Related
I followed this thread:
http://forum.androidcentral.com/htc-evo-4g-roms-hacks/17766-how-full-root-evo-4g-mac-3.html
I went through all the steps and I'm exhausted since I spent like 2 hours doing this rooting process.
Now someone PLEASE tell me before I gouge my eyes out and skull **** myself if I achieved root.
Am I supposed to see a new icon indicating that I rooted? I don't see anything that says Super Agent but I followed those instructions to a T.
Right now I'm restoring my apps back on and I'm going to be very pissed if I'm thinking what I'm thinking. By the way I searched Google and someone on a forum said that if you cab download wireless tether from market then you're rooted. I was able to download it but does that really mean I am or did that just apply to that particular android phone?
open up a terminal or command line window.
run your adb program, with the following command line
mac
./adb shell
windows
adb shell
(or however you invoked it during the rooting process)
if your prompt looks like
Code:
#
you win.
else, you lose.
edit:
you'll only see superuser permissions if you install the app, not sure where to get it from as when i flash new roms they're preinstalled.
i suggest going on to flash a recovery image, so you can flash other ROMS with ease.
Thankfully I saw the # sign so that means I'm good. How do I go about starting to remove the apps I don't need anymore?
I have to research recovery roms because I don't have the patience to do it today.
just go flash a new ROM that has all the junk removed and save yourself the trouble.
i here there are programs that will do this for you as well, btu i dont know em off hand
gqstatus0685 said:
Thankfully I saw the # sign so that means I'm good. How do I go about starting to remove the apps I don't need anymore?
I have to research recovery roms because I don't have the patience to do it today.
Click to expand...
Click to collapse
1. Reboot in to recovery, so that /system will be writeable.
2. Launch an adb shell and navigate to /system/app:
Code:
./adb shell
# cd /system/app
3. Delete the programs you don't want by using the rm (remove) command:
Code:
# rm Flickr.apk
4. Reboot the device.
If you want to err on the side of caution, you can move the programs to your SD card, or your computer, so that you can restore them if needed:
Move to SD card:
Code:
./adb shell
# mkdir /sdcard/apkbackup
# mv /system/app/Flickr.apk /sdcard/apkbackup
Restore from SD card:
Code:
./adb shell
# mv /sdcrd/apkbackup/Flickr.apk /System/app
Backup to your computer:
Code:
./adb pull /system/app/Flickr.apk ~/Desktop/Flickr.apk
./adb shell
# rm /system/app/Flickr.apk
Restore from your computer:
Code:
./adb push ~/Desktop/Flickr.apk /system/app/Flickr.apk
Have fun!
cent
In my endeavor to get rooted on my newly aquired Evo, I learned the RSA keys can easily be jacked up by flashing the wrong stuff to your phone. So, before I went flashing, and rooting away, I wanted a good way to backup the RSA keys on my phone. There are numerous threads out there about where the keys are located, and why some software jacks them up, but this is a good way to get a dump of the keys for safe keeping.
If anyone has any suggestions, feel free to PM me or reply below and I will update the thread as needed!
I am going to assume you are coming from a stock un-rooted phone. This should also work with any other Rom out there as well.
If you have already rooted your phone, you can still grab your RSA keys. See the instructions at the bottom if you have already rooted.
Prerequisites:
You will need to install the USB drivers for the phone. You can find several threads on the forum about getting the proper drivers for the phone. The way I did it was install HTC Sync from this site: http://www.htc.com/us/support/evo-sprint/downloads/
This will install two sets of programs, one will be your driver package, and the other is the actual HTC Sync program. You can go into add/remove programs and remove the HTC Sync program, but leave the HTC Device drivers.
You will also need a copy of adb in order to open a shell to the phone. This runs on your Windows machine, and connects to the phone via USB and lets you send commands to the phones shell. You can find adb all over the forums, but I have included a copy here:
http://gigahype.net/files/adb_shell.zip
Download that and extract it somewhere on your system. Something like C:\adb_shell will be fine. For simplicity, we will use this location in this tutorial.
Now, lets get started:
1. First, enable USB debugging by going to Settings > Applications > Development > and checking USB Debugging.
2. Grab and install z4root onto your Evo from this thread:
http://forum.xda-developers.com/showthread.php?t=833953
Once you have z4root installed, run it, and choose Temporary root. This will take a few seconds to complete so be patient. It will come to a screen that says temp root was a success.
3. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.
4. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell
5. type the following into the command line:
Code:
adb shell
su
Once you type the su command, your phone will prompt asking you to click to allow superuser. Go ahead and click Allow superuser. This will allow the adb shell to get temporary root access.
6. Once you click Allow superuser, your adb shell (in your command window) should now be at a root command line prompt. You can tell if you are at a root command line by the # symbol being displayed. If you see a $ or something other than # then you are not at a root command prompt. GO back and try again
7. If you do indeed have a # then proceed by running the following command. Please type it exactly as you see it. If you are familiar with Linux command strings, this will look familiar.
Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
8. Your done!
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.
If You have already rooted your phone the process is much easier:
1. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.
2. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell
3. type the following into the command line:
Code:
adb shell
That will immediately drop you to a root command on your phone. You will see the # indicating you are at a root command prompt.
4. Proceed with the sed command below:
Code:
sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
NOW PAY ATTENTION. Once the command completes succesfully, you will not get any reports of it completing. It will simply drop back to the # prompt.
If you get an error that states something similar to "sed command not found" then you do not have busybox running on your phone. That's ok, its not the end of the world. Keep reading, were going to modify the command a little.
