Help reinstall magisk - OnePlus 7T Questions & Answers

It's been a while since I last rooted my 7t. Current oos 10.3.6. Magisk manager v8.0.3. Magisk was 20.4 I think.
So fetch rewards app detected root. I went to add the app to the magisk hide, cleared fetch rewards storage and still root was detected. Tried to run the rename option in the magisk settings but it appears to hang during the process. Phone screen timed out and when I get back into it, the hide magisk manager status pop up was still there. Rebooted the phone, went back to magisk manager. While magisk manager shows it's still installed, magisk is not. Safety net checks still passed.
To reinstall magisk, I need to get the patched oos image, correct?
Thanks

Hi
Think from the magisk manager app you would just install to inactive slot and reboot?
Refer to the Magisk root for 7T thread for patched boot image and instructions.

When I installed a root checker, it showed that I'm still rooted.
All this started when I used the Magisk function to repackage magisk's file name in an attempt to hide it from Fetch Rewards.

noodlenoggan said:
When I installed a root checker, it showed that I'm still rooted.
All this started when I used the Magisk function to repackage magisk's file name in an attempt to hide it from Fetch Rewards.
Click to expand...
Click to collapse
Ok I don't know what I'm missing but I can't seem to find that fetch rewards app in my play store to install and test at my end. Second, Magisk isn't installed according to you manager screenshot... So I'm at a loss. But their are threads better able to assist your efforts to have Magisk root up and running first cause I not knowledgeable enough to state why your root check detects root yet the manager does not indicate root installed.
But I'll hopefully be of more help and provide you this:
https://forum.xda-developers.com/oneplus-7t/how-to/guide-how-to-root-oneplus-7t-twrp-t3979307
So I'll copy and paste from the link above:
HOW TO UPDATE a ROM and KEEP ROOT:
Before all Disable all magisk modules
Be sure to use Canary Magisk Manager and Canary Magisk (debug)
You can update a stock rom from phone settings with local upgrade:
- Update the Rom WITHOUT REBOOT;
- Open Magisk Manager;
- In Magisk Manager, click on Install/Install/Direct Install;
- Again in Magisk Manager, click on Install/Install/Inactive Slot;
- Reboot.
So from thier I'd assume you need only the following:
- Open Magisk Manager;
- In Magisk Manager, click on Install/Install/Direct Install;
- Again in Magisk Manager, click on Install/Install/Inactive Slot;
But I am unsure so please verify b4 attempting.
Or may be someone else can confirm here?
Good luck and please consider letting me know how you made out. Thanks

I jumped on the xda magisk support forum and was able to sort out the whole mess I was in.
The android app is called Fetch - Receipts Scanner by Fetch Rewards. It's in Google store.
Hopefully for anyone else that is in the same situation will find their solution as I did below.
What I learned from the Magisk forum and closer examination of my phone were:
- Magisk and Magisk Manager are two separate components. Magisk handles the root and Magisk Manager handles additional root related features. Magisk Manager is not required to have a rooted phone continued to be rooted. I was not aware of this.
- When the repackaging routine was started, Magisk Manager did indeed repackaged and installed itself. There was not indication that the process completed successfully as the spinning progress icon did not stop. I had renamed it MagMan as part of the repackaging routing and was expecting the original icon Magisk icon to show for MagMan. Sorry, I had not read the Magisk Manager instructions and simply made a lot of assumptions of the repackaged process. What happened was that I assumed Magisk Manager would just switch over the new name as part of the repackaging routine. Also I didn't pay close enough attention that the new repackaged app, MagMan, which was literally next to Magisk Manager mainly because it had a generic Android icon instead of the Magisk Manager icon and was overlooked. This whole entire time, I was focusing on the original Magisk Manager app and icon but all of the functionality of Magisk Manager now resided in MagMan. I've uninstalled the original Magisk Manager app and now use the repackaged version.
The Fetch Rewards app was added to the Magisk Hide section via MagMan and it's now working properly.
Thanks for following up.

noodlenoggan said:
Thanks
Click to expand...
Click to collapse
Sweet - glad you have success. Enjoy

I just did more or less the same thing... Hid Magisk manager... Forgot... Flashed full update no prob... Installed new Magisk Manager (along with the previously hidden install of Magisk manager).
Then finally figured out to uninstall the hidden Magisk manager... Then, Magisk manager and was able to install Magisk Root. All good now lol. Glad your up and running.

