Related
Ok so I was able to make a bootable boot.img but now I'm trying to get the init.d scripts working. Basically I'm looking to run some commands on boot and felt this is the best way. What I did was put the following in my boot.img's init.rc file:
Code:
# Execute files in /etc/init.d before booting
service sysinit /system/bin/logwrapper /system/xbin/busybox run-parts /system/etc/init.d
disabled
oneshot
Then in my update-script file I added the following to make the directory and containing files executable:
Code:
set_perm_recursive 0 2000 0755 0750 SYSTEM:etc/init.d
set_perm 0 0 0755 SYSTEM:etc/init.d
Then I packaged up the boot.img, added to an update.zip (with custom rom) and flashed it. However it doesn't appear that the scripts inside /system/etc/init.d are running. Anyone have any ideas for me? Anything I'm forgetting to do?
I don't think you can add a directory and have it execute every script within the directory. I believe you need to explicitly call the scripts within the directory. At least that's how every other init.d implementation I've ever worked with functioned.
Good luck!
cent
CentroniX said:
I don't think you can add a directory and have it execute every script within the directory. I believe you need to explicitly call the scripts within the directory. At least that's how every other init.d implementation I've ever worked with functioned.
Good luck!
cent
Click to expand...
Click to collapse
Could you elaborate. I'm not too familiar with the init.d stuff with android right now. So how would I call these scripts at startup? I can't tell where in other roms these scripts are being called.
chuckhriczko said:
Could you elaborate. I'm not too familiar with the init.d stuff with android right now. So how would I call these scripts at startup? I can't tell where in other roms these scripts are being called.
Click to expand...
Click to collapse
Ok, so if you had a script in /etc/init.d called 'doit', you would invoke it by calling /etc/init.d/doit.
So I'd try:
Code:
# Execute files in /etc/init.d before booting
service sysinit /system/bin/logwrapper /system/xbin/busybox run-parts /system/etc/init.d/doit /system/etc/init.d/doit2
disabled
oneshot
I'll be honest that I have zero experience with startup scripts in Android, but I have over 15 years experience as a *nix adminitrator. In every *nix I've ever used, you can't just call upon a directory and have every script within it execute; You have to explicitly call each script.
CentroniX said:
Ok, so if you had a script in /etc/init.d called 'doit', you would invoke it by calling /etc/init.d/doit.
So I'd try:
Code:
# Execute files in /etc/init.d before booting
service sysinit /system/bin/logwrapper /system/xbin/busybox run-parts /system/etc/init.d/doit /system/etc/init.d/doit2
disabled
oneshot
I'll be honest that I have zero experience with startup scripts in Android, but I have over 15 years experience as a *nix adminitrator. In every *nix I've ever used, you can't just call upon a directory and have every script within it execute; You have to explicitly call each script.
Click to expand...
Click to collapse
Sounds good to me. I'll try that and keep this thread updated.
in the custom kernels i built for android 2.1 this is the method i used to call custom scripts in init.rc . pretty sure it should work for you, just change the paths and commands as you need!
## SDX processes
# install busybox
service busybox /sbin/busybox --install -s /bin/
oneshot
# run custom SDX functions
service sdx /sbin/sdx.sh
oneshot
for those wanting to learn the technical details on the init.rc google android has a great article on the commands for their init.rc file.
http://source.android.com/porting/bring_up.html - scroll down to the section title Android Init Language
joeykrim said:
in the custom kernels i built for android 2.1 this is the method i used to call custom scripts in init.rc . pretty sure it should work for you, just change the paths and commands as you need!
## SDX processes
# install busybox
service busybox /sbin/busybox --install -s /bin/
oneshot
# run custom SDX functions
service sdx /sbin/sdx.sh
oneshot
google android has a great article on the commands for their init.rc file but i cant seem to find it at the moment ... will post back if i get it.
Click to expand...
Click to collapse
Even better. Thanks!
CentroniX said:
Ok, so if you had a script in /etc/init.d called 'doit', you would invoke it by calling /etc/init.d/doit.
So I'd try:
Code:
# Execute files in /etc/init.d before booting
service sysinit /system/bin/logwrapper /system/xbin/busybox run-parts /system/etc/init.d/doit /system/etc/init.d/doit2
disabled
oneshot
I'll be honest that I have zero experience with startup scripts in Android, but I have over 15 years experience as a *nix adminitrator. In every *nix I've ever used, you can't just call upon a directory and have every script within it execute; You have to explicitly call each script.
