Related
At first, I am not liable for any harm or damage that may happen to your device!
If you have su and didn't trigger knox, I CANNOT guarantee that running this script won't cause 0x1!
Requirements:
1) P905/viennalte/Qualcomm based model ONLY (won't work on Exynos devices. MIGHT work on other Qualcomm LTE deices from Note Pro and Tab Pro series or even S5 / Note 3 etc - feel free to repost but give credits AS THIS METHOD SEEMS TO BE COMPLETELY NEW! ) running 4.4.2 stock;
2) root access with SuperSU (using cf-root - credits to chainfire);
3) busybox installed (I do recommend this paid installer: https://play.google.com/store/apps/details?id=stericson.busybox.donate , MOST PROBABLY free version will be more than enough, too, but I haven't tested it as I have license...)
4) Android Terminal Emulator installed ( free at: https://play.google.com/store/apps/details?id=jackpal.androidterm )
Installation:
1) download file permissive_via_kmem.sh using below link and put it in the root of internal memory (so it will be placed in: /sdcard/permissive_via_kmem.sh)
2) run Android Terminal Emulator
3) at command line, type:
Code:
su -c /sdcard/permissive_via_kmem.sh
(give it an access if requested)
4) voila.
Alternative: if u have init.d support just put the file in /system/etc/init.d to make permissive on every boot
Additional info for advanced users:
1) samsung decided to compile kernels for newer 4.4.2 roms with a flag (a kernel variable) forcing selinux enforcing mode
2) as kernel itself cannot be modified after compiled, it was impossible to set permissive mode using shell or even by repacking kernel's ramdisk, at least on Qualcomm LTE devices
3) custom kernel can do the job, but samsung's sources are broken, at least for P905, and it refuses to boot at all...
4) however, there is a workaround...
5) we cannot change kernel binary to run with different flag out of the box BUT we can obtain it's placement (address) directly in kernel memory space on running kernel and write different value DIRECTLY into the memory, hacking the kernel to make it think that the flag was different
6) for this purpose i believe we have to disable restrictions to access kernel pointers (done via sysctl)...
7) ...then read the output of /proc/kallsyms which will provide a list of all kernel variables along with their addresses in kernel memory space...
8) ...filter out a boolean variable selinux_enforcing which is responsible for all the troubles...
9) ...and write raw 00 byte into the address where the variable value is stored, via /dev/kmem.
Download:
http://www12.zippyshare.com/v/89625246/file.html
Noob question
Could you explain to a newb what this does?
I've read this article on it and still can't fathom what benefits I'd have from changing it to permissive: http://www.androidpolice.com/2013/10/31/kitkat-feature-spotlight-selinux-defaults-to-enforcing-rather-than-permissive-other-new-security-features/
And thank you.
cavkic said:
Could you explain to a newb what this does?
I've read this article on it and still can't fathom what benefits I'd have from changing it to permissive: http://www.androidpolice.com/2013/10/31/kitkat-feature-spotlight-selinux-defaults-to-enforcing-rather-than-permissive-other-new-security-features/
And thank you.
Click to expand...
Click to collapse
Check this
Well, if i'd try to express it in a simple way, from the user's point of view permissive mode is equal to selinux turned off at all, except it is logging (and only logging...) all the warnings caused by security violations, which would result in an error in enforcing mode. Permissive mode let you avoid strict security policies defined by manufacturer (and NSA - yeah, the real spies - which is maintaining general selinux rules), but also gives the possibility of establishing possible issues which may appear after switching to "really secure" enforcing mode.
And if you are asking about the exact, disturbing (ofc if security is not your main priority...) effects of enforcing mode that may affect end-users, we may start from: troubles with write-access to some (mostly external, but i have personally fought with with an issue of non-writeable internal sdcard, too) medias (well, to be honest, I do hope that my discover will help in building 100% working custom recovery...), troubles with non-working system mods resulting from bad selinux file labels, troubles with wiping partitions (ie. wiping cache or even swapping modded system lib sometimes has to be followed by triggering restorecon command on that filesystem (restore selinux context), which is leading to ie. losing root access, which may be fixed by flashing supersu again, etc etc, non working apps (especially related to modifying sensitive system parameters or resources), unchangeable system properties, unreachable functionalities, blah blah blah.... This topic had been widely discussed on xda and over the internet.
On the contrary, if you like to use your device as-is and you're not interested in modding/tweaking it, you will probably not need this mod, as you will gain nothing - but lose a little bit of security... For heavy modders, although, it's a must-have.
Btw can anyone confirm if it's working? I assume that I was looking for solution for some time, made some other changes to the environment meanwhile, so I cannot be 100% sure that above script alone is absolutely enough (but in theory it should...), however, even if it is not, it's just a matter of 1-2 days to figure out what additional, previously-well-known steps, such as running "setenforce 0", may be required in addition.
And as a brief summary: YES, my selinux is now really Permissive, both when running getenforce command and in system settings!
Wysłane z mojego SM-P905 przy użyciu Tapatalka
After following all steps getenforce still returns enforcing and in system it also shows enforcing.
If I try running setenforce I get permission denied.
Ok, can you enter:
Code:
su
printf '\x00' | su -c dd of=/dev/kmem seek=$( printf '%d\n' '0x'`cat /proc/kallsyms | grep ".*\ selinux\_enforcing" | cut -f 1 -d " "` ) bs=1 count=1 conv=notrunc
into terminal and tell me what's the output and/or the enforcing state??
Wysłane z mojego SM-P905 przy użyciu Tapatalka
As requested
Output:
/dev/kmem cannot open for write: permission denied
getenforce still returns Enforcing
[email protected]:/ $ cd /dev
[email protected]:/dev $ ls *mem*
ashmem
kmem: Permission denied
mem: Permission denied
ramdump_audio-ocmem
ramdump_smem
smem_log
1|[email protected]:/dev $
Same result in # mode
RaSand said:
As requested
Output:
/dev/kmem cannot open for write: permission denied
getenforce still returns Enforcing
[email protected]:/ $ cd /dev
[email protected]:/dev $ ls *mem*
ashmem
kmem: Permission denied
mem: Permission denied
ramdump_audio-ocmem
ramdump_smem
smem_log
1|[email protected]:/dev $
Same result in # mode
Click to expand...
Click to collapse
I assume that you have ran the command as root (ie didnt forget about 'su' before the main command)...? Your logs show non-root mode, but ur saying about '#' mode at the end, guess you mean su... Assume that all we do here requires root shell first to be opened, and the output even if similiar, may vary in details between non-root and root mode, so don't forget to get privileges before running anything below...
If so, I guess default policy prevents writing to /dev/kmem in enforcing mode by setting its selinux context to a special one, dedicated only for /dev/kmem and /dev/mem.The working solution is to repack kernel (not same, but, indeed, a lot easier, than recompile - changes won't affect the kernel binary code, but it's ramdisk part, only) with modified policy defaults, which will treat /dev/kmem as a genuine device, not a "sensitive" one. I can provide the one repacked for my own purposes, however, befoure such an intrusion we may want to try other solutions I can think of (again, cannot test it as I ve added many different mods in many different places, I would need to go back to stock to test it, but I need my device 100% steady and configured for my job this week. Hope you'll help me in solving this out, it shouldnt take long...).