This worked for me yesterday, but make sure to reboot the phone after doing the "hide magisk" option in Magisk Manager settings. The name also does not have to be "MagMan" it can be anything of your choice.
I also noticed that the proxy app (with blank icon) might not open but if it fails to open just force close it and try again, that seemed to make it open for me.
noodlenoggan said:
I jumped on the xda magisk support forum and was able to sort out the whole mess I was in.
The android app is called Fetch - Receipts Scanner by Fetch Rewards. It's in Google store.
Hopefully for anyone else that is in the same situation will find their solution as I did below.
What I learned from the Magisk forum and closer examination of my phone were:
- Magisk and Magisk Manager are two separate components. Magisk handles the root and Magisk Manager handles additional root related features. Magisk Manager is not required to have a rooted phone continued to be rooted. I was not aware of this.
- When the repackaging routine was started, Magisk Manager did indeed repackaged and installed itself. There was not indication that the process completed successfully as the spinning progress icon did not stop. I had renamed it MagMan as part of the repackaging routing and was expecting the original icon Magisk icon to show for MagMan. Sorry, I had not read the Magisk Manager instructions and simply made a lot of assumptions of the repackaged process. What happened was that I assumed Magisk Manager would just switch over the new name as part of the repackaging routine. Also I didn't pay close enough attention that the new repackaged app, MagMan, which was literally next to Magisk Manager mainly because it had a generic Android icon instead of the Magisk Manager icon and was overlooked. This whole entire time, I was focusing on the original Magisk Manager app and icon but all of the functionality of Magisk Manager now resided in MagMan. I've uninstalled the original Magisk Manager app and now use the repackaged version.
The Fetch Rewards app was added to the Magisk Hide section via MagMan and it's now working properly.
Thanks for following up.
Click to expand...
Click to collapse
This worked for me yesterday on Android 9 (OP5T), but make sure to reboot the phone after doing the "hide magisk" option in Magisk Manager settings. The name of the proxy app also does not have to be "MagMan" it can be anything of your choice.
I also noticed that sometimes the proxy app didn't open and if this occurred I just force closed it and then it seemed to work. Anyways good luck hope it works for someone else