Click to expand...
Click to collapse
I just realized the run-parts command in busybox runs a bunch of scripts in a directory (description if you run busybox runparts by itself) so this should work.... but it doesnt...
From the documentation joeykrim linked:
Services
Services are programs that init launches and (optionally) restarts when they exit.
Services take the form of:
service <name> <pathname> [ <argument> ]*
<option>
<option>
Click to expand...
Click to collapse
So you'd want:
Code:
service <name> /etc/init.d/your-script-here
oneshot
You'll need to add that block for each script you wish to run.
Furthermore, the documentation states
disabled - This service will not automatically start with its class. It must be explicitly started by name.
Click to expand...
Click to collapse
So the fact that you have the 'disabled' option set might be the reason it's not executing.
CentroniX said:
From the documentation joeykrim linked:
So you'd want:
Code:
service <name> /etc/init.d/your-script-here
oneshot
You'll need to add that block for each script you wish to run.
Furthermore, the documentation states
So the fact that you have the 'disabled' option set might be the reason it's not executing.
Click to expand...
Click to collapse
Well that disabled is why it wasn't trying to run the script however when I removed disabled it kept looping at the first boot screen (before the animated one). So I just tried taking the code out of the init.rc and putting it in the bootcomplete.supersonic.rc file. This allowed the phone to boot but it looks like the scripts aren't running at all. Ugh. lol
Ok so I figured it out. In all of the init.d setups I have seen they create a service in the init.rc that will load all the scripts in the init.d directory and then after the file system loads they start that service. Well, the boot process for the Evo is apparently a little different. HTC changed things to have seperate rc scripts for when the boot and shutdowns are complete. So the bootcomplete.supersonic.rc file is what we want to modify.
This script doesn't work with the init.rc commands but it does work with simple linux shell commands. So simply adding
Code:
/system/xbin/busybox run-parts /system/etc/init.d
to the bottom of this file will call all scripts inside the /system/etc/init.d folder on boot completion.
Good to know, and glad you got it working!! Hopefully we'll see a kickass ROM from you soon!
CentroniX said:
Good to know, and glad you got it working!! Hopefully we'll see a kickass ROM from you soon!
Click to expand...
Click to collapse
Well it will be better than my last (hopefully released today) but nothing truly kick ass until we get kernel source in which the camera works. Oh the possibilities.
chuckhriczko said:
This script doesn't work with the init.rc commands but it does work with simple linux shell commands. So simply adding
Code:
/system/xbin/busybox run-parts /system/etc/init.d
to the bottom of this file will call all scripts inside the /system/etc/init.d folder on boot completion.
Click to expand...
Click to collapse
so you added that line to bootcomplete.supersonic.rc ?
interesting HTC modified the boot order and setup, but not surprising.
glad we now know how to execute multiple scripts.
out of curiosity and hopefully not off topic, what are you executing in multiple scripts which couldn't be executed in one script called by the original init.rc file?
for reference, when running one individual script, the code i posted above, adheres to google's standard and should work fine.
# run custom SDX functions
service sdx /sbin/sdx.sh
oneshot
joeykrim said:
so you added that line to bootcomplete.supersonic.rc ?
interesting HTC modified the boot order and setup, but not surprising.
glad we now know how to execute multiple scripts.
out of curiosity and hopefully not off topic, what are you executing in multiple scripts which couldn't be executed in one script called by the original init.rc file?
for reference, when running one individual script, the code i posted above, adheres to google's standard and should work fine.
# run custom SDX functions
service sdx /sbin/sdx.sh
oneshot
Click to expand...
Click to collapse
Oh I could have put it all in one script but for cleanliness I wanted multiple scripts. This way they can more easily be read and modified. I hate ugly dirty cluttered code and directories.
Actually, you could've left the lines the way they were...
Right above class_start default, put the following two lines in:
start sysinit
on property:cm.filesystem.ready=1
The last line is to stop init.rc until you set the cm.filesystem.ready property (you do that from one of the scripts in /system/etc/init.d)
chuckhriczko said:
Ok so I figured it out. In all of the init.d setups I have seen they create a service in the init.rc that will load all the scripts in the init.d directory and then after the file system loads they start that service. Well, the boot process for the Evo is apparently a little different. HTC changed things to have seperate rc scripts for when the boot and shutdowns are complete. So the bootcomplete.supersonic.rc file is what we want to modify.