Notice: Again, ALL BELOW COMMANDS SHOULD BE RUN IN ROOT MODE. That means you shall enter "su" command alone before trying any of those steps, and the Terminal will switch to a root shell, which is confirmed by switching the last sign in the prompt from '$' to '#'.
Notice 2: if it is written - after some steps - to try switching to permissive mode again, it should be done by running the command from MY PREVIOUS POST only, as it is equal to longer version from the script, just closed within shorter one-liner command... the command should change the mode to permissive itself and no further steps are needed.
1) run following:
Code:
ls -lZ /dev/kmem >/sdcard/info.txt
and paste the exact output (which has been saved at /sdcard/info.txt) here so I can gather further info about issue. Dont make a test of the main script here as nothing has been changed. After that...
2) we can try to set different context (a default one for dev files) manually. Again, it might be impossible as of selinux policy, but worth trying. Enter as root:
Code:
busybox mount -o rw,remount /
chcon u:object_r:device:s0 /dev/kmem
if error, paste it here. If no error, test if permissive mode script is working.
3) we can try to modify selinux policy in temporary ramdisk file to prevent giving /dev/kmem a special context and then restore context of whole /dev to it's "defaults", however, those "defaults" would be our modified ones. Possible issues: not sure if the restoring default context will make use of modified policy or would it use only the policy loaded on-boot (and as the ramdisk is temporary, policy modifications will disappear too within reboot). After getting root, enter:
Code:
busybox mount -o rw,remount /
sed -i "s:^.*\/dev\/[k]*mem.*$::g" /file_contexts
setprop selinux.reload_policy 1
restorecon -R /dev >/dev/null 2>&1
after that - if no errors - check if the switching works.
4) if none of the above is working, guess we'll need to repack stock kernel with a ramdisk content modified in the same way as in step 3. When embedded in kernel, the changes to the policy rules will be seen every boot and they will affect /dev/kmem in a persistent manner. This will let you write to it for sure. I will provide a ready repacked boot.img, so we can avoid repacking at all. This however is not a very satisfying solution, as my goal was not only to achieve permissive mode, but to achieve it without any changes (even if they are much less disturbing than recompiling kernel from source) to boot partition. But hey, first check out on-the-fly solutions above, as they are much less intrusive to a device, coz won't require reflashing kernel/boot partition.
EDIT: remount command added to step 2, repeat if you had error with changing the context.
Thanks for your effort.
[email protected]:/ $ su
[email protected]:/ # ls -lZ /dev/kmem >/sdcard/info.txt
/dev/kmem: Permission denied
1|[email protected]:/ #
info.txt is empty
chcon: Could not label /dev/kmem with ubject_r:device:s0: Permission denied
2|[email protected]:/ #
waiting for code for 3)
same result in step 2 with added remount
---------- Post added at 04:55 PM ---------- Previous post was at 04:30 PM ----------
It swallowed all commands in 3) BUT re running the script didn't change anything. After please wait.... done it still says selinux is set to Enforcing. Sorry.
getenforce returns enforcing
setenforce to 0 or Permissive doesn't change a bit.
seems it has to be done the hard way
better luck next time
RaSand said:
[email protected]:/ $ su
[email protected]:/ # ls -lZ /dev/kmem >/sdcard/info.txt
/dev/kmem: Permission denied
1|[email protected]:/ #
info.txt is empty
chcon: Could not label /dev/kmem with ubject_r:device:s0: Permission denied
2|[email protected]:/ #
waiting for code for 3)
same result in step 2 with added remount
---------- Post added at 04:55 PM ---------- Previous post was at 04:30 PM ----------
It swallowed all commands in 3) BUT re running the script didn't change anything. After please wait.... done it still says selinux is set to Enforcing. Sorry.
getenforce returns enforcing
setenforce to 0 or Permissive doesn't change a bit.
seems it has to be done the hard way
better luck next time
Click to expand...
Click to collapse
Your errors are quite strange, as it seems that you don't even have permissions to check the simple content of a directory...
Try to run commands from step 1 - 3 again, but with slight modifications (below), so theyll run in separate, undoubtly-rooted shell... Test also with modded command (you can try it alone before in the very beginning...)
Also: please run 2 and 3 in reversed order, ie. first step 3 and if not working, without rebooting, run step 2...
Btw are you using SuperSu 1.99? If no - after trying all below options, upgrade SuperSu from the Play Store, run it to update the binaries, reboot. check commands again. If still the same, install update to /system using option from its menu (it will do some cleanup and ask to reboot, after that you have to run option again, this time it will perform installation, after which you have to reboot again - after boot run SuperSu and check if the option is greyed out, if yes, everything went fine) and check all steps once again...
Here we go.
Main command:
Code:
su -c printf '\x00' | dd of=/dev/kmem seek=$( printf '%d\n' '0x'`cat /proc/kallsyms | grep ".*\ selinux\_enforcing" | cut -f 1 -d " "` ) bs=1 count=1 conv=notrunc
Step 1 v2:
Code:
su -c ls -lZ /dev | grep kmem >/sdcard/info.txt
Step 2 v2 (formerly step 3 ):
Code:
su -c busybox mount -o rw,remount /
su -c sed -i "s:^.*\/dev\/[k]*mem.*$::g" /file_contexts
su -c setprop selinux.reload_policy 1
sleep 3
su -c restorecon -R /dev
Notice: I am not sure if setprop selinux.reload_policy 1 is enough to force sammy's android (which is a really giant b***ch to hack when compared to any other android...) to reload the policy, this may really work, but only if the policy is reloaded on-line using new defaults. Later I will look for that information...
Step 3 v2 (formerly step 2 - please run directly after step 2v2, without rebooting...):
Code:
su -c busybox mount -o rw,remount /
su -c chcon u:object_r:device:s0 /dev/kmem
Notice: step 3 - when ran fine - might now print some errors that it cant access some stuff in /dev - this is absolutely ok. But formerly I disabled the output at all (not to confuse you with some strange errors), but it resulted in lack of possibility to find out if the command ran AT ALL or if it escaped because of no permissions on the very beginning.
Before we go on here let's get a few things out of the way.
1) please advise where i should get supersu 1.99 from. I'm on 1.94 and in my country (GE) there is no newer version available in the play store.
2) first thing I usually do when I start the terminal is type "su"
3) I'm an old man. So please be patient
that said let's give it another try
---------- Post added at 06:42 PM ---------- Previous post was at 06:11 PM ----------
This is starting to test my temper. I guess I will put the steps into files and run them with gscript. Hang on. Might take some time
---------- Post added at 07:30 PM ---------- Previous post was at 06:42 PM ----------
Guess I had it for today. No changes whatsoever.
Here is what I did
installed supersu to /system. Option is greyed out now
made a new script for every box of code. Main and step 1 to 3
Made copies and added some echo lines so I could see if scripts work and/or finish correctly
executed scripts with gscript in the given order
No echo in step 1 to 3
ran original code
same result.
don't know what else to try.
sorry
RaSand said:
Before we go on here let's get a few things out of the way.
1) please advise where i should get supersu 1.99 from. I'm on 1.94 and in my country (GE) there is no newer version available in the play store.
2) first thing I usually do when I start the terminal is type "su"
3) I'm an old man. So please be patient
that said let's give it another try
---------- Post added at 06:42 PM ---------- Previous post was at 06:11 PM ----------
This is starting to test my temper. I guess I will put the steps into files and run them with gscript. Hang on. Might take some time
---------- Post added at 07:30 PM ---------- Previous post was at 06:42 PM ----------
Guess I had it for today. No changes whatsoever.