Run this command only if you received an error stating "sed command not found" or something similar:
Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
5. Your done!
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.
CONGRATS! You have just grabbed a backup of your RSA keys! Put these in a safe place
Again, if anyone has any suggestions, please feel free to let me know! Hope this helps!
great thread and good info...can you modify this to include the people that already have root? thanks in advance
weaselp1 said:
great thread and good info...can you modify this to include the people that already have root? thanks in advance
Click to expand...
Click to collapse
Open a terminal window on your phone and Start at step 7
Will this work to fix a phone that lost its rsa keys if you have another phone that has its rsa keys in tact.
Sent from my PC36100 using XDA App
bvermett said:
Will this work to fix a phone that lost its rsa keys if you have another phone that has its rsa keys in tact.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
No it won't, each Evo has a different RSA key.
weaselp1 said:
great thread and good info...can you modify this to include the people that already have root? thanks in advance
Click to expand...
Click to collapse
Good idea. I have udpated the instructions to include folks that are already rooted.
bvermett said:
Will this work to fix a phone that lost its rsa keys if you have another phone that has its rsa keys in tact.
Click to expand...
Click to collapse
Honestly, I am not sure. But, if you do have another Evo that has good RSA keys, its possible. You could, in theory, use my directions to get a copy of the keys from one phone and copy them to another phone using another similar and easy Lniux command. The only problem is those 2 phones couldn't be used at the same time. Tee process would be a little similar to cloing ESN/MEID's, so I do not think I would be able to post the command to do so. It would be another simple Linux command to copy the keys you have back to the WiMax parition, replacing the ones that are on the phone now.
Thanks! I'm just getting ready to root for the first time and I'll be a lot more comfortable knowing my keys are backed up.
For completeness, it might be nice to include instructions on how to restore the keys from the backup as well.
Sent from my EVO using XDA app.
t3project said:
Open a terminal window on your phone and Start at step 7
Click to expand...
Click to collapse
This works great. Open terminal emulator on a rooted phone, if you see $ type
su
and hit enter. If you get a prompt, hit yes. Now you should see #. Type
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
and hit enter. You should be all set!
Now that we can back up our RSA keys, how do we restore them from our backup if we screw them up?
Mine was 97 kb. Never flashed anything radio-related or any dev ROMs. Seems like they're probably gone. I saw the 'size can vary', but unless your phone is endowed with a huge RSA key, I'd say they've probably picked up shop and moved on.
Sent from my PC36100 using XDA App
Just did this with terminal emulator and it worked perfect. file size was 4575mb. Im sure this will help out a lot of people. I know its been asked but how the hell do you restore the keys if they get dropped?
Excellent Work!!
Excellent find and write up. Quick and easy. I was able to this all through adb wireless, and the file size is 4,575KB. Now the big question thats on everyones mind, how do we put them back.
I checked my RSA keys (here) before and after doing this and here is what i came up with:
Code:
C:\Documents and Settings\Kommodore Heinz\EVO Stuff\SDK>adb connect 192.168.1.4:5555
connected to 192.168.1.4:5555
C:\Documents and Settings\Kommodore Heinz\EVO Stuff\SDK>adb shell
# grep RSA /dev/mtd/mtd0
grep RSA /dev/mtd/mtd0
RSA-REQUEST
RSA-REPLY
RSA-REJECT
RSA-ACK
RSA-1024
RSA-REQUEST
RSA-REPLY
RSA-REJECT
RSA-ACK
RSA-1024
RSA
ReRSA
RSA requests
RSA replies
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
#
According to what I've been reading this all looks correct.
worked great.....still the big question here....how to restore should we need to.
I'm in adb shell but only get the "$" icon. When I type in "su" I get "permission denied". It looks like adb is seeing my phone because when I do an "ls" on it it displays the directory contents. Is there anything on the phone that I have to do to enable superuser access through adb?
My phone is rooted.
Thanks.
DOH! Never mind, I didn't notice the prompts on the phone. /Embarrased/
Unfortunately I get the following when I tried both the commands:
sed: not found
busybox: not found
Wayno-san said:
I'm in adb shell but only get the "$" icon. When I type in "su" I get "permission denied". It looks like adb is seeing my phone because when I do an "ls" on it it displays the directory contents. Is there anything on the phone that I have to do to enable superuser access through adb?
My phone is rooted.
Thanks.
DOH! Never mind, I didn't notice the prompts on the phone. /Embarrased/
Unfortunately I get the following when I tried both the commands:
sed: not found
busybox: not found
Click to expand...
Click to collapse
If you are running titanium backup, hit the "problems" button at the bottom when you open titanium up, it will ask you if you want to install busybox. see if that helps.
also, try running this command first "busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key"
casper97ta said:
If you are running titanium backup, hit the "problems" button at the bottom when you open titanium up, it will ask you if you want to install busybox. see if that helps.
also, try running this command first "busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key"
Click to expand...
Click to collapse
I tried that first (updating busybox via Ti backup). It appears to have updated successfully but I'm still getting the "busybox: not found" message. Going to try to reboot and reconnect and give it another shot.
Update: Still no-go. Do I need to somehow "start" busybox on the phone first?
Have you tried running that busy box command line? other than that you might want to try PM'ing the Op to see if he knows a little more.
casper97ta said:
Have you tried running that busy box command line? other than that you might want to try PM'ing the Op to see if he knows a little more.
Click to expand...