This script doesn't work with the init.rc commands but it does work with simple linux shell commands. So simply adding
Code:
/system/xbin/busybox run-parts /system/etc/init.d
to the bottom of this file will call all scripts inside the /system/etc/init.d folder on boot completion.
Click to expand...
Click to collapse
tkirton said:
Actually, you could've left the lines the way they were...
Right above class_start default, put the following two lines in:
start sysinit
on property:cm.filesystem.ready=1
The last line is to stop init.rc until you set the cm.filesystem.ready property (you do that from one of the scripts in /system/etc/init.d)
Click to expand...
Click to collapse
interesting approach! thanks for sharing this!
i assume this on property cm.filesystem.ready feature must be exclusive to android?
would the logic also follow, you'd set ready to 0 in the last of the scripts located under /system/etc/init.d ?
would there be any downside to this approach? if there was an error in the script files and they stopped, would loading of the init.rc also stop and severely stall the boot up process?
joeykrim said:
in the custom kernels i built for android 2.1 this is the method i used to call custom scripts in init.rc . pretty sure it should work for you, just change the paths and commands as you need!
## SDX processes
# install busybox
service busybox /sbin/busybox --install -s /bin/
oneshot
# run custom SDX functions
service sdx /sbin/sdx.sh
oneshot
for those wanting to learn the technical details on the init.rc google android has a great article on the commands for their init.rc file.
http://source.android.com/porting/bring_up.html - scroll down to the section title Android Init Language
Click to expand...
Click to collapse
Also:
https://android.git.kernel.org/?p=p...5790acb05904ddd109ed33de3863a4b413d53;hb=HEAD
And take a look at:
http://www.androidenea.com/2009/08/init-process-and-initrc.html
leonnib4 said:
Also:
https://android.git.kernel.org/?p=p...5790acb05904ddd109ed33de3863a4b413d53;hb=HEAD
And take a look at:
http://www.androidenea.com/2009/08/init-process-and-initrc.html
Click to expand...
Click to collapse
hey man does this work with the desire too??????? cause i have been unable to achieve custom boot scripts with desire init.rc
Im confused can someone help me figure it out!
ok so here the confusion
set_perm_recursive(0, 0, 0777, 0777, "/system/etc/init.d"); changhong z-me updater script
set_perm_recursive(0, 2000, 0755, 0755, "/system/etc/init.d"); ideos x6 updater script
I don't know which 1 to put in the update script!?!
Im trying to port cm7 to changhong z-me and using ideos x6 as port.
I am using the rom IML74K Android 4.0.3 Build 8 from bigxie and franco.Kernel #13.
I think the rom and kernel suppose to support init.d scripts. And I can found the script in etc/init.d named 97schedmc.
I wanna the hotplug function, so I put a file named 98hotplug(I don't know how to named the script), but I found it would not work. The parameter would not change after restart the device. Even I excute it(rename to sh file) in RootExplor, the parameter did not changed.
I try to run or sh the command in adb shell, it works fine, and the parameter changed.
I thinks it is relate to the access right issue, but I don't know how to fix it.
Could any one can help me?
Thanks for the guy who reply me.
you most chmod the files. Just sticking them it won't allow them to run.
I am not such understand... What should I do then?
chmod them?
755 works.
Hi,
Like this:
For 755,right permissions for scripts in Init.d folder,a good link i think: http://www.elated.com/articles/understanding-permissions/
Do not create a sh. file,for example in Root Eplorer,go to system/etc/init.d and menu/New file then put your script with #!/system/bin/sh first then space then enter.
Or on your pc take a init.d file in a rom,erase the script,copy yours with the correct script,reput in your phone,set the correct permissions then reboot.
Are you really sure your rom/kernel suppot Init.d ?
Just one question,I do not use this combo...
Hoping this helps
Permissions are set correctly, the kernel (faux123) supports init.d scripts, and the script works when run from terminal, but it still does not run on boot.
Thanks for your reply and great help!
I am sure the kernel support the init.d, but I not sure the rom, is it necessary both of them to support init.d?
What is your combo??
Hi,
To monkeyzou,yes i use the same kernel wich support Init.d script,but i use aokp rom,the rom you are using seems not support Init.d (it is not specified?),but in any case the Franco kernel support it,and it create the necessary lines in "init.rc" for activate the init.d support+the init.d file+the correct permissions,all automatically when you flash the kernel...
So i don't now what is wrong
Are you sure you set the right permissions for your file script in init.d?Are you sure your script is written correctly?
Can you share it?