Here is what I did
installed supersu to /system. Option is greyed out now
made a new script for every box of code. Main and step 1 to 3
Made copies and added some echo lines so I could see if scripts work and/or finish correctly
executed scripts with gscript in the given order
No echo in step 1 to 3
ran original code
same result.
don't know what else to try.
sorry
Click to expand...
Click to collapse
Stay cool. I am a (quite) young man, but I have patience, too ;]
No output when running *something* as su = faulty su installation (maybe)...
Please download SuperSu 1.99 (flashable cwm version) from here: http://forum.xda-developers.com/showthread.php?t=1538053 and put it somewhere on internal sdcard
Download my "almost-working" TWRP recovery image: http://www53.zippyshare.com/v/30690424/file.html
Put it in internal mem so its path will be /sdcard/twrp2.img
Run terminal emulator (CAREFULLY WITH THE PARTITION NUMBERS!)
Code:
su
dd if=/dev/block/mmcblk0p15 of=/sdcard/recovery.backup.img
sleep 1
dd if=/sdcard/twrp2.img of=/dev/block/mmcblk0p15
sleep 1
sync
reboot recovery
In recovery, flash downloaded supersu zip. Reboot.***
Try commands again.
Maybe your busybox is bad? Can you tell me the output of command busybox written alone without further params?
***(btw the recovery may be useful, but it is not-fully-working, however, it is working AT ALL... be aware of issues:
- it cannot write backups to exfat external cards, vfat/fat32 only
- it may mess the selinux context, especially for cache partition after wipe. solution: from twrp run advanced -> console (or terminal? dont remember) and run
restorecon -R /cache
- if u ever have a bootloop after flashing a (even reliable...) zip, you should get back to twrp, click mount menu, mount everything, switch to advanced -> console and run:
restorecon -R /system
restorecon -R /data
restorecon -R /cache
selinux contex will be fixed BUT it will mess context for su binary, so in the end flash supersu again and reboot, everything will be ok.
If you want to revert, just do:
dd if=/sdcard/recovery.backup.img of=/dev/block/mmcblk0p15
).
And last but not least, kernel which I have promised (BUT if you use it, I will lose my only tester heheee):
http://www46.zippyshare.com/v/63874309/file.html
Please be aware that there are some other tweaks included (like unsecure adb, faster filesystem mount options but with higher risk of data loss, etc).
Put b4.img to /sdcard/b4.img
Run:
Code:
su
dd if=/dev/block/mmcblk0p14 of=/sdcard/boot.backup.img
sleep 1
dd if=/sdcard/b4.img of=/dev/block/mmcblk0p14
sleep 1
sync
reboot
You can revert to stock by dd if=/sdcard/boot.backup.img of=/dev/block/mmcblk0p14 (or by flashing full stock by odin). Would be glad if you can confirm that mode is permissive using this repacked kernel (HOPE IT WILL!!!!) and after some time you'll flash the backup back, to help me solving the case, as i suppose that there IS possibility of permissive without the kernel flash and I need a tester ;} It would be reeeeeeaaaaaaaally nice...
BE AWARE THAT:
- it's for note pro 12.2 LTE ONLY!!!! also called viennalte or SM-P905... It WON'T work on other devices and it may damage them (for example, coz of different mmcblk numbers...)
- messing the mmcblk0pxx number may cause an unrecoverable harm to your device (especially if you overwrite bootloader partitions or your efs partitions where unique imei is stored), it's 14 for kernel (boot) and 15 for recovery
- your knox WILL be tripped (if it hasnt been tripped yet... but it's not very probable )
- on the very first boot screen, a warning messages may appear in the left-top corner, about some warranty stuff. Ignore them, they'll disappear after reverting boot/recovery to stock.
Regards.
Just done flashing twrp and supersu(now 1.99)
i will not give up that easy, don't worry.
Just to be on the safe side i downloaded b4. Maybe you should remove it for the moment.
Looks like fun being the most important part of the team.lol.
btw. Knox was tripped about 2 hours after i got the device
busybox is v1.22.1 (2014-01-25 17:27:18)
---------- Post added at 10:05 PM ---------- Previous post was at 09:15 PM ----------
This it what happened after the last command in step 2 was executed
Could not label /dev/cpuctl with ubject_r:cpuctl_device:s0: Operation not supported on transport endpoint
Could not access /dev/kmem: Operation not supported on transport endpoint
Could not access /dev/mem: Operation not supported on transport endpoint
Could not label /dev/pts with ubject_r:device:s0: Permission [email protected]:/ #
After this I will reboot
127|[email protected]:/ # dd if=/sdcard/b4.img of=/dev/block/mmcblk0p14
18468+0 records in
18468+0 records out
9455616 bytes transferred in 2.044 secs (4626035 bytes/sec)
[email protected]:/ # sync
[email protected]:/ #
---------- Post added at 02:08 PM ---------- Previous post was at 02:00 PM ----------
One would expect to have a new kernel after the above, but guess what
[email protected]:/ $ su
[email protected]:/ # getenforce
Enforcing
[email protected]:/ # setenforce Permissive
127|[email protected]:/ # getenforce
Enforcing
[email protected]:/ #
and the kernel set the warranty bit for kernel change, but it didn't make it to block 14 as I still have the stock kernel
RaSand said:
After this I will reboot
127|[email protected]:/ # dd if=/sdcard/b4.img of=/dev/block/mmcblk0p14
18468+0 records in
18468+0 records out
9455616 bytes transferred in 2.044 secs (4626035 bytes/sec)
[email protected]:/ # sync
[email protected]:/ #
---------- Post added at 02:08 PM ---------- Previous post was at 02:00 PM ----------
One would expect to have a new kernel after the above, but guess what
[email protected]:/ $ su
[email protected]:/ # getenforce
Enforcing
[email protected]:/ # setenforce Permissive
127|[email protected]:/ # getenforce
Enforcing
[email protected]:/ #
and the kernel set the warranty bit for kernel change, but it didn't make it to block 14 as I still have the stock kernel
Click to expand...
Click to collapse
Your two posts above confirm that SU version was not the issue, as it is still preventing from modyfing anything related to kmem, sorry for effort, attough hope you'll at least enjoy included, almost-working twrp, as it seems to be only one capable of flashing zips and doing backups and restoring them on p905 floating around (if you use exfat card for everyday use, my recommendation is to use another one, ie. 8 gig, which are cheap as hell, format it to fat32 (in android it's recognized as vfat) and use it for exclusively for backup purposes, at least until someone establishes a better solution. It's not that bad after all plus it gives you real possibility of experimenting with the device without need to worry about configuring it again from the beginning if something fail. Btw please be aware if in any case, after restoring backup/flashing zip/clearing cache you'll receive a bootloop AND/OR after booting you/apps won't be able to write to any part of internal memory (like /sdcard or /cache), just get back to twrp, use console and run restorecon commands for all partitions AND -as restorecon will break su - reflash su. ALSO - if anytime TWRP on exit will prompt you with a proposition of rooting the device itself - don't do that, the only proper way of fixing su is reflashing it from the genuine zip (or with odin, but avoid that as cf-root includes older version). Uh, isn't it a offtopic? Sorry..
