2
rc=1
else
rm -vf "$outdir"/system?.img
fi
# Extract boot images
if ! which "$abootimg" 2>/dev/null; then
echo "$abootimg is not installed, not unpacking boot images" >&2
rc=1
else
for img in "$outdir"/{boot,factory,recovery}.img; do
abs="$(readlink -f "$img")" # for the subshell which has a different $PWD
imgdir="${img%.img}"
mkdir -p "$imgdir"
if ! (cd "$imgdir" && "$abootimg" -x "$abs"); then
echo "Extracting $img to $imgdir failed" >&2
rc=1
continue
fi
rm -vf "$img"
# Extract initrd
initrd="${imgdir}/initrd.img"
initrddir="${initrd%.img}"
mkdir -p "$initrddir"
if ! gzip -cd "$initrd" | "$cpio" -D "$initrddir" -id; then
echo "Extracting $initrd to $initrddir failed" >&2
rc=1
continue
fi
rm -vf "$initrd"
done
fi
# Extract rootfs and 3rd_file
if ! which "$unsquashfs" 2>/dev/null; then
echo "$unsquashfs is not installed, not unpacking rootfs" >&2
rc=1
else
if ! mv "$outdir"/3rd_file "$outdir"/3rd_file.bin; then
echo "Renaming 3rd_file failed" >&2
rc=1
fi
for img in "$outdir"/{3rd_file,rootfs}.bin; do
imgdir="${img%.bin}"
if ! "$unsquashfs" -d "$imgdir" -li "$img"; then
echo "Extracting $img to $imgdir failed" >&2
rc=1
continue
fi
rm -vf "$img"
done
fi
# Extract system.img
if ! which "$ext2rd" 2>/dev/null; then
echo "$ext2rd is not installed, not unpacking system image" >&2
rc=1
else
img="$outdir"/system.img
imgdir="${img%.img}"
mkdir -p "$imgdir"
if ! "$ext2rd" "$img" ./:"$imgdir"; then
echo "Extracting $img to $imgdir failed" >&2
rc=1
else
rm -vf "$img"
fi
fi
# The End
if (( rc )); then
echo "Warnings encountered; please check output!" >&2
fi
echo "Unpacked $zipfile to $outdir, have fun!"
exit "$rc"
Click to expand...
Click to collapse
4) now run script: sudo ./decrypt.sh update.zip
- after the script has finished running, you'll see a message (3rd. from bottom) : ext2rd is not installed, not unpacking system image -> it is ok
- now you have new folder named "UPDATE" with decypted files.
- if you'll hav a problems (no boot.img, recovery.img, etc in UPDATE folder), edit script file "decrypt.sh", go on line 106 and write the first character on the line # comment the line, it disabling rm command in script)
5) for my TV OLED873/12 i used decrypted "boot.img" -> install last Magisk Manager v 25.2 in TV:
adb install magisk.apk -> hasn't created an icon on my TV -> run app manually with command from: adb shell monkey -d com.topjohnwu.magisk 1
6) copy copy decrypted "boot.img" file it to the TV: adb push C:\Users\XXX\Downloads\boot.img /storage/sdcard0/Downloads
7) in Magisk app run on first line "install" (on the line with Zgysk no, Ramdisk yes)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
- next step (next windows) i checked both check-boxes and click next button:
- now you select "boot.img" file from /Download folder in your TV and wait for patching of this file.
- now you have in new patched file named as "boot-patched_XXXX.img" (or something like that) in folder.
- now copy this patched file back to PC with commadn: adb pull /storage/sdcard0/Downloads/boot-patched_XXXX.img C:\Users\XXX\Downloads
8) now send adb command for rebooting to bootloader: adb reboot bootloader
- wait for the TV reboot into bootloader mode -> check it with fastboot command: fastboot devices
- now use fastboot command for flashing patched boot.img file: fastboot flash boot boot-patched_XXXX.img (or rename it in PC on shorter "boot.img")
- after this send last fastboot command: fastboot reboot
- after this wait for rebooting to system and enjoy rooted your Philips OLED873
- check it with adb commands:
adb shell
su (after this allow super user permissions in pop-up window on TV screen with remote controller)
...i mean, this decrypting method will probably work on all other (and newer) models of android tv Philips, which use the same salted encryption his own original firmware updates. I checked firmware TPM211EA_101.001.003.232 from Philips TV 2022 (OLED937, OLED907, OLED807, OLED837, OLED857, OLED887, OLED707, PML9507 (MiniLED), PUS8807, PUS8837, PUS8857, PUS8887, PUS8897, PUS8507, PUS8517) and at first sight the same encryption....
Thank you very much sir!
I'll try to order a donor pcb from ebay asap and try this method on the test pcb first. I'm a bit affraid to brick my device.
stay calm, it is ok (i had too fear )...on the first try, I got restart loop, but a few seconds befer restarting was activated adb (i was fast with command adb reboot bootloader...and that was still working...from bootloader i tryed flash new one boot.img and for the second time it has already worked).