After that my knowledges stop there,sorry...
init.d support only needs to be in the kernel ramdisk. As for rom support, that only goes as far as needing the directory. Note that some of the kernels out there are anykernel format and therefore would not support init.d scripts.
I was trying to do the exact same thing and couldn't make it work either. Eventually I just used Script Manager (on market) and let it run the script at boot.
Here is my script:
Code:
#!/system/xbin/bash
echo 1 > /sys/module/dsscomp/parameters/hotplug_enabled
Re,
To monkeyzou can you test this script at the bottom of my message?
Remove the .txt and copy it to your init.d folder then set the right permissions for it as i have shown above.
Or test another script where you could see a change?
At the end are you sure your script don't work?
After reboot with the script go to /sys/module/dsscomp/parameters/hotplug_enabled and see if the value is set to 1,if yes it's ok,if no (so set to 0),i don't know more...
ctbear said:
I was trying to do the exact same thing and couldn't make it work either. Eventually I just used Script Manager (on market) and let it run the script at boot.
Here is my script:
Code:
#!/system/xbin/bash
echo 1 > /sys/module/dsscomp/parameters/hotplug_enabled
Click to expand...
Click to collapse
Hi,
Test the script i've posted above:
#!/system/bin/sh
echo 1 > /sys/module/dsscomp/parameters/hotplug_enabled
Click to expand...
Click to collapse
I hope that helps
viking37 said:
Hi,
Test the script i've posted above:
I hope that helps
Click to expand...
Click to collapse
Thanks. Unfortunately it still didn't work, but I've found a workaround (looks stupid, but somehow works):
Basically I have a script file at the root of storage, and it contains just the echo line. My init script will just run that /sdcard script and it works fine.
viking37 said:
Re,
To monkeyzou can you test this script at the bottom of my message?
Remove the .txt and copy it to your init.d folder then set the right permissions for it as i have shown above.
Or test another script where you could see a change?
At the end are you sure your script don't work?
After reboot with the script go to /sys/module/dsscomp/parameters/hotplug_enabled and see if the value is set to 1,if yes it's ok,if no (so set to 0),i don't know more...
Click to expand...
Click to collapse
Tried this script and it works
I'm new @xda and @SGy. Please tell me how to get boot.img of my kernel(As boot.img file)
(This file is for my f***ing bro. I don't let him to touch my SGy.)
Pls tell a easier method.
••••Rocking SGy™••••
Use root explorer and extract. Or andro zip. Any file manager free
Sent from City of Angels
Install Terminal Emulator from Google Play Store and enter these commands one after the other:
su
dd if=/dev/block/bml7 of=/sdcard/boot.img
tar cvf /sdcard/kernel-backup.tar /sdcard/boot.img
Boot.img and Kernel-backup.tar (for Odin flash) will be created.
Raol Emostar said:
Install Terminal Emulator from Google Play Store and enter these commands one after the other:
su
dd if=/dev/block/bml7 of=/sdcard/boot.img
tar cvf /sdcard/kernel-backup.tar /sdcard/boot.img
Boot.img and Kernel-backup.tar (for Odin flash) will be created.
Click to expand...
Click to collapse
Hi Raol,
I typed the command above and got my boot.img. However, when I try to work on it with Kitchen, it tells me that I must first root my ROM... but my ROM is already rooted. Is there someting missing in my boot.img? Is there another command to include the su binaries in the boot.img?
NB: I have a Samsung Galaxy Y Duos
JohnNAVI said:
Hi Raol,
I typed the command above and got my boot.img. However, when I try to work on it with Kitchen, it tells me that I must first root my ROM... but my ROM is already rooted. Is there someting missing in my boot.img? Is there another command to include the su binaries in the boot.img?
NB: I have a Samsung Galaxy Y Duos
Click to expand...
Click to collapse
nothing missing ............(BTW What Is Ur File Size)
root is usually stored outside the kernel. some of kernel have build in root, but it's only on custom kernel. stock kernel never have build in root. btw, what are you trying to do with your kernel? dsixda kitchen only have limited option to modify kernel. as far as I know it only has extract, build, and add init.d option. I've been doing that for several times and it succed. all my modified kernel is created via dsixda's kitchen.
kurotsugi said:
root is usually stored outside the kernel. some of kernel have build in root, but it's only on custom kernel. stock kernel never have build in root. btw, what are you trying to do with your kernel? dsixda kitchen only have limited option to modify kernel. as far as I know it only has extract, build, and add init.d option. I've been doing that for several times and it succed. all my modified kernel is created via dsixda's kitchen.