The kerne IS stock (as to the binary part) but with modified ramdisk (repacked) including changed policy of accessing /dev/kmem. If you have kernel warranty bit warning on boot, you have flashed it succesfully ( the message will disappear when you flash back FULLY-stock kernel back - also, i dunno why but it says "kernel is not enforcing" but it's not YET true! It will say the same even if I repack kernel without any changes, so it's quite misleading...), although kernel version/compilation number nor any extra features will not change in the system coz the kernel base is absolutely the same (and it has to stay the same until Samsung release sources that work, coz current one won't).
To really, really confirm that you have flashed my kernel and that the policy of writing to memory has been removed, please open /file_contexts file (it lies in the very root of the filesystem) in any text editor within Android, and look for lines with /dev/kmem or /dev/mem. They should be commented out by "#" in the beginning - or deleted at all (dont remember which one method I did use...). If so, you can be sure that you have flashed repacked kernel succesfully (and also that I have uploaded the proper one, with changed policy...).
If you have checked above, you may be sure that after every boot to Android, now, the new policy (without restrictions to /dev/kmem, which were commented out/deleted) will be loaded. I don't think that restorecon -R /dev will be no longer necessary after that, as the /dev directory is virtual and created on every boot, so its previous, restricted security labels are not preserved between reboots and they are assigned according to current policy, only - but you can run it to check if you see any errors for /dev/kmem (and you should NOT see them... there might be other, like for /dev/cpuctl etc, but it doesnt matter...).
After that, there should be no further doubts that you have unlocked /dev/kmem for writing!
On this step you still need to run the command from my post on top of the topic, this one:
Code:
su
printf '\x00' | su -c dd of=/dev/kmem seek=$( printf '%d\n' '0x'`cat /proc/kallsyms | grep ".*\ selinux\_enforcing" | cut -f 1 -d " "` ) bs=1 count=1 conv=notrunc
setenforcing alone WILL NOT WORK EVEN NOW, only the script above helps. I guess you avoided that after flashing kernel, coz of misleading boot warning...
Then check enforcing status. Now it really should work.
If we achieve a success, I'd rather release a fully-featured-repacked-kernel, with built-in kmem script, so it will be permissive from the very beginning (PLUS it will be in a good mood to close possibility of further writing to /kmem after that one single write, as it is really serious security hole, to be honest, to let anyone write to any part of memory directly..., and also include init.d support out-of-the-box as well).
Sorry for letting you wait that long. I was out in woods all day and did not even take the Tablett with me. Besides that there was no service whatsoever.
After running your script, wich for whatever reason I didn't do yesterday, I do have permissive selinux. As you suggested I play with it a couple of hours till bedtime and re flash stock after that to do more testing if you come up with new ideas and need a tester.
bee back in the morning, or maybe before I lay my tired head to rest.
congrats for the job you did till now.
edit:
Just checked file_contexts and the lines for kmem and mem are commented out. So for the moment I'm definitely on your kernel. Thanks again
RaSand said:
Sorry for letting you wait that long. I was out in woods all day and did not even take the Tablett with me. Besides that there was no service whatsoever.
After running your script, wich for whatever reason I didn't do yesterday, I do have permissive selinux. As you suggested I play with it a couple of hours till bedtime and re flash stock after that to do more testing if you come up with new ideas and need a tester.
bee back in the morning, or maybe before I lay my tired head to rest.
congrats for the job you did till now.
edit:
Just checked file_contexts and the lines for kmem and mem are commented out. So for the moment I'm definitely on your kernel. Thanks again
Click to expand...
Click to collapse
good, thank you for testing and hope enforcing linux won't bother you again ;] you're probably a second man on the planet who is running your machine in permissive
and don't worry about anything, it's not a race or something. i am most thankful that you found a time to run all the suggested stuff, and for patience.
please however note that leaving open /dev/kmem shall be considered as a serious security hole! it allows root app to write ANYTHING to ANY part of memory. Well, that's was an obligatory warning, however, I was never scared too much with security issues and until now nothing bad happened so..
Let's summarize:
- now I am sure that my script is working BUT only after giving it possibility of writing to memory via /dev/kmem
- writing to /dev/kmem is possible only after changing the security policy, which lies in kernel's ramdisk
- the final appropach shall also CLOSE the access to /dev/kmem just after changing the selinux mode for security reason
- the aim is to make a complete modification which will make use of only one area of the device ie. system OR kernel, not both, as it is too intrusive:
- find a way to reload policy when device is on-line, so writing to /dev/kmem will be possible (it's a preferred method, no need to flash anything and no need to watch ugly warranty message - but I doubt if it's possible - it would be an equally dangerous security issue, there is no practical difference between letting write to memory and between letting to open the possibility of write to memory and then letting write to memory ... or
- implement the memory write technique straight in the kernel's ramdisk.
I will be back with new stuff, soon.
Before you surprise us with new stuff, could please change the command to revert to stock kernel in post #12. Somebody might get into trouble by just running the command and put the kernel in the wrong block. And while you are at it. It should be if=/ not if-/ in the code field.
RaSand said:
Before you surprise us with new stuff, could please change the command to revert to stock kernel in post #12. Somebody might get into trouble by just running the command and put the kernel in the wrong block. And while you are at it. It should be if=/ not if-/ in the code field.
Click to expand...
Click to collapse
Thank you, changes made, no one should flash the wrong block device (although flashing boot to recovery - which is possible, as the boot partition size is 2meg smaller than recovery - shall result in nothing but... booting the device when entering recovery mode ;] - that's just fyi, of course, mistakes corrected...)
esgie said:
Thank you, changes made, no one should flash the wrong block device (although flashing boot to recovery - which is possible, as the boot partition size is 2meg smaller than recovery - shall result in nothing but... booting the device when entering recovery mode ;] - that's just fyi, of course, mistakes corrected...)
Click to expand...
Click to collapse
Esgie, is there any further developments with this script? I've given it a shot and even after running the script, SELinux remains in Enforcing mode.
I see that you have the modified kernel for SELinux in permissive mode, but I really like the approach of having this script rather than using a modified kernel, so I'm wondering if in your process of getting the kernel to work, there might be something you've discovered that would make this script work as well.
Thanks.
Dear Community, dear Developers outside..
I'm using Magisk 14.0 on a Redmi Note 4 Snapdragon and super satisfied with it.
I just want to make simple changes like changing the lowmemorykiller minfree parameters - just like an init.d script in Kernel Adiutor..
Most of the commands are effective - but some of them are not..
This is what I want to apply for example:
chmod 666 /sys/module/lowmemorykiller/parameters/minfree
chown root /sys/module/lowmemorykiller/parameters/minfree
echo '7283,14566,21849,28928,36415,43698' > /sys/module/lowmemorykiller/parameters/minfree
..but does not work..
