For anyone that doesn't want to root the hard way crossix has come up with a double click root for Windows forum.xda-developers.com/showpost.php?p=23052186&postcount=105
Update 2/26/12
/system can now be mounted writable see the bottom of this post.
So the old Honeycomb exploit has now been patched in ICS. But there was an exploit found in the newer ICS kernels. Written by saurik,: called mempodroid
There is an offset needed as an argument to the binary, for the a100 we'll use what has worked for the a200 as noted in sauriks github linked above.
The issue with this is mounting /system as writable. I'm not sure if it's something in ICS, but it appears to be write protected. As noted here and here we will loop mount the system partition.
The tools needed are:
1. mempodroid under Usage Instructions, download pre-compiled
2. busybox 1.20 snapshot 3-10-12
3. su the latest from androidsu.com, extract from system/bin
4. mount.txt script
After downloading and extracting place them all in a folder called tools.
This must be done with adb. Issue the following from cmd or a terminal:
Code:
$ adb shell mkdir /data/local/tools
$ adb push tools /data/local/tools ; adb shell
$ cd /data/local ; chmod 755 tools/*
$ cd tools ; ./mempodroid 0xd9f0 0xaf47 sh
If all went well you should be at a hash # prompt. This is temp root.
mount /system rw the new way:
Code:
# PATH=$PWD:$PATH
# sh mount.txt -o remount,rw /system
Copy su and busybox to /system
Code:
# ./busybox cp busybox /system/xbin; ./busybox cp su /system/xbin/
# chmod 6755 /system/xbin/su
Install busybox
Code:
# cd /system/xbin
# for i in $(busybox --list); do ln -s busybox $i; done; sync
Copy the mount script
If busybox is updated this step must be run again
Code:
# cp /data/local/tools/mount.txt /system/bin/mount
# cp /data/local/tools/mount.txt /system/xbin/mount
Done your a100 should be rooted
the old way:
Now lets loop mount /system
Code:
[b]This is no longer needed[/b]
# ./busybox losetup -o $((512 * 51200)) /dev/block/loop7 /dev/block/mmcblk0
Code:
# ./busybox losetup /dev/block/loop7 /dev/block/mmcblk0p3
# mkdir loop ; mount -t ext4 /dev/block/loop7 loop
Copy su and busybox to the new mount point.
Code:
# ./busybox cp su loop/xbin/ ; ./busybox cp busybox loop/xbin/
# chmod 6755 loop/xbin/su ; sync
If it worked your a100 is fully rooted. Make sure to install SuperUser from the Market.
Either get busybox installer from the market, and install it to /data/local/tools/loop/xbin
Or:
Code:
# cd loop/xbin
# for i in $(busybox --list); do ln -s busybox $i; done; sync
The mount point won't survive a reboot so in order to write to /system again run:
Code:
# busybox losetup /dev/block/loop7 /dev/block/mmcblk0p3
# mount -t ext4 /dev/block/loop7 /data/local/tools/loop
[update 2/26/12]
To mount /system as writable do the following from adb. We'll just make a directory called /data/loop for easy access.
Code:
$ adb shell
$ su
# stop
[b]your screen will go black[/b]
# mkdir /data/loop
[b]skip this if the loop is already set up
# busybox losetup /dev/block/loop7 /dev/block/mmcblk0p3[/b]
# mount -t ext4 /dev/block/loop7 /data/loop
# mount -o bind /data/loop /system
# start
You can write to /system with any app but /system can't be remounted ro then back to rw.
This can be added to /etc/install-recovery.sh to make it permanent
Code:
busybox losetup /dev/block/loop7 /dev/block/mmcblk0p3
mount /dev/block/loop7 /data/loop
mount -o bind /data/loop /system
Thanks to crossix as the first to get temp root, and Icewyng for pointing out the exploit and helping with the magic number.
Ill be testing this when I get home, if it works Ill attempt to write a 1 command script to do it.
Sent from my MB860 using XDA App
OK...
Testing this out and found there were a couple of bugs.
You didn't have a "loop" folder created so I made one in the "tools" folder.
and, when mounting, you need to specify -t ext4.
Here are the revised commands for # mount /dev/block/loop7 loop
mkdir loop;mount -t ext4 /dev/block/loop7 /data/local/tools/loop
I noticed that the files /data/local/tools/loop/xbin/su and /data/local/tools/loop/xbin/busybox don't exist on /system/xbin until after a restart.