Click to collapse
Yes sir. Here's what I entered into a command window run as Admin:
Code:
C:\EVO>adb shell
adb server is out of date. killing...
* daemon started successfully *
$ su
su
# sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
sed: not found
# busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
busybox: not found
# ls
ls
app-cache
config
cache
sdcard
acct
mnt
d
etc
system
sys
shutdown.supersonic.rc
sbin
proc
init.supersonic.rc
init.rc
init.goldfish.rc
init
default.prop
data
bootcomplete.supersonic.rc
root
dev
# busybox
busybox
busybox: not found
#
I also tried the adb from the latest SDK but got the same results (minus the "out of date" message).
UPDATE: I was finally able to do this... I had to have the phone in RECOVERY. I'm not sure if that should be obvious but it wouldn't hurt adding to the original instructions.
Re Wimax backup
ok,i know this is a noob question, but if i did this then my pri/wimax got jacked up and deleted,would this still work by putting it back.
thankk
When is a key not a key? When it contains everything to the EOF
Maybe you should rename RSA_oem.key to end_of_file_starting_with_BEGIN_RSA.stuff . Just saying.
Wana see something neat (whether your nandroids have a copy of your RSA keys) do:
#grep RSA /sdcard/nandroid/HT065HL*****/(NAME OF NANDROID)/wimax.img
Substitute the name of your nandroid back up file for: NAME OF NANDROID.
That shows whether your RSA keys are currently backed up, by RA's recovery only at this time.
BooDaddy said:
In my endeavor to get rooted on my newly aquired Evo, I learned the RSA keys can easily be jacked up by flashing the wrong stuff to your phone. So, before I went flashing, and rooting away, I wanted a good way to backup the RSA keys on my phone. There are numerous threads out there about where the keys are located, and why some software jacks them up, but this is a good way to get a dump of the keys for safe keeping.
If anyone has any suggestions, feel free to PM me or reply below and I will update the thread as needed!
I am going to assume you are coming from a stock un-rooted phone. This should also work with any other Rom out there as well.
If you have already rooted your phone, you can still grab your RSA keys. See the instructions at the bottom if you have already rooted.
Prerequisites:
You will need to install the USB drivers for the phone. You can find several threads on the forum about getting the proper drivers for the phone. The way I did it was install HTC Sync from this site: http://www.htc.com/us/support/evo-sprint/downloads/
This will install two sets of programs, one will be your driver package, and the other is the actual HTC Sync program. You can go into add/remove programs and remove the HTC Sync program, but leave the HTC Device drivers.
You will also need a copy of adb in order to open a shell to the phone. This runs on your Windows machine, and connects to the phone via USB and lets you send commands to the phones shell. You can find adb all over the forums, but I have included a copy here:
http://gigahype.net/files/adb_shell.zip
Download that and extract it somewhere on your system. Something like C:\adb_shell will be fine. For simplicity, we will use this location in this tutorial.
Now, lets get started:
1. First, enable USB debugging by going to Settings > Applications > Development > and checking USB Debugging.
2. Grab and install z4root onto your Evo from this thread:
http://forum.xda-developers.com/showthread.php?t=833953
Once you have z4root installed, run it, and choose Temporary root. This will take a few seconds to complete so be patient. It will come to a screen that says temp root was a success.
3. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.
4. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell
5. type the following into the command line:
Code:
adb shell
su
Once you type the su command, your phone will prompt asking you to click to allow superuser. Go ahead and click Allow superuser. This will allow the adb shell to get temporary root access.
6. Once you click Allow superuser, your adb shell (in your command window) should now be at a root command line prompt. You can tell if you are at a root command line by the # symbol being displayed. If you see a $ or something other than # then you are not at a root command prompt. GO back and try again
7. If you do indeed have a # then proceed by running the following command. Please type it exactly as you see it. If you are familiar with Linux command strings, this will look familiar.
Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
8. Your done!
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.
If You have already rooted your phone the process is much easier:
1. Connect your phone using the USB cable. Make sure you select USB Charging mode on the screen.
2. Open a command prompt window from your PC and navigate to where you extracted adb_shell.zip to. In this example, we have extracted it to c:\adb_shell
3. type the following into the command line:
Code:
adb shell
That will immediately drop you to a root command on your phone. You will see the # indicating you are at a root command prompt.
4. Proceed with the sed command below:
Code:
sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
NOW PAY ATTENTION. Once the command completes succesfully, you will not get any reports of it completing. It will simply drop back to the # prompt.
If you get an error that states something similar to "sed command not found" then you do not have busybox running on your phone. That's ok, its not the end of the world. Keep reading, were going to modify the command a little.
Run this command only if you received an error stating "sed command not found" or something similar:
Code:
busybox sed -n '/BEGIN CERTIFICATE/,$p' /dev/mtd/mtd0 > /sdcard/rsa_OEM.key
5. Your done!
This will dump the RSA keys to a file on your SD Card named rsa_OEM.key
Mine was about 4575 KB in size, but the size could vary.
You can disconnect the phone now. Go ahead and switch the phone's USB connection over to "Disk Drive" and then browse to your SD Card and verify that the file rsa_OEM.key is indeed on the card.
CONGRATS! You have just grabbed a backup of your RSA keys! Put these in a safe place
Again, if anyone has any suggestions, please feel free to let me know! Hope this helps!
Click to expand...