Related

Permanent fix for Bluetooth battery drain on stock 7.1 N108

I found a permanent fix for the Bluetooth battery drain bug on stock 7.1, the last n108 release.
Root is required for this fix.
First, go to developer settings and enable Bluetooth hci Snoop log. Reboot. Then disable the Bluetooth hci log. Reboot.
Next, using a root file explorer (I used ES file explorer), navigate to /system/etc/Bluetooth/
Open bt_stack.conf
Near the top is "BtSnoopConfigFromFile=false"
Change it to true, then make sure the following two lines are set to false.
BtSnoopLogOutput=false
BtSnoopExtDump=false
Save the file and reboot.
After some browsing on the nextbit forums, someone had identified that the Bluetooth Snoop hci log was being written to the root directory of /sdcard/, causing significant battery drain. Their solution was to toggle the Bluetooth log on in developer settings, reboot, turn it off, then reboot again. It would always turn itself back on though. This prevents that.
(Bluetooth hci log is a file where android literally records all Bluetooth traffic information, which as you might imagine is CPU and I/o intensive. Normally used by devs for troubleshooting).
I decided to go back to stock due to constant bugs and freezes with the lineage 14.1 builds. Battery life has even been a little better on stock, with rock solid stability.
This prevents the battery drain aspect, but the battery settings still has a reporting error that attributes much more drain to Bluetooth than it should. I'm still getting 3-4hrs screen on time with lots of Bluetooth use after this fix. Better battery stats will provide accurate drain stats.
This is excellent information - thanks for posting - however, I get stuck when trying to save the proposed changes to bt_stack.conf; the file is read-only and I cannot figure out how to change it to allow me to save the changes. How did you do that on the stock ROM?
Bleser said:
This is excellent information - thanks for posting - however, I get stuck when trying to save the proposed changes to bt_stack.conf; the file is read-only and I cannot figure out how to change it to allow me to save the changes. How did you do that on the stock ROM?
Click to expand...
Click to collapse
Is your phone rooted? I used ES File explorer with "root mode" enabled. You can only make changes to the file with a root elevated program. There is also solid file explorer and root file explorer as other options that may work. I should have mentioned root is required.
I believe ES file explorer changes the permission automatically when in root mode, to allow changes. Other apps may require manually changing the permissions of the BT config file.
I did also run 'hide magisk manager" in the magisk settings.
boxes said:
Is your phone rooted? I used ES File explorer with "root mode" enabled. You can only make changes to the file with a root elevated program. There is also solid file explorer and root file explorer as other options that may work. I should have mentioned root is required.
I believe ES file explorer changes the permission automatically when in root mode, to allow changes. Other apps may require manually changing the permissions of the BT config file.
Click to expand...
Click to collapse
Hi @boxes,
No, it is not rooted. I will try ES File explorer. Thanks!
Bleser said:
Hi @boxes,
No, it is not rooted. I will try ES File explorer. Thanks!
Click to expand...
Click to collapse
You will need to be rooted to do this. If you root with magisk, then you can still pass the safetynet check.
Rooting the robin is very easy luckily.
Follow these steps to unlock the bootloader and flash TWRP.
https://forum.xda-developers.com/nextbit-robin/general/guide-install-twrp-root-robin-t3334171
(Use this TWRP rather than the one on that thread-)
https://forum.xda-developers.com/ne...recovery-twrp-3-0-0-0-touch-recovery-t3334152
Then download magisk from here-
https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445
Also download the magisk manager APK. Flash magisk from TWRP then install magisk manger in android.
boxes said:
Is your phone rooted? I used ES File explorer with "root mode" enabled. You can only make changes to the file with a root elevated program. There is also solid file explorer and root file explorer as other options that may work. I should have mentioned root is required.
I believe ES file explorer changes the permission automatically when in root mode, to allow changes. Other apps may require manually changing the permissions of the BT config file.
Click to expand...
Click to collapse
boxes said:
You will need to be rooted to do this. If you root with magisk, then you can still pass the safetynet check.
Rooting the robin is very easy luckily.
Follow these steps to unlock the bootloader and flash TWRP.
https://forum.xda-developers.com/nextbit-robin/general/guide-install-twrp-root-robin-t3334171
(Use this TWRP rather than the one on that thread-)
https://forum.xda-developers.com/ne...recovery-twrp-3-0-0-0-touch-recovery-t3334152
Then download magisk from here-
https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445
Also download the magisk manager APK. Flash magisk from TWRP then install magisk manger in android.
Click to expand...
Click to collapse
Thanks again for your help!
boxes said:
I found a permanent fix for the Bluetooth battery drain bug on stock 7.1, the last n108 release.
Root is required for this fix.
First, go to developer settings and enable Bluetooth hci Snoop log. Reboot. Then disable the Bluetooth hci log. Reboot.
Next, using a root file explorer (I used ES file explorer), navigate to /system/etc/Bluetooth/
Open bt_stack.conf
Near the top is "BtSnoopConfigFromFile=false"
Change it to true, then make sure the following two lines are set to false.
BtSnoopLogOutput=false
BtSnoopExtDump=false
Save the file and reboot.
After some browsing on the nextbit forums, someone had identified that the Bluetooth Snoop hci log was being written to the root directory of /sdcard/, causing significant battery drain. Their solution was to toggle the Bluetooth log on in developer settings, reboot, turn it off, then reboot again. It would always turn itself back on though. This prevents that.