But these, for example.. these are working just fine:
echo '30' > /proc/sys/vm/swappiness
echo '0' > /sys/module/lowmemorykiller/parameters/enable_adaptive_lmk
echo '80' > /proc/sys/vm/overcommit_ratio
echo '400' > /proc/sys/vm/vfs_cache_pressure
echo '2430' > /proc/sys/vm/extra_free_kbytes
echo '4096' > /proc/sys/kernel/random/write_wakeup_threshold
echo '1024' > /sys/block/mmcblk0/queue/read_ahead_kb
echo '0' > /sys/block/mmcblk0/queue/iostats
echo '1' > /sys/block/mmcblk0/queue/add_random
echo '1024' > /sys/block/mmcblk1/queue/read_ahead_kb
echo '0' > /sys/block/mmcblk1/queue/iostats
echo '1' > /sys/block/mmcblk1/queue/add_random
swapoff /dev/block/zram0 > /dev/null 2>&1
echo '1' > /sys/block/zram0/reset
echo '0' > /sys/block/zram0/disksize
echo '1' > /sys/block/zram0/max_comp_streams
echo '524288000' > /sys/block/zram0/disksize
mkswap /dev/block/zram0 > /dev/null 2>&1
swapon /dev/block/zram0 > /dev/null 2>&1
echo '4096' > /proc/sys/kernel/random/read_wakeup_threshold
echo '4096' > /proc/sys/vm/min_free_kbytes
echo '0' > /proc/sys/vm/oom_kill_allocating_task
echo '90' > /proc/sys/vm/dirty_ratio
echo '70' > /proc/sys/vm/dirty_background_ratio
I do know that all I have to do is to put my script to one of these dirs - depending on when I want to run the scripts:
/magisk/.core/service.d
/magisk/.core/post-fs-data.d
But, as I mentioned - most of them has effect, some of them has no..
Any comment, any suggestion is more than appreciated.
Thank you!
[SOLVED] - solution is in post #5
Desperate bump..
I searched for help docs for service.d and post-fs-data.d but counldn't find them, can I ask you when each folder is executed, also does the scripts inside them must have .sh extension or not ?
I want to restart my systemui after boot complete, can you tell me if this script is ok ?
Code:
#!system/bin/sh
sleep 20
su
pkill -l TERM -f com.android.systemui
ps : the pkill command works fine after an "su" in terminal emulator
sorry for the offtopic !
@sheraro
https://github.com/topjohnwu/Magisk/blob/master/docs/README.MD
First of all: the solution for my issue was a simple sleep 30 in the services.sh to delay the start.. and I used an auxiliary file as well to make the changes (called from services.sh with 30sec delay, copied with the update-binary file directly, set permission to 0777 via config.sh) after that is all started working..
sheraro said:
I searched for help docs for service.d and post-fs-data.d but counldn't find them, can I ask you when each folder is executed, also does the scripts inside them must have .sh extension or not ?
I want to restart my systemui after boot complete, can you tell me if this script is ok ?
Code:
#!system/bin/sh
sleep 20
su
pkill -l TERM -f com.android.systemui
ps : the pkill command works fine after an "su" in terminal emulator
sorry for the offtopic !
Click to expand...
Click to collapse
So, second thing, @sheraro, I think you should delete the command su from your script because Magisk scripts are running as root anyway and if you issue su command it will start a shell with elevated privileges - an interactive shell, not what you want here, a sudo like command.. it works in the terminal because it is interactive but in the shell script if you start su it starts an interactive shell and it halts your script because it won't exit the shell you started.. and the next command will never run.. if you know what I mean.. but you don't need it anyway, because - as I mentioned - it is running as root anyway. +1: The syntax of the shebang is bad in your example, it is missing an exclamation mark. Can you re-test it like this:
Code:
#!/system/bin/sh
sleep 20
pkill -l TERM -f com.android.systemui
exit 0
.sh extension is not needed, the thing is: you have to set the correct permission in the config.sh like this:
Code:
set_permissions() {
# Default permissions, don't remove them
set_perm_recursive $MODPATH 0 0 0777 0777
[..omitted..]
Thing is: the files must have execute priv. and you can execute them like
Code:
$MODDIR/./desiredfilename
in the services.sh script.
Hope this helps.
crok.bic said:
.sh extension is not needed, the thing is: you have to set the correct permission in the config.sh like this:
Code:
set_permissions() {
# Default permissions, don't remove them
set_perm_recursive $MODPATH 0 0 0777 0777
[..omitted..]
Thing is: the files must have execute priv. and you can execute them like
Code:
$MODDIR/./desiredfilename
in the services.sh script.
Hope this helps.
Click to expand...
Click to collapse
I'm just pasting my script in service.d only, set permissions manually to 0777, corrected !#/system typo, removed su command, but no luck...
Where's services.sh and config.sh ?
sheraro said:
I'm just pasting my script in service.d only, set permissions manually to 0777, corrected !#/system typo, removed su command, but no luck...
Where's services.sh and config.sh ?
Click to expand...
Click to collapse
Reading your comment I think you are not developing a Magisk module, do you?
I do and this is why you have no idea where is config.sh, services.sh and the others I think.
If you just want to have some kind of "init.d script" support and run the script in your own phone *only* then your script should be in the folder /magisk/.core/service.d and it should have execute permission. That's all what you need - probably the sleep 20 is not enough, increase it to sleep 30 for instance.
If this is still not enough info I would suggest to read the Magisk documentation thoroughly (linked in post #4) and if you still stuck I suggest you to open your own thread, describe your problem thoroughly (what is your goal? what would you like to achive? how did you already try? what is happening but should not or not happening but you think it should happen? you know what I mean..) and ask the community. Probably you will be able to solve your issue in minutes/hours.
I changed it to sleep 100, same problem, you're right I should create a new thread for this.
I have a theme installed that mimics oreo style, but the systemUI is not themed until it's restarted, so I thought about a script executed after boot, anyway thanks for your help
It seems that sleep will delay the run of other modules' service.sh. is there any solution that will not affect other module?
nicorg3221 said:
It seems that sleep will delay the run of other modules' service.sh. is there any solution that will not affect other module?
Click to expand...
Click to collapse
I don't experience this behavior - what you described is the post-fs-data behavior.
I did the trick with a separate ("auxiliary") file and tried to explain how in post #5 but let me try again:
- created a file in the module's common folder (I gave the name `tweak`)
- this file starts with a shebang (it's a script..) and continues with a sleep 30 then comes my commands..
- then copied the file from the module to the Magisk module directory into /magisk/$MODDIR with the module file META-INF/com/google/android/update-binary (I added it to the copy section, manually.. I know, I know, it should work automagically anyway, but did not work and I was fed up with the coding, so hardcoded it.. sorry)
- I set the default file permission to 0777 in config.sh (yes, 0777, this is loose AF but works.. and I don't really care, the file contains code that can make the device *better* and has no suid bit set, so there is only little to no room to harm anything..)
- then I included a call in my module's common/service.sh like $MODDIR/./tweak to start my script
- when the tweak script starts it will start with the sleep 30 so implements the delay.. BUT!
- Because services.sh files from the modules are called parallelly by Magisk (by default, by it's nature, by it's code.. you got it) my module does not delays others - but still has the delay.
Hope this helps.
sheraro said:
I changed it to sleep 100, same problem, you're right I should create a new thread for this.
I have a theme installed that mimics oreo style, but the systemUI is not themed until it's restarted, so I thought about a script executed after boot, anyway thanks for your help
Click to expand...
Click to collapse
Pleased to help you - but honestly, if the only task you need is to kill and restart systemUI then I would do it via init.d script run by an app that mimics init.d scripting, or using a kernel that supports init.d scripts (if only you want to use that theme). It's just less complex for you I think, but honestly, a simple script file that has execute permission in /magisk/.core/services.d/ gives you 100% the same solution.
crok.bic said:
I don't experience this behavior - what you described is the post-fs-data behavior.