Click to collapse
Ok, after using my phone for a while i decided to root it. Since I have the stock Gingerbread rom i followed the guide to downgrade to the stock froyo rom. http://forum.xda-developers.com/showthread.php?t=1178912
I reached the part Temp-Rooting to Backup However, when i run titanium backup it says Error: Sorry, I could not acquire root privileges. This application will *not* work.
What am I supposed to do? I followed the guide to the letter and everything up till that point was exactly as the guide said.
My phone's details are
Android version 2.3.3
Baseband version 12.56.60.25U_26.10.04.03_M
Kernel version 2.6.35.10-g7b95729
Software number 2.42.415.17
Here is what i did in adb
http://pastebin.com/jkxE55Yh
For some reason, new users are not allowed to post links in their replies. Nipqer, i redid all my steps and did what you told me.
here is the link of all what i did:
http://pastebin.com/Fze9uB33
First, thank you so much for linking a pastebin of what you've done, makes it so much easier to try help.
However I'd really like to see if there was any output after running 'adb shell /data/local/
tmp/fixsu.sh' so if you can get that ouput and post it, would be much appreciated.
You might have to run it from inside shell:
adb shell
cd /data/local/tmp
./fixsu.sh
-Nipqer
Thanks Nipqer and sorry for the late reply.
I did what you told me and this is what i got
C:\Program Files (x86)\Android\android-sdk\platform-tools>adb shell
adb server is out of date. killing...
* daemon started successfully *
# cd /data/local/tmp
cd /data/local/tmp
# ./fixsu.sh
./fixsu.sh
#
though i don't know if it helps with anything.
I just got confused because in the guide it says to install Titanium backup and backup my data. I have already done a manual backup myself but i figured doing a backup using Titanium backup will not hurt. I have used other programs like Root Checker Basic and it tells me that i don't have proper root access.
Can I just ignore this issue and go ahead with the downgrade? Or will there be some problems?
Thanks again in advance!
Hmm, it should give you root permissions after running fixsu.sh.
The lack of output shows it should've worked.
That part of the guide is entirely optional anyway, so If you already have what you want backed up, go ahead and downgrade.
-Nipqer
Nipqer said:
Hmm, it should give you root permissions after running fixsu.sh.
The lack of output shows it should've worked.
Click to expand...
Click to collapse
Well. fixsu.sh returned no error for me, too. But Titanium backup did not get root and trying to call "su", I got I/O error. And looking to dmesg, I seen corrupted file system.
After a bit of research I got the reason: rw remount succeeds, Linux thinks, that data are written to flash, but no data are written for real. Once data leave cache, they are lost and system "returns" to intact state.
I wrote a different fixsu.sh, which does not have this problem, but I am still failing to get root privileges, even with the latest Superuser+su. I got only a pop-up about refused root access. (But "su number_of_any_existing_uid" and then "su" in adb shell says says about permitted access.)
Here is my preliminary fixsu.sh:
Code:
#!/system/bin/sh
chmod 755 /data/local/tmp/busybox
chmod 4755 /data/local/tmp/su
/data/local/tmp/busybox cp -a /system/xbin /data/local/tmp/
mount -o bind /data/local/tmp/xbin /system/xbin
/data/local/tmp/busybox --install -s /system/xbin/
/system/bin/rm /system/xbin/su 2>/dev/null
/data/local/tmp/busybox cp -a /data/local/tmp/su /system/xbin/
/data/local/tmp/busybox cp -a /system/bin /data/local/tmp/
mount -o bind /data/local/tmp/bin /system/bin
/data/local/tmp/busybox cp -a /data/local/tmp/su /system/bin/
# /etc/* changes are needed only for some busybox utils, not for Superuser's su
/data/local/tmp/busybox cp -a /system/etc /data/local/tmp/
mount -o bind /data/local/tmp/etc /system/etc
/data/local/tmp/busybox echo "root::0:0:root:/data/local:/system/bin/sh" > /system/etc/passwd
chmod 0666 /system/etc/passwd
/data/local/tmp/busybox echo "root::0:0:root:/data/local:/system/bin/sh" > /system/etc/passwd
/data/local/tmp/busybox echo "root::0:" > /system/etc/group
chmod 0666 /system/etc/group
# Optional:
ln /data/local/tmp/busybox /data/local/tmp/xbin/busybox
And here is the code to recover "writable" state after reboot:
Code:
#!/system/bin/sh
mount -o bind /data/local/tmp/xbin /system/xbin
mount -o bind /data/local/tmp/bin /system/bin
mount -o bind /data/local/tmp/etc /system/etc
Unfortunately I can't tell you why it won't work. Might just be your partitions are too corrupted or something.
Have you tried a full power cycle (turn phone off, pull battery), it's helped other phones work in the past.
Otherwise I'd say just use adb to pull your entire /data dir, so you have everything saved and can mess round with trying to put it back in later.
-Nipqer
Nipqer said:
Unfortunately I can't tell you why it won't work. Might just be your partitions are too corrupted or something.
Have you tried a full power cycle (turn phone off, pull battery), it's helped other phones work in the past.
Click to expand...
Click to collapse
I tried to reboot without battery removal. Partition was "corrupted" before reboot and intact after reboot. I tried to write again. I again got corruption. And ffter reboot it was again byte-equal to the original system.img. It means, that not write actually happens. Linux kernel just assumes that data are written, but they are lost after leaving kernel cache.
Hopefully, Android mount command supports -o bind, so one can bind mount directories from /data and /system is seemingly writable then.
Nipqer said:
Otherwise I'd say just use adb to pull your entire /data dir, so you have everything saved and can mess round with trying to put it back in later.
