0

I have a treble and system-as-root but it is not an A/B device. I have rooted it with the help of the MagiskManager patch feature. My understanding is: MagiskManager has modified the following three files for rooting:

  1. boot.img to remove the signatures.
  2. vbmeta.img to remove the AVB checks(to stop flashing unauthorized binaries).
  3. recovery.img to actually root the device by patching init and adding some files like .backup/.magisk, .backup/.init(original init) etc..

Magisk has patched the recovery.img to boot the device into root mode if you release the recovery mode key combination at a splash screen.

But my requirement is to always boot as root without needing any key combinations.

I know Magisk needs to patch the SE-Policies and init file before the init process is actually started(as it will turn ON the enforcing mode). From treble device, my understanding is that the system partition is mounted before running the init script.

I think Magisk developers have patched the recover.img because they want to follow the systemless-root approach and support for the OTA updates.

So, I want to know if MagiskManager is capable of patching my system.img file to root the device?

I know the root will be lost if any OTA will come or maybe my device will fail to update the system but this is ok with me as long as I can root it again with the same method :)

This is also fine if instead of rooting on system.img, I will be able to patch the zImage to always boot in recovery as root mode.

Please suggest if it is feasible or not. If yes then how?

Vatish Sharma
  • 1,001
  • 4
  • 21
  • 36
  • It doesn't need to modify the system image – that's the idea behind it. Magisk uses "overlay file systems" to achieve that goal. And it comes with its own SuperUser, which you can configure from inside MagiskManager. – Izzy Nov 05 '19 at 19:51
  • I understand that Magisk doesn't need to modify the system.img and is not recommended but my requirement is different: I can not go with recovery boot and don't need OTA updates. I just need a device that always reboots as root. – Vatish Sharma Nov 06 '19 at 04:38
  • That's what Magisk already does. No change needed. – Izzy Nov 06 '19 at 08:03
  • @Izzy you need to press key combo for recovery mode to boot with magisk root for some newer devices – alecxs Nov 06 '19 at 13:43
  • 1
    @VatishSharma interesting question, maybe you can request this as feature in magisk support. how about other (older) classic root methods with SuperSU or KingRoot they can be installed in /system – alecxs Nov 06 '19 at 13:48
  • Just a stupid idea, what happens if you swap boot and recovery partitions (flash patched recovery.img to boot)? Shouldn't it then boot into magisk by default? – alecxs Nov 06 '19 at 14:00
  • 1
    @alecxs interesting. On non-A/B SAR devices boot.img doesn't have a ramdisk, kernel mounts system.img as rootfs / and then executes /init. Recovery kernel executes /init from recovery ramdisk. So both partitions have different headers and bootloader passes different command-lines to both kernels. If recovery.img is flashed to boot partition, I think bootloader won't extract recovery ramdisk since key combination isn't applied. But it depends on bootloader implementation, may work on some devices. – Irfan Latif Nov 06 '19 at 23:20
  • related/background https://android.stackexchange.com/questions/218222 – alecxs Nov 07 '19 at 13:00
  • @alecxs yeah I answered that. Actually it's possible to patch system.img for permanent root in normal boot without booting to recovery. But that requires some hassle (unnecessary in my opinion). – Irfan Latif Nov 07 '19 at 13:16
  • ... it was easier the days before selinux, just pushing /system/bin/su and /system/app/supersu.apk and chmod 6755 or something – alecxs Nov 07 '19 at 13:46
  • how about 'reboot recovery' as init.d script (kinda stupid hack)? – alecxs Nov 07 '19 at 13:50
  • feel inspired by the "bootless root" method (suboot script) maybe this will give you idea https://forum.xda-developers.com/android/development/amazing-temp-root-mediatek-armv8-t3922213/post79626434 – alecxs Nov 07 '19 at 14:05
  • 1
    @alecxs Apps can't reboot device, so reboot recovery needs to be done from adb (which isn't a less hassle than keeping keys pressed on reboot). Or init.rc (and hence system.img) needs to be modified to run some reboot script. If system.img is to be modified then it's better to run magiskd from there, rather rebooting to recovery. // su with 6755 (even with permissive SELinux) doesn't work because zygote starts apps with PR_SET_NO_NEW_PRIVS and PR_CAPBSET_DROP. set-uid is of no use. – Irfan Latif Nov 07 '19 at 17:31
  • Stuck here: https://android.stackexchange.com/questions/218371/stuck-in-boot-loop-when-unpack-and-pack-system-img – Vatish Sharma Nov 08 '19 at 08:52
  • https://forum.xda-developers.com/galaxy-s10/samsung-galaxy-s10--s10--s10-5g-cross-device-development-exynos/g97xf-multi-disabler-encryption-t3919714 – alecxs Nov 08 '19 at 09:53
  • I am out of my work place; will try it later. Thanks for your help. – Vatish Sharma Nov 10 '19 at 08:09
  • 1
    seems it is a classic chicken-and-egg situation. the cat bites its own tail – alecxs Jan 28 '20 at 14:21

0 Answers0