Finally, the busybox we are using to install doesn't seem to make all of the links to all of the nice commands we are used to, so things like grep, cp, etc... they won't work. I'm trying to figure out how to re-run the GUI busybox installer and point it to the loop folder, but haven't had much success.
danifunker said:
OK...
Testing this out and found there were a couple of bugs.
You didn't have a "loop" folder created so I made one in the "tools" folder.
and, when mounting, you need to specify -t ext4.
Here are the revised commands for # mount /dev/block/loop7 loop
mkdir loop;mount -t ext4 /dev/block/loop7 /data/local/tools/loop
I noticed that the files /data/local/tools/loop/xbin/su and /data/local/tools/loop/xbin/busybox don't exist on /system/xbin until after a restart.
Finally, the busybox we are using to install doesn't seem to make all of the links to all of the nice commands we are used to, so things like grep, cp, etc... they won't work. I'm trying to figure out how to re-run the GUI busybox installer and point it to the loop folder, but haven't had much success.
Click to expand...
Click to collapse
You beat me to the punch... was about to point it out.
Not sure what version of busybox this is but I will try with 1.19.2 and see how it goes.
Edit: Got root! It works great... for Busybox, use Busybox Installer to be able to get the latest version (1.19.4) I confirm that system is R/O for now.
danifunker said:
OK...
Testing this out and found there were a couple of bugs.
You didn't have a "loop" folder created so I made one in the "tools" folder.
and, when mounting, you need to specify -t ext4.
Here are the revised commands for # mount /dev/block/loop7 loop
mkdir loop;mount -t ext4 /dev/block/loop7 /data/local/tools/loop
I noticed that the files /data/local/tools/loop/xbin/su and /data/local/tools/loop/xbin/busybox don't exist on /system/xbin until after a restart.
Finally, the busybox we are using to install doesn't seem to make all of the links to all of the nice commands we are used to, so things like grep, cp, etc... they won't work. I'm trying to figure out how to re-run the GUI busybox installer and point it to the loop folder, but haven't had much success.
Click to expand...
Click to collapse
I did have some typos, think it's right now. That is an old busybox, it was just a quick find and it includes losetup but it's not one to use full time. Maybe sync is needed at the end so files are written properly. I didn't have to use -t ext4 with HC, but Ill add it to the OP
[edit] you have to use "busybox cp or busybox grep" I didn't include a way to add all the symlinks. Wow I have typos everywhere it's the end of the day for me, working nights.
Ok ... Got root!
Titanium works, Busybox Installer works, Superuser works, Root Explorer works...
Only thing is that System is R/O but we will work on it.
Waiting for a R/W system...and then, no one will stop my update
I can't get it to root :-(
It say not found
Sent from my A100 using xda premium
jondi23 said:
I can't get it to root :-(
It say not found
Sent from my A100 using xda premium
Click to expand...
Click to collapse
At what point, need some more details.
The tools folder gets pushed (the 3 files are copied) but then it says there is no such folder.
edit: never mind - i created the folder manually and pushed the files into the folder
edit2: rooted - thakns guys
Brilliat work, will try this later (need to get the sdk all set up again, I've been distro swapping). Got a pool match tonight too, so will try as soon as I can, will give whatever feedback I can later.
myprecious27 said:
The tools folder gets pushed (the 3 files are copied) but then it says there is no such folder.
edit: never mind - i created the folder manually and pushed the files into the folder
Click to expand...
Click to collapse
I forgot adb can't push a whole directory, it instead only copies the files within the directory.
wait how is it rooted if it's r/o I thought point of root was to make the file system r/w... er is root just allowing you to view all directories? Sorry for a noobish question, but you gotta start somewhere right?
rando152 said:
wait how is it rooted if it's r/o I thought point of root was to make the file system r/w... er is root just allowing you to view all directories? Sorry for a noobish question, but you gotta start somewhere right?
Click to expand...
Click to collapse
Well I think if we have su working we will be able to mount /system rw in some way if not directly. I cant imagine not being able to.
In any case though being able to write to /data as root is very useful. Example: Hulu flash fix.
You can't view /data if you're not root. That's one thig. Also, other functions may require root, like advanced networking things, etc.