Click to expand...
Click to collapse
I saved all mmcblk0p* before starting my experiments. It should be the most complete way to backup, but it does not easily allow partial restore.
utx said:
I saved all mmcblk0p* before starting my experiments. It should be the most complete way to backup, but it does not easily allow partial restore.
Click to expand...
Click to collapse
If you saved the data from the partitions, restoring would just be placing the apk in /data/app/ and then placing the data files back into /data/data/ - if you do it this way, you must run fix_permissions whether you saved it with or without preserving the permissions (owner, read/write/execute, et cetera). The app, when you put it on the different rom, will have a different UID (more than likely) than it did before and the data files permissions would be incorrectly set. Running fix_permissions should resolve that issue.
*EDIT*
I may of misunderstood what you meant by saving mmcblk0p*. How did you do this? At first I was thinking you just meant you did a tar backup of each partition, but after re-reading sounds more like you something like
Code:
# dd if=/dev/block/mmcblk0p# of=/sdcard/mmcblk0p#.img
Is that what you did? If so, are you trying to restore it by the same method?
Code:
# dd if=/sdcard/mmcblk0p#.img of=/dev/block/mmcblk0p#
If so, I'm not sure that would work properly… You might have to extract the data from it then copy it over to the partition...
I've had that problem after geting temp root. Titanium would say no root premissions. So I redid the steps after reboot...but I found the problem was that if you open titanium back up be for u root it will throw yu that msg so if yu have did that that's why so go back after you root in to applications and force close titanium and then reopen app then it shuld give you root premssions at least it worked for me but I still wasn't able to down grade and another thing are u using the gfree method kus that didn't work for me to get root... I had to use the freevo method to get temp root as gfree kept giving me errors after doing the adb coommands
sent from my Tmobile G2 Rush Vision
And if that dosnt work yu can use sdcard maid to back up your system apps n such or delete them ....
sent from my Tmobile G2 Rush Vision
Setherio said:
If you saved the data from the partitions, restoring would just be placing the apk in /data/app/ and then placing the data files back into /data/data/ - if you do it this way, you must run fix_permissions whether you saved it with or without preserving the permissions (owner, read/write/execute, et cetera). The app, when you put it on the different rom, will have a different UID (more than likely) than it did before and the data files permissions would be incorrectly set. Running fix_permissions should resolve that issue.
Click to expand...
Click to collapse
I am aware of this problem. But if one returns exactly equal /system as it was there before, the /data will need no change.
Setherio said:
I may of misunderstood what you meant by saving mmcblk0p*. How did you do this? At first I was thinking you just meant you did a tar backup of each partition, but after re-reading sounds more like you something like
Code:
# dd if=/dev/block/mmcblk0p# of=/sdcard/mmcblk0p#.img
Is that what you did? If so, are you trying to restore it by the same method?
Code:
# dd if=/sdcard/mmcblk0p#.img of=/dev/block/mmcblk0p#
If so, I'm not sure that would work properly… You might have to extract the data from it then copy it over to the partition...
Click to expand...
Click to collapse
It was just an abbreviation:
Code:
cd /dev/block
for PARTITION in mmcblk0p* ; do
dd if=/dev/block/$PARTITION of=/sdcard/$PARTITION.img
done
I guess, that the most straightforward way to restore that /data would be: First run
Code:
fsck mmcblk0p26.img
(on Linux machine) on that /data image (when you don't have root and custom recovery yet, you cannot backup /data in read-only mode, so the image is corrupted a bit for sure; if the fsck puts something to /lost+found, you can delete it after finishing of the rooting process). Then rename mmcblk0p26.img to userdata.img and add it to the PC10IMG.zip that restores stock system. Otherwise you will again fight with "partition in use" problem when trying to restore.
I did not test this method, as I did not understand the partition layout that deeply before I root. But there is no reason why it would not work.
Hello everybody,
for quite a while i am reading several guide for rooting my desire z (android 2.3.3, not branded, USB debugging activated, Fast boot deactivated). In Germany most of the guides refer to Setherio's guide. So working with the source is as usual the best.
Unfortunately - even after 3 tries, with factory resets, rebooting, removing the battery, etc. - I cannot gain a temporary root. neither titanium backup nor MyBackUp Root gain access for making a backup. So I ended up here. I am not sure, if Sayedamir had the same problem. Nevertheless, I appreciate every help.
This is what I have done so far:
http://pastebin.com/NKD6D7Av
Furthermore, referring to Nipquer's 1st post, I executed fixsu as described with following results:
http://pastebin.com/0EQS0UnF
I am not sure, if I should proceed with the downgrading without having a backup and I guess, when the backup isn't working (lack of temporary root), the downgrading would not work anyway?!
Hi Vince683,
Yes I had exactly the same problem. I too followed Setherio's guide and after 2 attempts I still couldnt get temp root. I ended up not being able to back up any of my apps.
However i suggest you back up your messages and contact as that was the only stuff I could back up. there are alot of apps in the market that do that and i guess they dont need root.
If backing up your app data is that not important you can proceed with the downgrade. It worked in my case. I guess the only nuisance would be that you have to manually install and configure all yours apps again.
Tell us how it goes.
Perfect, it worked. Thank you for encouraging me
And Cyanogenmod 7.2 works fine.
Vince683 said:
Perfect, it worked. Thank you for encouraging me
And Cyanogenmod 7.2 works fine.
Click to expand...