I did the trick with a separate ("auxiliary") file and tried to explain how in post #5 but let me try again:
- created a file in the module's common folder (I gave the name `tweak`)
- this file starts with a shebang (it's a script..) and continues with a sleep 30 then comes my commands..
- then copied the file from the module to the Magisk module directory into /magisk/$MODDIR with the module file META-INF/com/google/android/update-binary (I added it to the copy section, manually.. I know, I know, it should work automagically anyway, but did not work and I was fed up with the coding, so hardcoded it.. sorry)
- I set the default file permission to 0777 in config.sh (yes, 0777, this is loose AF but works.. and I don't really care, the file contains code that can make the device *better* and has no suid bit set, so there is only little to no room to harm anything..)
- then I included a call in my module's common/service.sh like $MODDIR/./tweak to start my script
- when the tweak script starts it will start with the sleep 30 so implements the delay.. BUT!
- Because services.sh files from the modules are called parallelly by Magisk (by default, by it's nature, by it's code.. you got it) my module does not delays others - but still has the delay.
Hope this helps.
Click to expand...
Click to collapse
I have my script in starting in .Core. Maybe that's the problem
nicorg3221 said:
I have my script in starting in .Core. Maybe that's the problem
Click to expand...
Click to collapse
..then it is in the wrong dir.. it is clearly described in the Magisk documentation.
I have researched a bit. I think you can use getprop sys.boot_completed to check if boot is completed. We should run init.d scripts after boot is completed instead of just wait for 30/100 seconds.
I place all my init.d scripts I want to run in /magisk/.core/service.d/init.d.
Then, I have a service.d script [exec_init_d.sh] in /magisk/.core/service.d. Magisk will run exec_init_d.sh when boot.
exec_init_d.sh will wait for sys.boot_completed and run all the files in /magisk/.core/service.d/init.d after boot completed
exec_init_d.sh
Code:
#!/system/bin/sh
# Please don't hardcode /magisk/modname/... ; instead, please use $MODDIR/...
# This will make your scripts compatible even if Magisk change its mount point in the future
MODDIR=${0%/*}
# This script will be executed in late_start service mode
# More info in the main Magisk thread
if [ "$1" != "1" ]; then
$0 1 &
log -p i -t Magisk "start new instance to let Magisk boot stages proceed"
exit
fi
#param
RUNLOG=0
RETRY_INTERVAL=5 #in seconds
MAX_RETRY=60
EXEC_WAIT=3 #in seconds
INIT_D_DIR=$MODDIR/init.d
LOG_PATH=$MODDIR/debug.log
#init
retry=${MAX_RETRY}
#wait for boot completed
log -p i -t Magisk "wait for boot completed"
while (("$retry" > "0")) && [ "$(getprop sys.boot_completed)" != "1" ]; do
sleep ${RETRY_INTERVAL}
((retry--))
done
if (("$retry" == "0")); then
log -p i -t Magisk "boot not completed within maximum number of retry"
else
log -p i -t Magisk "boot completed"
fi
sleep ${EXEC_WAIT}
log -p i -t Magisk "init.d execution started from ${INIT_D_DIR}"
if (("${RUNLOG}" == "1")); then
/data/magisk/busybox run-parts $INIT_D_DIR &> $LOG_PATH
log -p i -t Magisk "init.d execution output written to $LOG_PATH"
else
/data/magisk/busybox run-parts $INIT_D_DIR
fi
log -p i -t Magisk "init.d execution completed"
I have Magisk v18.1 installed on my OG Pixel running PixelDust ROM and noticed every so often it loses root access. When entering the Magisk Manager app it also shows Magisk Not Installed. I did some investigating and found that magiskd (magisk daemon) gets terminated at some point randomly. Further testing revealed I could restart it manually by issuing "magisk --daemon" via SSH/ADB root shell.
I wrote a simple module to keep the daemon running and haven't noticed the "Magisk Not Found" error since. The module is just a simple bash script executed as service on boot that checks every minute for the daemon and runs the "magisk --daemon" command as root if not running. I am just posting it here to see if it can help anyone else who's root access disappears randomly on v17-19.3.
Please be aware that this is my first module ever. It was also originally started via an init.d script instead of the service hook in magisk, though it should work exactly the same. I have also noticed it is not possible for my module to restart magiskd yet if it was killed manually by the user.
GIt Repo:
https://github.com/Geofferey/mgkdhelper
Magisk Repo Submission:
https://github.com/Magisk-Modules-Repo/submission/issues/404
Release:
UNINSTALL INITIAL v1.0.0 RELEASE BEFORE INSTALL!!!
If you fail to do so you will have the old version and current version running at same time.
Download:
Current Release v2.1.0
Major thanks to @jcmm11 & @char101 whose contributions are now officially included in this module.
I just wanna say God bless you for this module, my man. I was frustratingly having my Magisk daemon getting killed 2-3 times a day On my LG V20. Since installing your module for the past 4 days ive yet to encounter such an issue. I greatly appreciate you coming up w/a solution to a problem that was frustrating me to the max
Geofferey said:
I wrote a simple module to keep the daemon running and haven't noticed the "Magisk Not Found" error since.
Click to expand...
Click to collapse
Thanks for that module. Very good idea and it's working perfectly fine. :good:
Hi,
There is no /data/local/run directory by default on my phone (OP6 Pie). So I suggest that either you create it first or simply uses /data/local/tmp to store the pid. Also creating the directory first might be a good idea. If you add -q to the grep command there is no need to redirect the output.
Code:
#!/system/xbin/bash
PIDFILE=/data/local/tmp/magiskd-helper.pid
LOGFILE=/data/local/tmp/magiskd-helper.log
is_magisk_running() {
ps -a | grep -q [m]agiskd
}
if [ ! -d /data/local/tmp ]; then
mkdir -p /data/local/tmp
fi
if [ -f $PIDFILE ]; then
kill -9 `cat $PIDFILE`
fi
echo $$ > $PIDFILE
RETRIES=0
while true; do
sleep 60
if ! is_magisk_running; then
echo `date` >> $LOGFILE
echo 'Magisk daemon appears to have crashed' >> $LOGFILE
echo 'Restarting magiskd...' >> $LOGFILE
/sbin/magisk --daemon
if is_magisk_running; then
echo 'Success!' >> $LOGFILE
RETRIES=0
else
echo 'Failure!' >> $LOGFILE
((++RETRIES))
if (( $RETRIES > 10 )); then
echo 'Giving up' >> $LOGFILE
break
fi
fi
echo >> $LOGFILE
fi
done
When first run, /system/bin/ps is linked to magisk builtin busybox, which don't have the -u option
Code:
ps: invalid option -- u
BusyBox v1.30.1-topjohnwu (2019-04-30 01:01:15 EDT) multi-call binary.
Usage: ps [-o COL1,COL2=HEADER] [-T]
Show list of processes
-o COL1,COL2=HEADER Select columns for display
-T Show threads
char101 said:
When first run, /system/bin/ps is linked to magisk builtin busybox, which don't have the -u option
Code:
ps: invalid option -- u
BusyBox v1.30.1-topjohnwu (2019-04-30 01:01:15 EDT) multi-call binary.
Usage: ps [-o COL1,COL2=HEADER] [-T]
Show list of processes
-o COL1,COL2=HEADER Select columns for display
-T Show threads
Click to expand...