Click to expand...
Click to collapse
I'm triying to add init.d option to my rooted stock kernel. Unfortunately, I always get the following message in Kitchen:
'su' binary not found under working folder!
You must root your ROM first.
But if, as you say, root is stored outside the kernel, I understand why it doesn't work. Is there another way to add init.d to my stock kernel?
BTW, my boot.img file is 5120Ko.
search mikstev's post about droidwall. you can find the tut inside his zip file. extract that file then check readme.txt
EDIT: I forgot that you're using sgy duos. you'll need to extract boot.img via kitchen, find init.rc. add these script
Code:
start sysinit
class_start default
and
Code:
service sysinit /system/bin/logwrapper /system/xbin/busybox run-parts /system/etc/init.d
disabled
oneshot
please refer to mikstev's init.rc to find where to put those script.
I tried to extract boot.img via Kitchen following mikstev's tuto, but it didn't work.
I have my boot.img in a folder called /kitchen/WORKING_XXX. In kitchen, I choose 0, then 20 and 'w'. And I get the following message:
Working folder found
Error: system folder not found under working folder!
I could extract boot.img with 'a'. I then get a file called zImage and a folder called boot.img-ramdisk. In boot.img-ramdisk I find the init.rc file. I modify it by adding the scripts following mikstev's tuto. But then, I cannot build a new boot.img as the 'b' option in not available in kitchen.
Do you have any idea why I cannot complete mikstev's tuto?
EDIT: Please do not take into account what I wrote above. My problem was that the file called zImage and the folder called boot.img-ramdisk must be placed in a folder named BOOT-EXTRACTED and not EXTRACTED_BOOT as mentioned in mikstev's tuto.
ah...thats it. you don't have system folder in working_xxx folder. if you have cwm, make a backup of your rom, copy system.rfs.tar to your computer, extract the file, then put whole system folder into working_xxx.
kurotsugi said:
ah...thats it. you don't have system folder in working_xxx folder. if you have cwm, make a backup of your rom, copy system.rfs.tar to your computer, extract the file, then put whole system folder into working_xxx.
Click to expand...
Click to collapse
I tried your method and that's probably the best way to make it work.
But I found a way around. What I did is extract my boot.img with the 'a' option (no need for system folder), rename the folder where boot.img has been extracted to BOOT-EXTRACTED, modify init.rc and build a new boot.img with 'b' option. Maybe not as clean as your method, but it's a newbie way .
I then installed the new boot.img and I checked that the init.rc file in my root was the modified one (which was the case). However, it seems that init.d support is not working as the scripts installed in the init.d folder didn't execute. Is it due to my noob method? Should I try your method instead?
Thanks a lot for helping me in my first steps in the Android world.
how did you test the init.d script? a simple way to test init.d script is by make a file in init.d contain
Code:
#!/system/bin/sh
touch /data/kurotsugi.txt
make sure that you have installed busybox and set the file permission to 777 (rwxrwxrwx). if the init.d script is working you'll find kurotsugi.txt in /data
kurotsugi said:
how did you test the init.d script? a simple way to test init.d script is by make a file in init.d contain
Code:
#!/system/bin/sh
touch /data/kurotsugi.txt
make sure that you have installed busybox and set the file permission to 777 (rwxrwxrwx). if the init.d script is working you'll find kurotsugi.txt in /data
Click to expand...
Click to collapse
I set the permission to 777 and your test file (called 03test) in init.d but nothing happens.
What I did in fact is to put the following command line in the updater-script of my update.zip file (used to transfer the 03test file to init.d):
Code:
set_perm(0, 0, 0777, "/system/etc/init.d/03test");
Any idea why this doesn't work?
have you install the busybox?
if that method didn't work you can try the other method that I've given to you.
I have busybox installed. But when I want to
Code:
chmod 777 03test
I get the following error message:
Unable to chmod 03test: Read-only file system
That's why I have to go through the update.zip method.
I also reinstalled the new boot.img created with your method but nothing changes. The scripts in init.d don't run at startup.
JohnNAVI said:
I think I have found the reason why it doesn't work. I have installed Busybox v1.18.14 and it looks like run-parts is not supported in this version. I will install a new version of Busybox and I will keep you posted.
Click to expand...
Click to collapse
It was a problem with the old Busybox version that did not support run-parts. I installed v1.19.4 and everything is working fine now.
Thank you so much for helping me kurotsugi. Have a nice day.