I agree, not being able to write to /system is a major inconvenience, but most of the root programs will still work, as long as you're not writing to /system.
Since this is a temp root, does it mean that I will have to reroot every time I reboot? Will apps like Adfree work on this?
better yet is there a way we can do this solely on the tab? im away for work for another 4 weeks and only have my cell and a100 with me :-(
Sent from my SGH-I897 using xda premium
I get
Code:
255|[email protected]:/data/local/tools # mount -t ext4 /dev/block/loop7 /data/local
/tools/loop
lock/loop7 /data/local/tools/loop <
mount: Invalid argument
simoneser said:
I get
Code:
255|[email protected]:/data/local/tools # mount -t ext4 /dev/block/loop7 /data/local
/tools/loop
lock/loop7 /data/local/tools/loop <
mount: Invalid argument
Click to expand...
Click to collapse
I noticed the same thing happen after you root it and restart... not sure what to do next. Are you at temp loop?
simoneser said:
I get
Code:
255|[email protected]:/data/local/tools # mount -t ext4 /dev/block/loop7 /data/local
/tools/loop
lock/loop7 /data/local/tools/loop <
mount: Invalid argument
Click to expand...
Click to collapse
danifunker said:
I noticed the same thing happen after you root it and restart... not sure what to do next. Are you at temp loop?
Click to expand...
Click to collapse
try:
Code:
# busybox losetup -d /dev/block/loop7
# busybox losetup -o $((512 * 51200)) /dev/block/loop7 /dev/block/mmcblk0
# mount -t ext4 /dev/block/loop7 /data/local/tools/loop
The first line may produce
losetup: /dev/block/loop7: No such device or address
If it's not looped
After you are rooted the above can be run without adb from a terminal as su.
The mount point can be anywhere ex. /sdcard/loop instead of /data/local/tools/loop
Hello world,
i'm trying to install backtrack 5 on my Galaxy Nexus. I downloaded the backtrack 5 arm version, copied all files in /sdcard/BT5 and then got this:
Code:
[email protected]:/ $ export PATH=/data/local/bin:$PATH
[email protected]:/ $ su
[email protected]:/ # cd sdcard
[email protected]:/sdcard # cd BT5
[email protected]:/sdcard/BT5 # sh bootbt
Loop device exists
ioctl LOOP_SET_FD failed: Device or resource busy
mount: No such file or directory
mount: No such file or directory
mount: No such file or directory
net.ipv4.ip_forward = 1
bootbt[23]: can't create /data/local/mnt/etc/resolv.conf: No such file or directory
bootbt[24]: can't create /data/local/mnt/etc/hosts: No such file or directory
chroot: can't execute '/bin/bash': No such file or directory
Shutting down BackTrack ARM For Xoom
failed: No such file or directory
failed: No such file or directory
failed: No such file or directory
failed: Invalid argument
1|[email protected]:/sdcard/BT5 #
I'm running android 4.1.1 stock rom with root and franco.kernel milestone 5 3.0.41 (the last stable)
What can i do? Thanks for help
Is it This guide you followed?
Herman76 said:
Is it This guide you followed?
Click to expand...
Click to collapse
No i followed a video from youtube. And others. But i simply download the backtrack arm version here: http://www.backtrack-linux.org/ then copied all the files and running with "sh bootby".
However i install cyanogen mod 10 and now it works for a bit. Now, after reinstalling all apps and use the phone a bit, i get again the loop devices error.
Why?
Here are the facts:
my tablet was throwing errors about google app and google search box crashing. I restarted the tablet and it got stuck at boot loop.
K00E with firmware,UL-K00E-WW-7.6.0.0-user, not rooted.
what I've tried:
factory reset under droidboot:
Code:
E:failed to mount /cache (Invalid argument)
unable to mount /cache! we skip check debricking
SD download of the latest RAW file under under droidboot:
again
Code:
E:failed to mount /cache (Invalid argument)
unable to mount /cache!
Installing the firmware zip file using custom recovery:
I used this to run CWM. I cleared cache, user data, factory reset and then tried to install using external SD zip file.
Code:
failed to mount /dev/block/mmcblk0p8 at /system: Invalid argument
trying to re partition the internal SD:
from here
I tried to run parted to fix it but I am getting this
Code:
~ # parted
parted
/sbin/parted: line 1: syntax error: unexpected word (expecting ")")
~ #
I added no arguments to parted, and still it is giving me this error. I even tried pushing another copy of parted and chmodding it to execute it, still the same thing occurs.