Click to collapse
You're welcome
im having trouble wirh "reboot recovery" command in my terminal/adb shell
when i try to run in terminal, i get "not permitted!"
and adb shell says [1] Segmentation fault reboot recovery
if i try running reboot -f in terminal or adb shell, i get "usage: reboot [-n] [-p] [rebootcommand]"
i've checked /system/bin, and the reboot bin is there
i've checked the permisssions, originally set to rwsr-sr-x
changing them to rwxr-xr-x makes no change
i found several threads with ppl having the same trouble:
http://forum.xda-developers.com/showpost.php?p=16022907&postcount=2040
http://forum.xda-developers.com/showthread.php?t=1280074
http://forum.xda-developers.com/showthread.php?t=935715
the only one i found useful is the 1st one
the only way i got reboot working is by deleting /system/bin/reboot, and using "reboot -f". without the -f switch nothing happens. if i do reboot recovery -f, it only rebots
but what i really want is to reboot into recovery. any idea on how to? i read in first linked post that the problem is in symlinked reboot to busybox, thats why deleting helped somewhat. anyone has an idea on how to get rebooting to recovery in terminal working?
oh, and my rom is rcmix 4.0. i've read that problem is rom related. but i dont want to switch, because it would defeat the purpouse in the first place....
You need an insecure boot img to run adb as root. No root no reboot. From terminal instead try sudo -i reboot recovery.
sudo not found
and i have root, i do get # in terminal and adb shell. adb commands like push/pull/chmod work fine
about insecure boot image, as far as i can understand you need that in order to have root, whuch i do have. and afaik, that means pretty much all custom kernels? if im missing something here, please do explane...
** DISCLAIMER: I AM NOT A DEVELOPER. I DO THIS AS A HOBBY AND SHARE MY FINDINGS IN CASE SOMEONE ELSE FINDS THEM USEFUL. **
** THIS WORKED ON MY DEVICE BUT IT MAY NOT WORK ON YOURS. APPLY AT YOUR OWN RISK **** This method is designed for Amazon fire phone. Do not use it on other devices unless you are familiar with Android file system and are able to apply proper modifications. **
This has been tested with the unlocked US version running 4.6.1.
This procedure installs superSU root binaries and busybox on your system.
Requirements
Make sure your PC can communicate with your fire phone via adb.
The success of this method depends on following the procedure very carefully. So read the instructions and make sure you understand every step before you try it.
Procedure
1- Install and run Kingroot 4.0. You can google and download it or you can use the one in the attached zip file. When Kingroot runs it is all in Chinese, but basically you need to be connected to the internet for it to work. It will do its thing and show progress up to 100% after which you can exit the program. Now your phone is rooted. The following steps replaces the Kinguser with SuperSU.
2- Unzip the attached file in your adb directory and then open an adb terminal and make sure the PC can see your phone (you can check that by typing adb devices). Then type the following:
Code:
adb push su /data/local/tmp
adb push busybox /data/local/tmp
adb shell
3- In the shell that you get type the following and make sure you give the permission when the phone prompts you:
Code:
su
4- Continue by typing the following commands:
Code:
mount -o remount,rw /system
cat /data/local/tmp/su >/system/xbin/daemonsu && chmod 0755 /system/xbin/daemonsu
cat /data/local/tmp/busybox >/system/xbin/busybox && chmod 0755 /system/xbin/busybox
daemonsu -d &
The key is to keep this session running while you continue with the rest, so be careful with typos and monitor this window for any errors.
5- At this point, leave the adb terminal window running and go to your phone, open the Kinguser app, open settings (the wheel at the top right corner of the screen), Root authorization setting, and Remove Root permission. The app will self-uninstall.
6- Uninstall the other two Kingroot programs that are still on your phone (KingRoot and the other one with the blue icon and Chinese text under it).
7- Back to the adb terminal, and type the following:
Code:
cat /data/local/tmp/su >/system/xbin/su && chmod 0755 /system/xbin/su
busybox chattr -ia /system/xbin/ku.sud
busybox chattr -ia /system/xbin/supolicy
rm /system/xbin/ku.sud
rm /system/xbin/supolicy
rm /system/bin/rt.sh
rm /system/bin/install-recovery.sh
rm /system/bin/shipclean
rm /system/bin/start-ssh
busybox chattr -ia /system/etc/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install-recovery.sh
rm /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install_recovery.sh
rm /system/usr/icu/icusuflag.conf
busybox chattr -ia /system/usr/iku/isu
rm -rf /system/usr/iku
rm /system/kroot_*
rm /sdcard/kr-stock-conf
rm -rf /sdcard/Kingroot
rm -rf /data/data-lib/com.kingroot.RushRoot
rm -rf /data/data-lib/com.kingroot.kinguser
rm -rf /data/data-lib/king
Again, leave the adb terminal window running and go to your phone.
8- Install superSU (from the attached file) on your phone, run it, and let it update the SU binary.
9- Reboot the phone. After about 5 minutes your root is ready.
Hint: It is a good idea to disable Amazon device client platform, DCP platform contracts, and two apps called System Updates in Amazon settings. They are responsible for regular updates, constant chatter with Amazon servers, and possible patching of your root exploit. Also disable Kinesis service which is responsible for major battery drain and heating. You will find it under settings, display, configure motion and gesture settings. Disable all.
Troubleshooting
1- Most of the problems that I noticed people have encountered is due to not reading the instructions fully. So make sure you read the OP word by word.
2- If you miss a step or mess up something go back to installing Kingroot and start over from the beginning.