I have a shell command that I manually type in terminal everytime my phone starts up. How can I make it automatically execute @ each boot? I've seen init.d scripts, but I'm currently on ICS and I don't believe the kernel I am on supports init.d scripts yet. Any other way without using an external app?
thanks..
Check my thread out in here,
http://forum.xda-developers.com/showthread.php?t=1610741
You can run any scripts during the boot.
Note: Found out there is one small problem with this mode - "adb logcat" is not working. As a workaround run "adb shell su -c logcat"
The Problem:
I am a heavy ADB user (QtADB) and was having problems getting it to mount /system rw and pushing/editing files in real time. Had no problems doing all this by mounting /system in recovery but rebooting the phone just to make some system files changes is kind of inconvenient. So I did some research and found this:
HEXcube said:
The real reason behind adb root or insecure adb is the adb daemon in the device running at root permissions. In pre-Android 4.1 versions, this is usually decided by some initialisation script(like init.rc) at boot time. The script checks for value in default.prop,local.propand other environment variables.
If it finds build.prop,default.prop or local.prop property file with ro.secure=0 adbd is allowed to run as root. You'll get adb root and hence will be able to do commands like adb remount,adb root and adb shell's prompt'll be # by default. The user may be displayed as [email protected] or [email protected] adb GUIs like Android Commander and QtADB will get to work in Root mode.
But,if it's ro.secure=1, adb daemon is made to work in secure mode, and adb won't change to root mode on issuing adb root command. However, if su binary is present in $PATH, u can still call su command from adb shell. But, it's not enough for Android Commander to get Root Access. It is possible to attain adb root through any one of the following methods:
1.For CyanoGenMod based ROMs there is an option in Settings->Developer Settings->Root access to control root access. Choose ADB only or Apps and ADB in options to get adb root.
2.Else use adbd Insecure app by chainfire if you have a rooted device. This is useful, especially for Android 4.1+ devices.
3.Or, you may manually edit default.prop to set it's value to 0, but original default.prop will be restored from boot partition everytime you reboot(this is the reason why adb Insecure cannot permanently do adb root, though there is an option to repeat the rooting procedure everytime the device boots). This method is called temporary adb root. On pre-Android 4.0 ROMs default.prop file was located in / directory. I read that from Android 4.x this file is in ramdisk and so more difficult to edit. But Android 4.0 has local.prop which is easier to modify than default.prop( See method 5)
4.For permanent adb root, you'll have to extract boot.img, change default.prop, repack and then flash it back to device.
5. In Android 4.0 there's local.prop file in /data partition. Setting ro.secure=0 in this file will do adb root permanently. Else you can set another property ro.kernel.qemu=1 in the same file. But, this value makes the system think that it is running in an android emulator. Many exploits and root methods set this property temporarily to gain root. But, it may cause side effects if used permanently. Setting ro.secure=0 is recommended. Do this command in terminal app or adb shell:
echo ro.secure=0 >/data/local.prop
or you can manually copy a local.prop file with ro.secure=0 as it's content to /data.
6.Note that method 3,4 and 5 won't work in Android 4.0 Jelly Bean onwards. According to Dan Rosenburg(drjbliss in XDA),the researcher who discovered adb root emulator exploit and many other exploits, Jelly Bean doesn't parse any property files to set the ownership of adb daemon. The stock adbd will have to be replaced with an insecure one to gain adb root. But still,as adbd is located in /sbin whose contents are reloaded everytime on reboot from boot.img, it won't be permanent.
7. For permanent adb root, you may flash an insecure boot.img(one that contains and insecure adbd)
8. If you're really desperate and can't get adb root to work with any of the above methods use an exploit. Most of the adb based rooting methods utilise some exploit to make the adb daemon run as root. By studying the exploit and implementing it you could gain adb root atleast temporarily.I'm not recommending this method but as a last resort you could try them.
Acknowledgements: Thanks to Dan Rosenberg for explaining the reasons behind adb root, especially the one in Jelly Bean.
Click to expand...
Click to collapse
Original thread: Can't get ADB Root Access in certain ROMs?
So I desided to modify my favorite kernel img and give it a try. I used Imoseyon's leanKernel but it should work with any kernel.