(Bluetooth hci log is a file where android literally records all Bluetooth traffic information, which as you might imagine is CPU and I/o intensive. Normally used by devs for troubleshooting).
I decided to go back to stock due to constant bugs and freezes with the lineage 14.1 builds. Battery life has even been a little better on stock, with rock solid stability.
This prevents the battery drain aspect, but the battery settings still has a reporting error that attributes much more drain to Bluetooth than it should. I'm still getting 3-4hrs screen on time with lots of Bluetooth use after this fix. Better battery stats will provide accurate drain stats.
For extra security you can change the permissions of the .conf file to read only for all groups.
Click to expand...
Click to collapse
Bless you! I should have looked into this earlier but never got around to it, having just left Bluetooth off except when charging. Will see if I can do a bind mount over the file with Magisk so I can leave the system image read-only.
---------- Post added 3rd July 2018 at 12:00 AM ---------- Previous post was 2nd July 2018 at 11:57 PM ----------
In the process of looking this up, I discovered a Magisk module to fix the Bluetooth config problem already exists:
https://forum.xda-developers.com/apps/magisk/module-disable-bluetooth-hci-snoop-log-t3680223
You do not need to edit your system image, just install Magisk and then use Magisk Manager to install this module.
iscaela said:
Bless you! I should have looked into this earlier but never got around to it, having just left Bluetooth off except when charging. Will see if I can do a bind mount over the file with Magisk so I can leave the system image read-only.
---------- Post added 3rd July 2018 at 12:00 AM ---------- Previous post was 2nd July 2018 at 11:57 PM ----------
In the process of looking this up, I discovered a Magisk module to fix the Bluetooth config problem already exists:
https://forum.xda-developers.com/apps/magisk/module-disable-bluetooth-hci-snoop-log-t3680223
You do not need to edit your system image, just install Magisk and then use Magisk Manager to install this module.
Click to expand...
Click to collapse
I tried that and it didn't work for me, I replied to the thread a while back. At least with magisk v16.
Are you concerned about passing the safetynet check? I ran the check in magisk manager and passed, both ctsProfile:true and basicIntegrity:true
I'm still able to download apps from the play store that block rooted/modified devices. Magisk is masking the changes perhaps.
edit: I tinkered with magisk, enabling "hide magisk manager" and now it wont pass safetynet check. So I reinstalled magisk manager. This time I didnt "hide magisk manager", but I enabled "magisk core only mode" and checked the box for "Magisk Hide" and "Systemless Hosts" (I use adaway), now it passes the safetynet check again.
boxes said:
I tried that and it didn't work for me, I replied to the thread a while back. At least with magisk v16.
Are you concerned about passing the safetynet check? I ran the check in magisk manager and passed, both ctsProfile:true and basicIntegrity:true
I'm still able to download apps from the play store that block rooted/modified devices. Magisk is masking the changes perhaps.
Click to expand...
Click to collapse
After installing the module, I had to turn "Enable Bluetooth HCI snoop log" on in "Developer options", reboot, and turn it back off again, but it seems to have worked and /sdcard/btsnoop_hci.log stopped growing in size.
The file was also not recreated after I deleted it and rebooted one more time. So I think the extra steps are necessary whether using the module or editing the original file in the system image (there's lingering config data which could in theory be handled in the module as well if ).
boxes said:
edit: I tinkered with magisk, enabling "hide magisk manager" and now it wont pass safetynet check. So I reinstalled magisk manager. This time I didnt "hide magisk manager", but I enabled "magisk core only mode" and checked the box for "Magisk Hide" and "Systemless Hosts" (I use adaway), now it passes the safetynet check again.
Click to expand...
Click to collapse
I've had Magisk installed since I first got the phone and except for a brief period in mid 2017, SafetyNet checks have been passing with "Magisk Hide" alone, without selecting "core only mode" (which disables modules). I'm also using "Systemless hosts" for AdAway.
@iscaela
How long has it been since you did that? Just the process of enabling/disabling in dev options would fix it for a day or two in my experience.
boxes said:
@iscaela
How long has it been since you did that? Just the process of enabling/disabling in dev options would fix it for a day or two in my experience.
Click to expand...
Click to collapse
Just over 12 hours today. I've rebooted twice recently and it's stayed the same. I doubt there's a time component to it reverting, the config loading is pretty simple.
Interestingly, bluedroid is still listening on port 8872 as documented at https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/master/doc/btsnoop_net.md but isn't producing any traces.
iscaela said:
Just over 12 hours today. I've rebooted twice recently and it's stayed the same. I doubt there's a time component to it reverting, the config loading is pretty simple.
Interestingly, bluedroid is still listening on port 8872 as documented at https://android.googlesource.com/platform/external/bluetooth/bluedroid/+/master/doc/btsnoop_net.md but isn't producing any traces.
Click to expand...
Click to collapse
So the most recent reboot did enable the setting and created /sdcard/btsnoop_hci.log again. The reason appears to be the module leaves BtSnoopConfigFromFile=false.
I'm going to update the module to edit this and report back.
Looks like the updated Magisk module works, I've posted it to the other thread:
https://forum.xda-developers.com/ap...bluetooth-hci-snoop-log-t3680223/post76987430

