Difference between revisions of "Android"
(123 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
* [https://secure.wikimedia.org/wikipedia/en/wiki/Google_android Wikipedia] |
* [https://secure.wikimedia.org/wikipedia/en/wiki/Google_android Wikipedia] |
||
===App stores=== |
===App stores=== |
||
− | * [https:// |
+ | * [https://play.google.com/store Google Play] |
Alternate views on the official market: |
Alternate views on the official market: |
||
* [http://www.androlib.com/ AndroLib] |
* [http://www.androlib.com/ AndroLib] |
||
Line 22: | Line 22: | ||
===User manuals=== |
===User manuals=== |
||
− | * [ |
+ | * [https://support.google.com/nexus Android for Nexus devices] |
− | * [http://www.htc.com/uk/userguide.aspx?p_id=316 HTC Wildfire Manual] |
+ | <!--* [http://www.htc.com/uk/userguide.aspx?p_id=316 HTC Wildfire Manual] |
* [http://www.samsung.com/us/Nexus_S_Owners_Guide/ Nexus S Manual] |
* [http://www.samsung.com/us/Nexus_S_Owners_Guide/ Nexus S Manual] |
||
− | Some internals info [http://wiki.freesmartphone.org/index.php/Hardware/Nexus_S/Interfaces here] |
+ | Some internals info [http://wiki.freesmartphone.org/index.php/Hardware/Nexus_S/Interfaces here]--> |
− | == |
+ | ==Short notes== |
− | === |
+ | ===ADB=== |
+ | To reveal developer menu, tap 10x on "settings/about/build nr" |
||
− | ====physical sticker behind battery==== |
||
+ | <br>Then enable usb debug. |
||
− | * Model: GT-I9023 |
||
+ | <br>USB debugging is [http://nelenkov.blogspot.jp/2013/02/secure-usb-debugging-in-android-422.html pretty secured] since Jelly Bean but beware for older versions! |
||
− | * FCC ID: A3LGTI9023 |
||
− | * SSN: -I9023GSMH |
||
− | * IMEI: xxxxxxx |
||
− | * S/N: xxxxxxx |
||
− | ====under fastboot, stock==== |
||
− | * Product name - HERRING |
||
− | * HW Version - rev 52 |
||
− | * Bootloader version - I9020XXKA3 |
||
− | * Baseband version - I9020XXKB3 |
||
− | * Carrier info - EUR |
||
− | * Serial number - xxxxxxx |
||
− | ====under fastboot, after upgrade to 2.3.4==== |
||
− | * Baseband version - I9020XXKD1 |
||
− | * Carrier info - EUR |
||
− | ====under fastboot, after upgrade to 4.0.4==== |
||
− | * Bootloader version - I9020XXKL1 |
||
− | * Baseband version - I9020XXKI1 |
||
− | * Carrier info - EUR |
||
− | ====under fastboot, after upgrade to 4.1.1==== |
||
− | * Bootloader version - I9020XXCL2 |
||
− | * Baseband version - I9020XXKI1 |
||
− | * Carrier info - EUR |
||
+ | Since Android 5.0.1, it's required to use at least [https://skia.googlesource.com/skia/+archive/cd048d18e0b81338c1a04b9749a00444597df394/platform_tools/android/bin/linux.tar.gz adb v1.0.32]. |
||
− | ====under 'About phone' from the settings, stock 2.3.3==== |
||
− | * Android 2.3.3 |
||
− | * Baseband I9023XXKB3 |
||
− | * Kernel 2.6.35.7-g1d030a7 |
||
− | * Build GRI54 |
||
− | ====under 'About phone' from the settings, after upgrade to 2.3.4==== |
||
− | * Android 2.3.4 |
||
− | * Baseband I9023XXKD1 |
||
− | * Kernel 2.6.35.7-ge382d80 android-build@apa28 #1 |
||
− | * Build GRJ22 |
||
− | ====under 'About phone' from the settings, after upgrade to 4.0.3==== |
||
− | * Android 4.0.3 |
||
− | * Baseband I9023XXKI1 |
||
− | * Kernel 3.0.8-gb55e9ac android-build@apa28 #1 |
||
− | * Build IML74K |
||
− | ====under 'About phone' from the settings, after upgrade to 4.0.4==== |
||
− | * Android 4.0.4 |
||
− | * Baseband I9023XXKI1 |
||
− | * Kernel 3.0.8-g6656123 android-build@vpbs1 #1 |
||
− | * Build IMM76D |
||
− | ====under 'About phone' from the settings, after upgrade to 4.1.1==== |
||
− | * Android 4.1.1 |
||
− | * Baseband I9023XXKI1 |
||
− | * Kernel 3.0.31-g3b0c5d2 android-build@vpbs1 #1 |
||
− | * Build JRO03E |
||
+ | apt-get install android-tools-adb |