Click to collapse
Try again after having install the 'Busybox for NDK' Magisk module (from osm0sis), maybe that the -u arg for ps command will works i ddon't remember me having testing it recently so idk if it will works but i think yeah
I have the GNU coreutils module installed so it is not the problem.
Also the original module redirect stderr to /dev/null so unless you modify it you won't see the error like I posted before.
My modifications
service.sh
Code:
#!/system/bin/sh
# Do NOT assume where your module will be located.
# ALWAYS use $MODDIR if you need to know where this script
# and module is placed.
# This will make sure your module will still work
# if Magisk change its mount point in the future
MODDIR=${0%/*}
# This script will be executed in late_start service mode
$MODDIR/common/magisk-monitor > /data/local/tmp/magisk-monitor.log 2>&1 &
magisk-monitor
Code:
#!/system/bin/sh
is_magisk_running() {
ps -A | grep -q [m]agiskd
}
sleep 300
echo `date`
echo 'magisk-monitor running'
echo
RETRIES=0
while true; do
sleep 60
if ! is_magisk_running; then
echo `date`
echo 'Magisk daemon appears to have crashed'
echo 'Restarting magiskd...'
/sbin/magisk --daemon
if is_magisk_running; then
echo 'Success!'
RETRIES=0
else
echo 'Failure!'
((++RETRIES))
if (( $RETRIES > 10 )); then
echo 'Giving up'
break
fi
fi
echo
fi
done
Rom said:
Try again after having install the 'Busybox for NDK' Magisk module (from osm0sis), maybe that the -u arg for ps command will works i ddon't remember me having testing it recently so idk if it will works but i think yeah
Click to expand...
Click to collapse
I doubt it... From busybox.net:
ps
Report process status
Options:
-o col1,col2=header Select columns for display
-T Show threads
Click to expand...
Click to collapse
It is better to just use 'ps -A' which will work on busybox ps and coreutils ps.
Didgeridoohan said:
I doubt it... From busybox.net:
Click to expand...
Click to collapse
I'm agree with u, but it was already happen for me that some other args works too, i had never know why.
I came across your module while looking for the same issue affecting many users on different devices (although it seems to be affecting Pie only). Magisk GitHub is also full of reports by people losing root and solving with a reboot. I don't know how impactful it is on the battery since it checks for Magisk every 60 seconds (I have just installed it) but so far your module is the only blessing we can get to avoid rebooting once/twice per day. I think you should definitely submit your module to the official repository!
P.s i had to create /data/local/run first for the pid
@Geoffrey another quick correction: in my case on MIUI 10 based on Pie, ps -a does not show the same output as ps -A. So I had to replace the -a in your script with an upper case A.
char101 said:
It is better to just use 'ps -A' which will work on busybox ps and coreutils ps.
Click to expand...
Click to collapse
Coreutils doesn't have a ps applet. If you want to use -u just use the full path /system/bin/ps to force the toybox applet.
@Geoffrey
First of all nice workaround. I did some cleanup and a few modifications if you want to post it to the Magisk repository (and I think you should).
Changed over to the current template.
Removed all the PID stuff, it's really not needed.
Replaced ps -a -u with pgrep. That eliminates any busybox vs toybox issues (at least the way it's being used here)
Removed bash. There's nothing here that requires a bash shell as opposed to the default shell.
Moved the script to it's own directory instead of xbin. Not all phones have xbin, and trying to use it on those that don't is problematic. Plus there's no reason the script needs to be in the PATH.
Added nohup to the script startup command in service.sh
Also always create the log file, with a "started on" line in it. That at least gives an indication that the script started.
So what we're left with.
mgkd-helper (in a script directory)
Code:
#!/system/bin/sh
LOGFILE=/data/local/tmp/magiskd-helper.log
rm -f $LOGFILE
echo "Started " $(date) >> $LOGFILE
echo "-----------------------------" >> $LOGFILE
echo >> $LOGFILE
while true; do
sleep 60
if ! pgrep magiskd >/dev/null; then
echo $(date) >> $LOGFILE
echo "Magisk daemon appears to have crashed" >> $LOGFILE
echo "Restarting magiskd..." >> $LOGFILE
if magisk --daemon; then
echo "success!" >> $LOGFILE
else
echo "failure!" >> $LOGFILE
fi
echo >> $LOGFILE
fi
done
service.sh
Code:
#!/system/bin/sh
# Do NOT assume where your module will be located.
# ALWAYS use $MODDIR if you need to know where this script
# and module is placed.
# This will make sure your module will still work
# if Magisk change its mount point in the future
MODDIR=${0%/*}
# This script will be executed in late_start service mode
#Magisk Daemon Helper
# Copyright (C) 2019 Geofferey @ XDA
# License: GPL V3+
nohup $MODDIR/script/mgkd-helper > /dev/null &
If you do decide to place it in the repository you need to do something with README.md
You should also replace META-INF/com/google/android/update-binary with the attached version. The included version is for standalone installs. Repository versions should use the alternate one. (Remove the ".txt")
Last note: tested this and it does work. I killed the running magiskd and a new one was started, with the appropriate log entry created
I wasn't able to start magiskd with "magisk -- daemon" via adb. It always says "No daemon found" instead of starting it. I seem to have lost root with the original script and I had to restart again. Any idea? I just enabled root via adb in Magisk. Not sure if that was the issue that I couldn't restart it.
And it seems like magiskd is killed in OxygenOS 9.0.5 on my OnePlus 6. Not sure if it is due to out of memory reasons but I can't get any logcat as I don't have root. Super annoying.
Will this be added to the magisk module repository? If it is there I couldn't find it. I do know there are links and a revision at the end of the thread by @jcmm11. I don't need the module, just curious if the revision will be put there eventually. I have had others with that problem that I have helped.
Thanks
martyfender said:
Will this be added to the magisk module repository? If it is there I couldn't find it. I do know there are links and a revision at the end of the thread by @jcmm11. I don't need the module, just curious if the revision will be put there eventually. I have had others with that problem that I have helped.
Thanks
Click to expand...
Click to collapse
I think it should be but it's up to @Geoffrey. It's his module. I cleaned it up a bit that's all. Most of the work is done. Biggest thing left to do is modify README.md
jcmm11 said:
@Geoffrey
First of all nice workaround. I did some cleanup and a few modifications if you want to post it to the Magisk repository (and I think you should).
Changed over to the current template.
Removed all the PID stuff, it's really not needed.
Replaced ps -a -u with pgrep. That eliminates any busybox vs toybox issues (at least the way it's being used here)
Removed bash. There's nothing here that requires a bash shell as opposed to the default shell.
Moved the script to it's own directory instead of xbin. Not all phones have xbin, and trying to use it on those that don't is problematic. Plus there's no reason the script needs to be in the PATH.
Added nohup to the script startup command in service.sh
Also always create the log file, with a "started on" line in it. That at least gives an indication that the script started.
So what we're left with.
mgkd-helper (in a script directory)
service.sh
If you do decide to place it in the repository you need to do something with README.md
You should also replace META-INF/com/google/android/update-binary with the attached version. The included version is for standalone installs. Repository versions should use the alternate one. (Remove the ".txt")
Last note: tested this and it does work. I killed the running magiskd and a new one was started, with the appropriate log entry created
Click to expand...
Click to collapse
Should we directly flash zip in twrp recovery
kryshnakishore said:
Should we directly flash zip in twrp recovery
Click to expand...