Passing SafetyNet

Well, I have this Moto G5 with LineageOS 16, Magisk 19.3 and TWRP 3.2.3-2-cedric-arm64 and unlocked bootloader.
When I test SafetyNet with Magisk Manager It says to me
SafetyNet check passed
ctsProfile: false
basicIntegrity: false
I have hidden Magisk Manager and changed the device fingerprint with the MagiskHide Props Config (I chosed the Moto G5 7.0 fingerprint)
What should do I do to get them both to true?
Srry for bad english
P.S. I'm having problems with Pokémon GO, this is why I'm doing this
If you flash the magisk uninstall zip and restart the device and run a safetynet check (use a 3rd party app from playstore) does basic integrity pass?
If so try an older version of magisk or try the canary build - if basic integrity still fails and you have tested it again after a clean flash then try a different rom
TheFixItMan said:
If you flash the magisk uninstall zip and restart the device and run a safetynet check (use a 3rd party app from playstore) does basic integrity pass?
If so try an older version of magisk or try the canary build - if basic integrity still fails and you have tested it again after a clean flash then try a different rom
Click to expand...
Click to collapse
I've uninstalled Magisk and checked safety net, it still gives both false.
So I should change rom?
OnionMaster03 said:
I've uninstalled Magisk and checked safety net, it still gives both false.
So I should change rom?
Click to expand...
Click to collapse
If it doesn't pass with a clean flash then yes
OnionMaster03 said:
I've uninstalled Magisk and checked safety net, it still gives both false.
So I should change rom?
Click to expand...
Click to collapse
Los16 doesn't support safetynet on our device, you can use the magisk safetynet Modul that fixed your problem.
OnionMaster03 said:
Well, I have this Moto G5 with LineageOS 16, Magisk 19.3 and TWRP 3.2.3-2-cedric-arm64 and unlocked bootloader.
When I test SafetyNet with Magisk Manager It says to me
SafetyNet check passed
ctsProfile: false
basicIntegrity: false
I have hidden Magisk Manager and changed the device fingerprint with the MagiskHide Props Config (I chosed the Moto G5 7.0 fingerprint)
What should do I do to get them both to true?
Srry for bad english
P.S. I'm having problems with Pokémon GO, this is why I'm doing this
Click to expand...
Click to collapse
I had the same problem, the ONLY thing that worked was installing the Magisk module "SafetyNet Fix" (you can find it the "Downloads" section of Magisk). The issue with that is that it creates a conflict with the "key" so you can an error message every time you start your phone, but you can ignore/clear it.
Tiki Thorsen said:
I had the same problem, the ONLY thing that worked was installing the Magisk module "SafetyNet Fix" (you can find it the "Downloads" section of Magisk). The issue with that is that it creates a conflict with the "key" so you can an error message every time you start your phone, but you can ignore/clear it.
Click to expand...
Click to collapse
If you try copying the fingerprint key from the system build.prop into the vendor build.prop replacing the existing value it should solve that issue
Not tried it as don't own device
Tiki Thorsen said:
I had the same problem, the ONLY thing that worked was installing the Magisk module "SafetyNet Fix" (you can find it the "Downloads" section of Magisk). The issue with that is that it creates a conflict with the "key" so you can an error message every time you start your phone, but you can ignore/clear it.
Click to expand...
Click to collapse
I have the same problem. When I install SafetyPatch, the phone hangs in an bootloop.
I choose pixel 2xl fingerprint. Its working fine for me