How To:
1. Get Android Image Kitchen and extract it to your PC;
2. Open your_favorite_kernel.zip with 7zip and extract boot.img file to Android Image Kitchen folder;
3. Drag and Drop boot.img over unpackimg.bat. Kernel is unpacked and you will see 2 new folders - ramdisk and split_img;
4. Go to ramdisk folder and open default.prop file with text editor. This probably is not necessary but just in case change ro.secure and ro.adb.secure to 0 (zero):
Code:
ro.secure=0
ro.adb.secure=0
5. Get Chainfire's adbd Insecure v1.30, open it with 7zip, in assets folder you will see 3 .png files. Extract adbd.17.png to ramdisk\sbin folder;
6. Delete original kernel adbd file and rename adbd.17.png to adbd;
7. Go back to Android Image Kitchen folder and run repackimg.bat by just click on it. This will repack the modified kernel to image-new.img file ready for flashing;
8. Rename image-new.img to boot.img and replace the original one in your_favorite_kernel.zip by Drag and Drop in 7zip window;
9. Close 7zip, copy modified your_favorite_kernel.zip to /sdcard and flash it in recovery.
10. Enjoy ADB full root access for /system;
Warnings:
I can't guarantee 100% success with this mod. I did this only with leanKernel and it works great, Haven't tried any other kernels so I am note sure how all this will end up. IT CAN SOFT BRICK YOUR PHONE!!! Keep a copy of the original kernel on your /sdcard!!!
Doing this while trying to find the correct tools for proper repack of the modified kernel sometime I was ending up with the phone not booting to Android, goes straight to download mode. Don't panic... Just remove battery, place it back, hold Volume Up + Home + Power buttons booting to recovery. Flash the original kernel and you are back all good.
The usual stuff:
I AM NOT RESPONSIBLE FOR ANYTHING ... bla-bla-bla...
All the credits goes for the developers created the great tools used for this mod.
If you think it's useful fill free to say THEM and me thanks.
@nijel8
Thanks for sharing this. I will test this out on my device. If successful I would like to share this over in the One SV forums.
I never even considered this idea smh lol.
Edit: confirmed working
Thanks so much for sharing this. I too use adb a lot and need an insecure kernel.
Success. Nexus 5 and I changed Franco kernel to insecure.
Franco kernels used to be insecure but none thus far have been on the N5. Any reason behind this?
Fuzzy13 said:
Thanks so much for sharing this. I too use adb a lot and need an insecure kernel.
Success. Nexus 5 and I changed Franco kernel to insecure.
Franco kernels used to be insecure but none thus far have been on the N5. Any reason behind this?
Click to expand...
Click to collapse
My guess is devs play it safe so average Joe don't mess with /system... ha-ha
btw is "adb logcat" working for you?
Only problem with the adbd from chainfires ADB Insecure is that it breaks adb wireless,any solution ?
nijel8 said:
Note: Found out there is one small problem with this mode - "adb logcat" is not working. As a workaround run "adb shell su -c logcat"
The Problem:
I am a heavy ADB user (QtADB) and was having problems getting it to mount /system rw and pushing/editing files in real time. Had no problems doing all this by mounting /system in recovery but rebooting the phone just to make some system files changes is kind of inconvenient. So I did some research and found this:
Original thread: Can't get ADB Root Access in certain ROMs?
So I desided to modify my favorite kernel img and give it a try. I used Imoseyon's leanKernel but it should work with any kernel.
How To:
1. Get Android Image Kitchen and extract it to your PC;
2. Open your_favorite_kernel.zip with 7zip and extract boot.img file to Android Image Kitchen folder;
3. Drag and Drop boot.img over unpackimg.bat. Kernel is unpacked and you will see 2 new folders - ramdisk and split_img;
4. Go to ramdisk folder and open default.prop file with text editor. This probably is not necessary but just in case change ro.secure and ro.adb.secure to 0 (zero):
Code:
ro.secure=0
ro.adb.secure=0
5. Get Chainfire's adbd Insecure v1.30, open it with 7zip, in assets folder you will see 3 .png files. Extract adbd.17.png to ramdisk\sbin folder;
6. Delete original kernel adbd file and rename adbd.17.png to adbd;
7. Go back to Android Image Kitchen folder and run repackimg.bat by just click on it. This will repack the modified kernel to image-new.img file ready for flashing;
8. Rename image-new.img to boot.img and replace the original one in your_favorite_kernel.zip by Drag and Drop in 7zip window;
9. Close 7zip, copy modified your_favorite_kernel.zip to /sdcard and flash it in recovery.
10. Enjoy ADB full root access for /system;
Warnings:
I can't guarantee 100% success with this mod. I did this only with leanKernel and it works great, Haven't tried any other kernels so I am note sure how all this will end up. IT CAN SOFT BRICK YOUR PHONE!!! Keep a copy of the original kernel on your /sdcard!!!