Click to collapse
You can flash it in recovery or via Magisk Manager, modules section, big + button at bottom of screen.
I've been looking for a solution to this since v17 ... started happening on 17, kept happening on 18, is even worse now on v19 ... :-/
Magisk v19.3 on lineageos 16.0 for wt86047
trying to create my first module, no files to replace, just one task: run a remove.sh script
I put following two lines in ./common/service.sh , but there's no file created after boot , seems the service.sh itself never be run at all.
echo -e "\n------------${MODPATH}----------------------------" >> /sdcard/s.txt >&1
sh ./remove.sh
LATESTARTSERVICE=true in ./install.sh --YES
./META-INF/com/google/android/update-binary updated --YES
./module.prop edited --YES
the module installed with no error --YES
manual run remove.sh successfully in terminal after reboot --YES
called from service.sh --NO
need help, THANK YOU!
attached remove.sh
Code:
#!/system/bin/sh
DIRFILE="/sdcard/dir"
if [ -f "$USRFILE" ];then
while IFS= read -r LINE
do
if [ -n "${LINE}" ];then
...
...
fi
I haven't looked at what might be your issue, but you don't need a module for that... Just place your remove.sh script in /data/adb/service.d and give it execution permission.
Didgeridoohan said:
I haven't looked at what might be your issue, but you don't need a module for that... Just place your remove.sh script in /data/adb/service.d and give it execution permission.
Click to expand...
Click to collapse
thanks. but it doesn't work either.
When I manually run the script from terminal, it prompt 'Permission denied.'
But it works after execute 'su' first.
Is this the reason? But how could I authorise root right to the script since it doesn't pop dialogbox at all.
Again, I haven't looked at your script at all, but...
Any scripts run by Magisk at boot will run with superuser permission. That's not your issue...
Might be that the script has to run after boot is completed (if it works while booted but not during boot). You can look for the sys.boot_completed and when it's changed to 1 you can let the script execute.
I use this code in my modules, if it can help
Code:
_SLEEPBOOT=60
# ...
RETRY_INTERVAL=${_SLEEPBOOT} #in seconds
MAX_RETRY=30
retry=${MAX_RETRY}
while (("$retry" > "0")) && [ "$(getprop sys.boot_completed)" != "1" ]; do
sleep ${RETRY_INTERVAL}
((retry--))
done
Didgeridoohan said:
Again, I haven't looked at your script at all, but...
Any scripts run by Magisk at boot will run with superuser permission. That's not your issue...
Might be that the script has to run after boot is completed (if it works while booted but not during boot). You can look for the sys.boot_completed and when it's changed to 1 you can let the script execute.
Click to expand...
Click to collapse
Code:
# Wait for boot to complete
until [ "$(getprop sys.boot_completed)" ]
do
sleep 2
done
insert this code to script but still not work...
after all, found the solution:
don't use '/sdcard/, use '/storage/emulated/0/' instead, don't know why
funnypc said:
Code:
# Wait for boot to complete
until [ "$(getprop sys.boot_completed)" ]
do
sleep 2
done
insert this code to script but still not work...
after all, found the solution:
don't use '/sdcard/, use '/storage/emulated/0/' instead, don't know why
Click to expand...
Click to collapse
Might have worked if you had checked for sys.boot_completed = 1.
But yeah, /sdcard isn't available during boot. To be even more sure it'll work you could use /data/media/0 instead. That's always available (as long as /data is accessible).
Didgeridoohan said:
Might have worked if you had checked for sys.boot_completed = 1.
But yeah, /sdcard isn't available during boot. To be even more sure it'll work you could use /data/media/0 instead. That's always available (as long as /data is accessible).
Click to expand...
Click to collapse
though the script can work alone , I still want make it a module so that could install/disable easier with magisk gui than terminal.
currently I'm add a 'bypass' mode while script load, if volume key pressed repeatly. (like xposed does) but the code can only work after unlock, it seems the getevent can't work after system reboot, before keyguard unlocked. any workaround? thx!
Code:
#!/system/bin/sh
KEYSTRING="KEY_VOLUME"
KEYREPEAT=1
KEYCOUNTS=0
until [ "$(getprop sys.boot_completed)" ]
do
sleep 2
done
setenforce Permissive
echo 300 > /sys/class/timed_output/vibrator/enable
sleep 0.3
for i in `seq 1 4`;
do
EVENT=$(timeout 1 getevent -l -q -c 1)
RESULT=`echo $EVENT | grep -c $KEYSTRING`
input keyevent mouse
if [ "$RESULT" -gt 0 ] ;then
KEYCOUNTS=`expr $KEYCOUNTS + $RESULT`
echo 100 > /sys/class/timed_output/vibrator/enable
fi
done
if [ "$KEYCOUNTS" -gt "$KEYREPEAT" ] ;then
echo 1000 > /sys/class/timed_output/vibrator/enable
fi
Simple, just put your code in the service.sh file of the module instead of a separate script file...
Didgeridoohan said:
Simple, just put your code in the service.sh file of the module instead of a separate script file...
Click to expand...
Click to collapse
can't work. so I put the keypress detection part in a standalone script for debug. just script in service.d folder, not pack to module yet.
if I run the script manually in terminal after keyguard unlocked, everything works as I want
but not when keyguard locked status just after reboot.
funnypc said:
can't work. so I put the keypress detection part in a standalone script for debug. just script in service.d folder, not pack to module yet.
if I run the script manually in terminal after keyguard unlocked, everything works as I want
but not when keyguard locked status just after reboot.
Click to expand...
Click to collapse
I mean the code from your remove.sh file, not the key detecting stuff... That way you can disable the module from the Manager and also from TWRP (or other custom recovery) by placing a disable file in the module directory or enabling Magisk Core Only Mode by placing a .disable_magisk file in /cache.
I'm building my own LineageOS from source for a while now. Updating it via `repo sync`, adding own patches and rebuilding has always worked fine. Until recently the phone gets soft bricked, stuck at the SONY logo on white screen and I can't figure out why.
Now I'm looking for a way to find the issue, i.e. debug that brick, get some logs or anything which allows me to fix that. `adb logcat` doesn't work as it is stuck way to early for that.
What are my options for getting logs, messages, errors, anything that may help?
With help from @linckandrea I got the following to work which I document here for others to benefit:
1. Create a file `init.log.sh` with following content and executable permission
Bash:
#! /vendor/bin/sh
_date=`date +%F_%H-%M-%S`
logcat -b all -v time -f /cache/logcat_${_date}.txt &
cat /proc/kmsg > /cache/kmsg_${_date}.txt
2. Copy it to /vendor/bin e.g. via
Bash:
PRODUCT_COPY_FILES += $(PLATFORM_PATH)/config/init/init.log.sh:$(TARGET_COPY_OUT_VENDOR)/bin/init.log.sh
in the makefiles
3. Add the following to (any) init.rc, e.g. init.yoshino.rc:
Code:
service logx /vendor/bin/init.log.sh
user root
group root system
seclabel u:r:su:s0
oneshot
on post-fs
start logx
4. Either find a context with access to /cache (maybe "system_app") and use that in "seclabel" instead of "su" or disable SELinux with
Bash:
BOARD_KERNEL_CMDLINE += androidboot.selinux=permissive
This will dump kernel logs to /cache which can be accessed with e.g. TWRP after a failed boot.