Local Upgrade for Rooted Users

Hi All. Just thought I'd quickly mention the method of updating OOS if you are rooted for anyone new to this or to anyone who's forgotten.
Disclaimer: This works for me, I've just done it. Backup your phone just in case. I'm not responsible for your actions or the consequences of your actions. You merely adopted the dark, I was born into it etc etc.
Process:
1- Disable or uninstall all Magisk modules and Overlays (Substratum etc). Otherwise you may end up in a bootloop.
2- Download the FULL version of the ROM (it will be around 2gb). Make sure it's the correct version for your device/region. (eg Global, EU, India etc).
3- Move the downloaded file to your internal storage (root directory).
4- Open the system update app under Settings -> System -> System Updates.
5- Select the cog icon at the top left and select Local Upgrade.
6- Choose the file you've downloaded and let the phone update.
7- DO NOT REBOOT!
8- Open Magisk Manager and select Install (for Magisk not Magisk Manager)
9- Select Install and on the next popup screen make sure you select Install to Inactive Slot (After OTA).
10- Reboot after Magisk has installed
11- Profit :good:
Works great as usual. Thanks.
bowlandspoon said:
Hi XDA peeps. Just thought I'd quickly mention the method of updating OOS if you are rooted for anyone new to this or to anyone who's forgotten.
Disclaimer: This works for me, I've just done it. Backup your phone just in case. I'm not responsible for your actions or the consequences of your actions. You merely adopted the dark, I was born into it etc etc.
Process:
1- Download the FULL version of the ROM (it will be around 2gb). Make sure it's the correct version for your device/region. (eg Global, EU, India etc)
2- Move the downloaded file to your internal storage (root directory).
3- Open the system update app under Settings -> System -> System Updates.
4- Select the cog icon at the top left and select Local Upgrade.
5- Choose the file you've downloaded and let the phone update.
6- DO NOT REBOOT!
7- Open Magisk Manager and select Install (for Magisk not Magisk Manager)
8- Select Install and on the next popup screen make sure you select Install to Inactive Slot (After OTA).
9- Reboot after Magisk has installed
10- Profit :good:
Click to expand...
Click to collapse
Don't forget to disable or uninstall all magisk modules and overlays (Substratum etc). Otherwise you can end in a bootloop.
xx00xx1990 said:
Don't forget to disable or uninstall all magisk modules and overlays (Substratum etc). Otherwise you can end in a bootloop.
Click to expand...
Click to collapse
Thanks, will add this to OP.
FLAWLESS PROCESS! Thank you!
Sent from my IN2025 using Tapatalk
Just because the "uninstall all magisk modules" seemed to be something passed from long time ago, I tried without touching the modules at all. Booted just fine. Feel free to not disable any modules and try that way. Will save you time
Cubox. said:
Just because the "uninstall all magisk modules" seemed to be something passed from long time ago, I tried without touching the modules at all. Booted just fine. Feel free to not disable any modules and try that way. Will save you time
Click to expand...
Click to collapse
And just because your modules didnt cause bootloop everyone elses dont either? Dont spread misinformation
pyry666 said:
And just because your modules didnt cause bootloop everyone elses dont either? Dont spread misinformation
Click to expand...
Click to collapse
First of all, I'm not spreading misinformation. I'm just telling about my experience. Any user who has a bootloop after upgrading without disabling modules can easily remove them from recovery (after flashing the one with adb enabled). This step to disable all modules is not mandatory for everyone and will make you waste time for nothing.
Second, if the argument is that because some users might get a bootloop, why not just do a data wipe every time you upgrade as well? Being overly cautious can be useful in some situations, but not here. If you get a bootloop, you can fix it easily. If you don't, you saved 10-20m from your life reinstalling everything.
pyry666 said:
And just because your modules didnt cause bootloop everyone elses dont either? Dont spread misinformation
Click to expand...
Click to collapse
This has happened to me on several different devices. I never do an update without disabling my magisk modules.
I've done this 4 times now with zero issues:
Take system update from OnePlus in settings and install as well.
Don't reboot
Reinstall magisk on main slot, then inactive slot from inside the magisk app.
Reboot
That's it.
My 2 cents. The Call Recorder module has been the culprit of the bootloop in my experience.
I had bootloop using these steps bellow:
1- Disabled all Magisk modules.
2- Downloaded the FULL version of the ROM (around 2gb).
3- Used Local Upgrade.
4- Waited and let the phone update.
5- I did not reboot
6- Opened Magisk Manager and Installed it to Inactive Slot
7- Rebooted
8- Worked everyting ok after reboot (root persisted)
9- Reenabled magisk modules
10- Rebooted
11- BOOTLOOP
12- I disabled all modules via TWRP and then system booted correctly.
13- Uninstalled all modules and installed them again.
I had the Call Recorder module so I may cause the bootloop. I think the safest method is to uninstall all modules before update and then install it again after successful update
<3
Just wanted to say, thank you so much for this guide