I also tried this
on running th second command I have
Code:
~ # tune2fs -O extents,uninit_bg,dir_index -C 1 /dev/block/mmcblk0p8
tune2fs -O extents,uninit_bg,dir_index -C 1 /dev/block/mmcblk0p8
tune2fs 1.41.11 (14-Mar-2010)
tune2fs: Bad magic number in super-block while trying to open /dev/block/mmcblk0
p8
Couldn't find valid filesystem superblock.
~ #
any ideas how to move forward?
Hello! With the new pokemon patch out, I was trying to uninstall safestrap:
Code:
su
mount -o remount,rw /system
mv /system/etc/init.qcom.modem_links.sh.bin /system/etc/init.qcom.modem_links.sh
rm -rf /system/etc/safestrap
rm /system/etc/firmware/q6.mdt
ln -s /firmware/image/q6.mdt /system/etc/firmware/q6.mdt
mount -o remount,ro /system
Unfortunately, All I managed to run through the terminal was:
Code:
su
mount -o remount,rw /system
The next line failed: so I decided to give up on uninstalling safestrap, and go back to CM11.
Reboot:
Safestrap -> wipe system
restore: chose my restore
"Wiped system"
"install fail"
[Reboot]
... now I get stuck on
"Amazon"
I think I managed to unmount the system folder, couldn't install to it, rebooted, and now all is blank....
Please help me save my phone: I can't afford a new one
**EDIT***
GOT IT!
https://www.reddit.com/r/firephone/comments/47w9bq/how_to_fix_your_unusable_fire_phone/
Stock ROM, oreo.
How do you execute scripts on startup? Either by init.d or some other means, doesn't matter as long as it works. The /system/etc/init.d folder isn't there. Remounting /system for me doesn't work:
mount -o remount,rw -t ext4 /dev/block/platform/hi_mci.0/by-name/system /system
I get: '/system': Device or resource busy
I reboot into TWRP, I get the same error as above. Any help please?
TouchOdeath said:
Stock ROM, oreo.
How do you execute scripts on startup? Either by init.d or some other means, doesn't matter as long as it works. The /system/etc/init.d folder isn't there. Remounting /system for me doesn't work:
mount -o remount,rw -t ext4 /dev/block/platform/hi_mci.0/by-name/system /system
I get: '/system': Device or resource busy
I reboot into TWRP, I get the same error as above. Any help please?
Click to expand...
Click to collapse
For mounting you use these command.
In local terminal
HWBND-H:/ $ su
HWBND-H:/ # mount -o rw,remount /system
In adb terminal
adb shell su -c mount -o rw,remount /system
And to see how is mounted
HWBND-H:/ # mount | grep system
It should return like this.
/dev/block/mmcblk0p51 on /system type ext4 (rw,seclabel,relatime,data=ordered)
And to go back to ro do this or reboot:
HWBND-H:/ # mount -o ro,remount /system
HWBND-H:/ # mount | grep system
/dev/block/mmcblk0p51 on /system type ext4 (ro,seclabel,relatime,data=ordered)
mrmazak said:
For mounting you use these command.
In local terminal
HWBND-H:/ $ su
HWBND-H:/ # mount -o rw,remount /system
In adb terminal
adb shell su -c mount -o rw,remount /system
And to see how is mounted
HWBND-H:/ # mount | grep system
It should return like this.
/dev/block/mmcblk0p51 on /system type ext4 (rw,seclabel,relatime,data=ordered)
And to go back to ro do this or reboot:
HWBND-H:/ # mount -o ro,remount /system
HWBND-H:/ # mount | grep system
/dev/block/mmcblk0p51 on /system type ext4 (ro,seclabel,relatime,data=ordered)
Click to expand...
Click to collapse
Thank you for your response I appreciate it. I ended up making my problem more complicated than it had to be. The solution was to open terminal and do:
adb shell
su
mkdir /system/etc/init.d
cp /storage/emulated/0/Downloads/script.sh /system/etc/init.d/script.sh
If I tried to create the folder through a rooted app (Total Commander), it didn't work. Copying the file through an app didn't work either.