Doing this while trying to find the correct tools for proper repack of the modified kernel sometime I was ending up with the phone not booting to Android, goes straight to download mode. Don't panic... Just remove battery, place it back, hold Volume Up + Home + Power buttons booting to recovery. Flash the original kernel and you are back all good.
The usual stuff:
I AM NOT RESPONSIBLE FOR ANYTHING ... bla-bla-bla...
All the credits goes for the developers created the great tools used for this mod.
If you think it's useful fill free to say THEM and me thanks.
Click to expand...
Click to collapse
Some time ago I 've tried to do this for a Nexus6, running Marshmallow.
Android has tighten up security, so I got bootloops.
Anyone has managed to do this?
Thank you!
nijel8 said:
Note: Found out there is one small problem with this mode - "adb logcat" is not working. As a workaround run "adb shell su -c logcat"
The Problem:
I am a heavy ADB user (QtADB) and was having problems getting it to mount /system rw and pushing/editing files in real time. Had no problems doing all this by mounting /system in recovery but rebooting the phone just to make some system files changes is kind of inconvenient. So I did some research and found this:
Original thread: Can't get ADB Root Access in certain ROMs?
So I desided to modify my favorite kernel img and give it a try. I used Imoseyon's leanKernel but it should work with any kernel.
How To:
1. Get Android Image Kitchen and extract it to your PC;
2. Open your_favorite_kernel.zip with 7zip and extract boot.img file to Android Image Kitchen folder;
3. Drag and Drop boot.img over unpackimg.bat. Kernel is unpacked and you will see 2 new folders - ramdisk and split_img;
4. Go to ramdisk folder and open default.prop file with text editor. This probably is not necessary but just in case change ro.secure and ro.adb.secure to 0 (zero):
Code:
ro.secure=0
ro.adb.secure=0
5. Get Chainfire's adbd Insecure v1.30, open it with 7zip, in assets folder you will see 3 .png files. Extract adbd.17.png to ramdisk\sbin folder;
6. Delete original kernel adbd file and rename adbd.17.png to adbd;
7. Go back to Android Image Kitchen folder and run repackimg.bat by just click on it. This will repack the modified kernel to image-new.img file ready for flashing;
8. Rename image-new.img to boot.img and replace the original one in your_favorite_kernel.zip by Drag and Drop in 7zip window;
9. Close 7zip, copy modified your_favorite_kernel.zip to /sdcard and flash it in recovery.
10. Enjoy ADB full root access for /system;
Warnings:
I can't guarantee 100% success with this mod. I did this only with leanKernel and it works great, Haven't tried any other kernels so I am note sure how all this will end up. IT CAN SOFT BRICK YOUR PHONE!!! Keep a copy of the original kernel on your /sdcard!!!
Doing this while trying to find the correct tools for proper repack of the modified kernel sometime I was ending up with the phone not booting to Android, goes straight to download mode. Don't panic... Just remove battery, place it back, hold Volume Up + Home + Power buttons booting to recovery. Flash the original kernel and you are back all good.
The usual stuff:
I AM NOT RESPONSIBLE FOR ANYTHING ... bla-bla-bla...
All the credits goes for the developers created the great tools used for this mod.
If you think it's useful fill free to say THEM and me thanks.
Click to expand...
Click to collapse
Can this work with Note 3 N900 (exynos kernel) sir? Or just only for snapdragon chipsrt kernel? Thanks sir!
does this work on locked bootloader devices?
a custom kernel exists for my devices (G928A) with AdB Insecure , but its got a few qwirks that need worked out ( that require fully rooting the device )
all im looking for is insecure Adb, ( which I have tried to change ro.secure=0 and adb.secure=0 both with Echo commands in shell) for temporary adb root on the device
how did ManIT make his custom kernel undetectable/passable by the bootloader but with modifications?
if this will work ... then I will just edit an image pulled from the devices current boot.img and do the same adb insecure edit to the ramdisk.. to update the root flash kernel... shes a bit dated.... and there isn't one for marshmallow specific one yet.
I was also reading about a filler file due to block sizing when repacking the image ... so I created a copy file and edited the contents till it zipped back to within 1kb of data... will this be detected and flagged at boot?
help please
Great tutorial.
I did it by following the steps in your post.
Thank you for clear and precise explanation.
Anybody have a pre-patched / adb root enabled adbd at hand (10.0.36 or higher - current is 10.0.41 I think)?