3- If instant video or some other Amazon app doesn't work it is because you should run them at least once prior to rooting the phone.
4- Finally, I noticed that with an AT&T sim card in the phone Kingroot fails (why am I not surprised?) Either a reboot occurs in the middle of rooting or it completes the cycle without accomplishing root. If that occurs, my best advice is to change your phone company. If that fails, you may need to factory reset your phone or even install the firmware from scratch and try again without the sim card.
Okay. Working. I tried it 2 Times because i get in troubles with the SuperSu App.
After First Time i Cant open it anymore after adb shell.
Second Time i installed SuperSu, but after adbshell the app was gone (!?) - but i installed it again with adb shell before reboot. Now SuperSu is Working.
And now tell me how to change the FireOS to a Android Status Bar with Notifications, and youre my Hero ;D
najoor said:
** DISCLAIMER: I AM NOT A DEVELOPER. I DO THIS AS A HOBBY AND SHARE MY FINDINGS IN CASE SOMEONE ELSE FINDS THEM USEFUL. **
** THIS WORKED ON MY DEVICE BUT IT MAY NOT WORK ON YOURS. APPLY AT YOUR OWN RISK **
This has been tested with the unlocked US version running 4.6.1.
Requirements
Make sure your PC can communicate with your fire phone via adb.
The success of this method depends on following the procedure very carefully. So read the instructions and make sure you understand every step before you try it.
Procedure
1- Install and run Kingroot 4.0. You can google and download it or you can use the one in the attached zip file. When Kingroot runs it is all in Chinese, but basically you need to be connected to the internet for it to work. It will do its thing and show progress up to 100% after which you can exit the program. Now your phone is rooted. The following steps replaces the Kinguser with SuperSU.
2- Unzip the attached file in your adb directory and then open an adb terminal and make sure the PC can see your phone (you can check that by typing adb devices). Then type the following:
Code:
adb push su /data/local/tmp
adb push busybox /data/local/tmp
adb shell
3- In the shell that you get type the following and make sure you give the permission when the phone prompts you:
Code:
su
4- Continue by typing the following commands:
Code:
mount -o remount,rw /system
cat /data/local/tmp/su >/system/xbin/daemonsu && chmod 0755 /system/xbin/daemonsu
cat /data/local/tmp/busybox >/system/xbin/busybox && chmod 0755 /system/xbin/busybox
daemonsu -d &
The key is to keep this session running while you continue with the rest, so be careful with typos and monitor this window for any errors.
5- At this point, leave the adb terminal window running and go to your phone, open the Kinguser app, open settings, Root authorization setting, and Remove Root permission .
6- Uninstall the other two Kingroot programs that are still on your phone (KingRoot and the other one with the blue icon and Chinese text under it).
7- Back to the adb terminal, and type the following:
Code:
cat /data/local/tmp/su >/system/xbin/su && chmod 0755 /system/xbin/su
busybox chattr -ia /system/xbin/ku.sud
busybox chattr -ia /system/xbin/supolicy
rm /system/xbin/ku.sud
rm /system/xbin/supolicy
rm /system/bin/rt.sh
rm /system/bin/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh
rm /system/etc/install-recovery.sh
busybox chattr -ia /system/etc/install-recovery.sh-ku.bak
rm /system/etc/install-recovery.sh-ku.bak
rm /system/kroot_*
rm /sdcard/kr-stock-conf
rm -rf /sdcard/Kingroot
rm /system/usr/icu/icusuflag.conf
busybox chattr -ia /system/usr/iku/isu
rm -rf /system/usr/iku
Again, leave the adb terminal window running and go to your phone.
8- Install superSU (from the attached file) on your phone, run it, and let it update the SU binary.
9- Reboot the phone. After about 5 minutes your root is ready.
Hint: It is a good idea to disable Amazon device client platform, DCP platform contracts, and two apps called System Updates in Amazon settings.
Click to expand...
Click to collapse
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Viperise152 said:
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Click to expand...
Click to collapse
Do you close the adb window between steps 4 and 7? Step 7 should be continued in the window that you left open in step 4.
Do you get any error message after you type each command in part 4?
To redo the process you should install the Kingroot again and stay overt from the beginning.
I did not get any errors for part 4 just when I get to the first rm command in part 7, I'm getting (rm failed for /system/xbin/ku.sud, Read-only file system). Is that normal?
FIXED!!!
Ok i was not following this step properly "open the Kinguser app, open settings, Root authorization setting, and Remove Root permission ." I was not doing through that Root authorization setting which was a few slots down.
Viperise152 said:
Not sure what I'm doing wrong but everything works till I get to rm stage of step 7. Im getting 255 read only file system error. Any ideas what I did wrong. since it didnt work to I have reinstall Kingroot and start over or do I start over from the adb shell part?
Click to expand...
Click to collapse
Please copy and paste the entire content of the adb terminal up to the point that you get the error message and send it to me via pm so I can debug it.
najoor said:
Please copy and paste the entire content of the adb terminal up to the point that you get the error message and send it to me via pm so I can debug it.
Click to expand...
Click to collapse
I still had this page open while I was giving it another go. I figured out what i was doing wrong. The " open the Kinguser app,open settings, Root authorization setting, and remove root permission." part I was just opening Kinguser settings and hitting the big center button turning it off. Did'nt realize i had to go down a few slots to the Root Authorization Setting then hit the Remove Root Permission. After i did it right Kinguser disappeared unistalled the other 2 apps. Everything after that work fine then. Thanks for trying to help me out. Maybe my confusion will help others.