How To Guide How to root and pass SafetyNet on XQ-BT52 62.0.A.3.163

How to root and pass SafetyNet on Sony Xperia 10 III (XQ-BT52)​Tested on firmware 62.0.A.3.163.
Disclaimer:
This guide assumes you're familiar with the concepts of rooting, Magisk, SafetyNet, fastboot, adb and so on. I will explain why things are done but if I explained everything it would become too long.
This guide is limited to getting root and apps working on the stock Sony ROM. It doesn't cover installing other ROMs.
You can mess up your phone if you don't know what you're doing. This is not a beginner's guide.
Before you do anything else, do these preparations:
Make sure your device is updated to the latest firmware. Getting updates after you unlock the bootloader will be more complicated.
Use XperiFirm to grab a copy of your current firmware (after you've updated it). It can run on Linux too, either via Mono or in a virtual machine. It's basically just a downloader, it doesn't need any fancy hardware access.
Screenshot everything under Settings > System.
Open the dialer and enter *#*#7378423#*#*. Screenshot everything in the service submenus.
Unlock developer options (tap Settings > About > Build number 7 times) then find it under Settings > System > Advanced. Activate USB debugging. Activate OEM unlocking.
Install the Android SDK Platform Tools. On Linux they're most likely in a package provided by your distro.
Copy the screenshots to your PC because the phone will be reset at some point.
Boot into fastboot by turning the phone off, then connect it to PC via USB, and press POWER and VOLUME UP together. The phone led will turn blue. On PC run fastboot devices and make sure it lists your phone and has the serial number you got from the service menu.
Unlocking the bootloader:
This is the point of no return as far as warranty is concerned!
This will factory reset the phone! Make sure you got everything you needed off it.
Obtain the unlock code (you will need the IMEI of the 1st SIM slot).
Boot into fastboot, check again that fastboot devices lists the phone.
Issue the unlock command using the code you got earlier: fastboot oem unlock 0x<unlock code here>
Reboot the phone (you can say fastboot reboot). It will say "can't check for corruption" and "erasing" a couple of times but will eventually boot up to the factory setup.
Enabling Magisk & root:
Download the latest Magisk apk to the phone and install it. Right now that means v24+.
Open boot_X-FLASH-ALL-8A63.sin from the original firmware with any archive manager (it's a tar.xz), 7zip will work fine.
Extract boot.000, rename it to boot.img and put it on the phone.
Open the Magisk app, next to "Magisk" tap "install", choose "Select and patch a file", pick the "boot.img" file.
Download the patched img to PC (will be next to boot.img called something like magisk_patched-24100_MKPRJ.img).
Boot into fastboot, check again that fastboot devices lists the phone.
Flash the patched boot image: fastboot flash boot magisk_patched-24100_MKPRJ.img
Must say OKAY. Can then reboot the phone (you can say fastboot reboot).
Open the Magisk app again, it should say "installed" now next to "Magisk". Also the Superuser and Modules buttons should now be enabled.
Go into Magisk settings and activate "Hide the Magisk app". This is NOT MagiskHide, it does not hide Magisk from other apps, it hides the Magisk Manager app from other apps. More on this later.
Go into Magisk settings and activate Zygisk. This is a built-in replacement for Riru going forward.
Reboot!
Install a root checker app and verify that you get a prompt from Magisk to give root and that the checker says it got root.
Important changes about Magisk:
Riru is now obsolete. It has been replaced by a feature built-into Magisk called Zygisk (which is essentially Riru running in Zygote). It is strongly recommended to go into Magisk settings and activate Zygisk (even if you don't use Riru modules). Do not install Riru anymore. All modules that needed Riru should have Zygisk versions by now unless they're abandoned.
Magisk no longer maintains a module repository, To find and install modules install Fox's Magisk Module Manager. It's a dedicated module management app that supports the old Magisk repo as well as new ones. Inside Magisk you can still enable/disable/remove/install manually and can also update if the module has an update URL, so you can do without Fox if you get your modules directly from their XDA or GitHub pages.
MagiskHide has been replaced by a new feature called Deny list (it's in Magisk settings). It's much more powerful because the apps & processes added to the deny list will be completely excluded from anything based on Magisk so it's impossible for them to detect leaks anymore. On the downside, excluded apps can't be affected by any Magisk or LSPosed modules (LSPosed will grey out such apps and say "it's on the deny list".) This feature should be used sparingly (see below) because Magisk still does a good job of evading detection.
Passing SafetyNet:
Install YASNAC to check your SafetyNet status. At this point you're probably not passing either Basic or CTS check.
Go into Magisk settings. Enable "Enforce deny list". Enter "Configure deny list", find Google Services, check it, expand it, and select only the process ending in .gms and the one ending in .gms.unstable.
Reboot. Check YASNAC. At this point you should be passing Basic check but probably not CTS.
Install Universal SafetyNet Fix (aka USNF) by kdrag0n in Magisk. (Some GIS ROMs already include what this module does, so if you install a GIS ROM you may not need it.) This module hijacks the CTS verification and drops an error which causes the Google service to fall back to Basic verification, which we already fixed in the previous step.
Reboot. Check YASNAC. At this point you should be passing both Basic and CTS. That's it!
You may need to clear storage & cache for Google Play & Services. Go to Settings > Apps & notifications > See all apps, select "All apps", find them in the list, clear storage/cache and reboot. After that try searching for a restricted app such as Netflix on the Play store, if it shows up in results you're all good.
Remember to also add to deny list other apps that try to detect if you're using root, like banking apps.
Other SafetyNet related fixes:
People using non-stock GIS ROMs will probably need module MagiskHide Props Config by Didgeridoohan. This will install a props command line util that you can use (as root) to force Basic attestation, apply extra Magisk hiding techniques, spoof device fingerprint, change the way fingerprinting is checked, or even impersonate another device altogether. Install, reboot, enter adb shell, type su to go root (will need to grant root to shell on the phone when prompted), then run props and follow the options.
People running extra-stubborn banking apps (or other apps that try to detect root extra-hard) that don't work even when added to the Magisk deny list can try module Shamiko by LSPosed. This module adds extra hiding techniques for the apps on the deny list. Please note that Shamiko will disable the Magisk "enforce deny list" option but that's ok, that's an extra feature, the deny list is in effect even without it.
Working apps and modules​Please note that this list is limited to stuff that I personally use. I can't and won't install other stuff to test it.
Root apps:
AFWall(+): Works, but configure it to use its own internal busybox and iptables. Applying rules fails occasionally and you need to retry.
Call Recorder by skvalex: Recording works out of the box, no fiddling required with either headset of mic recording.
JuiceSSH, Termux etc. and other terminal apps: No issues getting root with su.
Busybox: you can install zgfg's module which exposes Magisk's internal Busybox to the rest of the system (bonus: will be updated with Magisk); or you can install osm0sys's module which contains a standalone separate Busybox. As of now both of them provide Busybox 1.34.
MyBackup Pro: Works fine. Used it to transfer 15k+ SMS messages from Android 8.
Solid Explorer: Can access root partitions without issues.
Tasker: No issues.
Titanium Backup: Works but will hang when restoring APKs whose target API doesn't support the ROM's Android version (ie. APKs you can't install directly either).
OAndBackupX: Modern alternative to Titanium, works perfectly.
XPERI+: Version 6 works well and allows you to remap the assistant button and has another couple of features. Version 7 crashes.
Magisk modules:
AFWall Boot AntiLeak
Backup
Builtin BusyBox
Magisk Bootloop Protector
MagiskHide Props Config
Shamiko
SQLite for ARM aarch64 devices
Systemless Hosts (comes with Magisk, enable it in settings)
Universal SafetyNet Fix
Zygisk LSPosed
LSPosed modules:
App Settings Reborn: Works well. May require a couple of reboots before the targeted apps start showing the modifications.
Disable Flag Secure: com.varuns2002 is working, sort of. Please read the module's page. Apps got wise to rooted devices ignoring FLAG_SECURE so now they use hardware DRM or detect screenshots and show you something else (Netflix). So it works only in older versions of apps, or apps that haven't bothered to detect screenshots.
GravityBox [R]: Everything I tried works perfectly.
Physical Button Master Control: The module works as intended, the companion config app has some issues, hopefully they'll be solved soon.
XPrivacyLua: Works perfectly. No issues with SafetyNet.
Not working:
...
Other tested and working Root Apps:
AdAway
Fox's Magisk Module Manager
Franco Kernel Manager
Termux
Not testet yet:
Call Recorder
FolderSync
Total Commander
Vanced Manager
WireGuard
Other tested and working Magisk modules:
1Controller - 1 Module to support all Controllers
Call Recorder - SKVALEX
F-Droid Privileged Extension
Move Certificates (version by Androidacy)
Other tested and working LSPosed modules:
BubbleUPnP AudioCast

Question How to install gapps after installing GSI rom?