Viperise152 said:
I still had this page open while I was giving it another go. I figured out what i was doing wrong. The " open the Kinguser app,open settings, Root authorization setting, and remove root permission." part I was just opening Kinguser settings and hitting the big center button turning it off. Did'nt realize i had to go down a few slots to the Root Authorization Setting then hit the Remove Root Permission. After i did it right Kinguser disappeared unistalled the other 2 apps. Everything after that work fine then. Thanks for trying to help me out. Maybe my confusion will help others.
Click to expand...
Click to collapse
Thanks for updating with what you were doing wrong. I was having the same issue. Cheers!
funkadelik said:
Thanks for updating with what you were doing wrong. I was having the same issue. Cheers!
Click to expand...
Click to collapse
And me too I should have read your post instead of bugging najoor who has been a great help to resolve my SuperSU
installation
Great thread :good::good:
thx for the guide.
can you explain why it is better to have SuperSu. What is wrong with kingsu?
planning to do this soon, cheers for the guide
so what is safe to remove out of the stock apps
veti said:
thx for the guide.
can you explain why it is better to have SuperSu. What is wrong with kingsu?
Click to expand...
Click to collapse
King user might even be a better SU than superSU, who knows? The problem is that we don't know kinguser. We don't know who wrote it, we don't know what kind of information it gathers, we don't know if it puts a backdoor exploit in your OS, etc. Super SU is a tool that we have used for years. We know exactly what supersu does and who wrote it. We can even communicate with him on xda. Chainfire, the author of SuperSU even has a weblog that he often uses to talk about the intricacies of designing a tool like superSU. There is almost nothing unknown or suspicious about superSU.
On the contrary kingroot/kinguser seems to be intrusive and sneaky. The first thing it does after rooting your phone is to install some random app on it that has nothing to do with rooting and at best I can describe it as bloat. It saves files and folders all over your phone for no apparent reason. Then, it does everything it can to prevent you from removing it. In effect, the only straightforward way to remove it is to give up root, and even then it very suspiciously leaves some executable files behind that God knows if they are sleeper cells or what. To devise the procedure in the OP I had to go through an extensive search to find every little carp that king user has planted into the system and truth be told I will not be surprised if I discover more hidden gems left behind.
The corrected op guide worked great. I had to tap a blue rectangle at two different times to get kingroot to finish (get to a screen that had 100% on it), but other than that, everything worked.
najoor said:
King user might even be a better SU than superSU, who knows? The problem is that we don't know kinguser. We don't know who wrote it, we don't know what kind of information it gathers, we don't know if it puts a backdoor exploit in your OS, etc. Super SU is a tool that we have used for years. We know exactly what supersu does and who wrote it. We can even communicate with him on xda. Chainfire, the author of SuperSU even has a weblog that he often uses to talk about the intricacies of designing a tool like superSU. There is almost nothing unknown or suspicious about superSU.
On the contrary kingroot/kinguser seems to be intrusive and sneaky. The first thing it does after rooting your phone is to install some random app on it that has nothing to do with rooting and at best I can describe it as bloat. It saves files and folders all over your phone for no apparent reason. Then, it does everything it can to prevent you from removing it. In effect, the only straightforward way to remove it is to give up root, and even then it very suspiciously leaves some executable files behind that God knows if they are sleeper cells or what. To devise the procedure in the OP I had to go through an extensive search to find every little carp that king user has planted into the system and truth be told I will not be surprised if I discover more hidden gems left behind.
Click to expand...
Click to collapse
Thank you _so_ much for your effort. I was doing some research too in advance prior to installing kingroot, but didn't get near as much useful information. Sniffing the network connection for any suspicious behaviour via wireshark and my router wasn't successful at all, as they use https.
I came up with the idea that they could have patched some of the system-apps to load an payload even after you tried to "delete everything"(tm). I am currently checking the MD5 and SHA-1 checksum of a identical, second Firephone without root.
---------- Post added at 09:09 PM ---------- Previous post was at 09:05 PM ----------
Also the Mods should pin your post. I totally agree that KingRoot uses intrusive behaviour - as it seems mostly for statistics, but anyway - and should be replaced with the method described in the OP.
EDIT: The MD5 checksum of an unrooted firephone is identical. The System apps might not have been replaced or touched at all. I didn't got a easy chance to check all apps with the SHA-1 checksum though.
Followed the directions and got the root with 0 issues
Just saw this article saying root is now achievable w/ SuperSU via Towelroot: http://dottech.org/180812/how-to-root-amazon-fire-phone-on-android-4-4-kitkat-guide/
Can anyone verify?
amf100 said:
Just saw this article saying root is now achievable w/ SuperSU via Towelroot: http://dottech.org/180812/how-to-root-amazon-fire-phone-on-android-4-4-kitkat-guide/
Can anyone verify?
Click to expand...
Click to collapse
No, it doesn't work. When you run it, the towelroot app pops up a message saying the phone is currently not supported.
Hmph! That's too bad. I wasn't with my fire phone to check for myself. The internet is so weird lol. Why make a whole page with instructions for nothing? Ugh lol
rm /system/bin/rt.sh
Click to expand...
Click to collapse
This part is not working for me. Can't seem to remove it with root explorer either. Any tips?
Im on 4.6.1 with SuperSu. If im Sideload 4.6.1 again and do an Factory Reset. Is root gone? Because Amazon send me New One Because Hardware issues