I have installed Lineage 18.1 GSI and trying to install gapps. I have rooted and using franko to flash opengapps pico and get an error 70 that there is not enough space on /system. What is the way to get this done? Thanks in advance!
I would like to know that as well.
Tried to flash via stock recovery but that aborted because signature verification failed.
Apps like Flashify, Flash Gordon, Flashfire or Rashr didn't work either.
With MagiskGapps-basic-module from wacko1805 the playservice framework always crashed.
I think the easiest and best way would be to flash opengapps via TWRP.
@ada12 seems to have a TWRP build that still has some bugs, but can be used to flash unsigned zip files.
Maybe he can share this with us.
I feel like this should not be a collasal effort, but it has become one. I have spent the whole day trying to figure it out. I want to use Lineage OS 18.1 with gapps from Andyyan, not any other rom.
psychofaktory said:
I think the easiest and best way would be to flash opengapps via TWRP.
Click to expand...
Click to collapse
I suspect that Magisk should be able to do whatever TWRP is doing (which is just putting some files in certain places, for the most part). Have you tried to find a Magisk module with OpenGapps? Or you can try making your own (but be warned that lzip is not available by default on any Android or Linux).
Edit: nevermind, I see you found a LiteGapps Magisk module.
Thanks @wirespot
The hint with the linked script to create a custom Magisk module on the preferred OpenGapps bundle was worth gold!
Now I have another problem that comes from installing the OpenGapps via Magisk.
For passing SafetyNet I have to add com.google.android.gms and com.google.android.gms.unstable to the deny list.
But when restarting Magisk all modules are reloaded. So also the OpenGapps module.
As a result, the adjustments to the deny list for the Google Play services are discarded again with every restart and the SafetyNet check fails.
How can I prevent that the two entries are no longer removed from the deny list?
Or how can I ensure that the entries are automatically added to the deny list on restart?
Edit:
It seems that this is what Magisk intended and com.google.android.gms and ...gms.unstable are automatically added to the deny list.
But now I have the question, how can I pass the SafetyNet test?
wirespot said:
I suspect that Magisk should be able to do whatever TWRP is doing (which is just putting some files in certain places, for the most part). Have you tried to find a Magisk module with OpenGapps? Or you can try making your own (but be warned that lzip is not available by default on any Android or Linux).
Edit: nevermind, I see you found a LiteGapps Magisk module.
Click to expand...
Click to collapse
Yes, but there is an issue with litegapps, the google contacts sync is broken unfortunately...
psychofaktory said:
It seems that this is what Magisk intended and com.google.android.gms and ...gms.unstable are automatically added to the deny list.
But now I have the question, how can I pass the SafetyNet test?
Click to expand...
Click to collapse
The deny list only lets you pass Basic check. To also pass CTS you need the USNF module (Universal SafetyNet Fix) and possibly other modules too. More details in this thread (check the end of the post), but try with just deny list and USNF first.
Neither the basic integrity check, nor cts profile match are passed.
Besides the denial list, I tried the modules "Shamiko", "Universal SafetyNet Fix" and "MagiskHide Props Config".
With the latter I have also tried various combinations, unfortunately unsuccessful in each case.
It looks like the deny-list does not work.
I suspect here also a connection with the message together that Magisk displays with each call:
Code:
An "su" command that does no belong to Magisk is detected. Please remove the other unsupported su
I have already been able to disable Phh-su with these commands:
Code:
adb shell
phh-su
mount -o remount,rw /
mount -o remount,rw /system
remount
mount -o remount,rw /
mount -o remount,rw /system
/system/bin/phh-securize.sh system.img
But the message in Magisk still appears.
Yeah passing SafetyNet with a custom ROM may be tricky. Didgeridoohan has a few more tips on their website you can try.
OK, I am already a big step closer to the solution.
After installing Magisk regularly, I first installed the Franco Kernel Manager.
Through this I was then able to flash UnSu.zip, which completely removed phh-su.
This also removed the message "An "su" command that does no belong to Magisk is detected" from Magisk.
Magisk had to be set up again afterwards, since it was also cleaned up by the UnSu script.
YASNAC now already showed "Basic integrity -> Pass".
But now I have not found a way to pass the CTS-profile match.
Does anyone here know what settings to set via MagiskHideProps Config?
And could someone send me the fingerprint of the stock rom (62.0.A.9.11)?
Code:
getprop ro.build.fingerprint
After some tests I discovered a big disadvantage with the variant to flash OpenGapps via Magisk.
Push notifications do not seem to work.
I use too many services that rely on Google Push notifications, so I can't do without them.
Compared to the "normal" variant of flashing OpenGapps via recovery before the first boot, the Magisk variant seems to be missing important dependencies and permissions that are only set during the first boot of the rom.
Therefore, the only useful variant is to flash GApps via recovery.
I really hope that we will soon have the possibility to flash unsigned zip files here!
Another approach:
Opengapps-zip files cannot be flashed via the stock recovery because it fails signature verfication.
The GSI roms can be flashed via the stock recovery. So they seem to be signed correctly.
Would it be possible to sign the Opengapps-Zip files with the same signature keys as the GSI-Roms to be able to flash them via the stock recovery?
Aren't GSI ROMs flashed through fastboot? Since they're partition images not zip installers like OpenGapps.
Of course. You are right.
Would it be possible to merge a GAPPS zip file into a GSI image and then flash the image with fastboot?

Categories

Resources