||
− | ===USB permissions on the host=== |
||
+ | |||
− | On the host, example how to solve permissions: |
||
+ | Note that from recovery, you can also use adb: |
||
− | <br>Create /etc/udev/rules.d/99-android.rules for Nexus phones: |
||
+ | * adb shell |
||
+ | * adb sideload update.zip |
||
+ | * adb push |
||
+ | etc |
||
+ | ===Fastboot=== |
||
+ | apt-get install android-tools-fastboot |
||
+ | |||
+ | ====USB permissions on the host==== |
||
+ | Create /etc/udev/rules.d/99-android.rules for Nexus phones: |
||
<pre> |
<pre> |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}==" |
+ | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", MODE="0666", OWNER="<your_account>" # all Nexus |
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e11", MODE="0666", OWNER="<your_account>" # Nexus One Normal |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e12", MODE="0666", OWNER="<your_account>" # Nexus One Debug/Recovery |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e20", MODE="0666", OWNER="<your_account>" # Nexus S Fastboot |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e21", MODE="0666", OWNER="<your_account>" # Nexus S Normal |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e22", MODE="0666", OWNER="<your_account>" # Nexus S Debug/Recovery |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e23", MODE="0666", OWNER="<your_account>" # ??? |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="4e24", MODE="0666", OWNER="<your_account>" # Nexus S USB tethering |
||
− | SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bb4", ATTRS{idProduct}=="0c8b", MODE="0666", OWNER="<your_account>" # HTC Normal |
||
</pre> |
</pre> |
||
Then execute /etc/init.d/udev reload |
Then execute /etc/init.d/udev reload |
||
− | === |
+ | ====To enter Fastboot mode==== |
+ | * Power off phone |
||
− | Warning, it will destroy everything, make your backups first!! |
||
+ | * Depends on the phone, e.g.: |
||
− | * Get firmware [http://www.samfirmware.com/WEBPROTECT-i9023.htm here] for a European Nexus S i9023, mine needs the I9023XXKB3 one. |
||
+ | ** Nexus S: keep volume-up pressed while pressing power on for 5 secs |
||
− | * Rename tar.md5 as tar |
||
+ | ** Nexus 4: keep volume-down pressed while pressing power on for 5 secs |
||
− | * Get Odin sw from [http://www.samfirmware.com/WEBPROTECT-programandroid.htm here], choose i9023 |
||
+ | ** Nexus 5: keep volume-down pressed while pressing power on for 5 secs |
||
− | ** e.g. I9003_Odin3_v1.82.rar & SAMSUNG_USB.rar |
||
+ | ** You've entered fastboot |
||
− | * Run Odin (works in a virtualbox if needed), load the 4 files: |
||
+ | See https://source.android.com/source/running.html for other models |
||
− | ** bootloader: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/Bootloader_I9023XXKA3.tar |
||
− | ** PDA: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar |
||
− | ** Phone: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/MODEM_I9023XXKB3_REV_00_CL912571_SIGNED.tar |
||
− | ** CSC: I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/DGS_I9023_EUR.tar |
||
− | * Turn phone off |
||
− | * Plug USB |
||
− | * Just before battery icon showing, enter download mode by pressing middle of volume up / volume down button for long, you'll get a big yellow warning triangle |
||
− | * If using virtualbox, bring USB device (Samsung serial) to virtualbox |
||
− | * Now Odin should show a yellow rectangle with COM0 |
||
− | * Press "start" in Odin |
||
− | Sources: |
||
− | * http://forum.frandroid.com/topic/52144-tuto-flash-via-odin/ (fr) |
||
− | * http://forum.frandroid.com/topic/51710-astuce-probleme-de-reconnaissance-par-odin-sous-mode-download/ (fr) |
||
− | * http://www.samfirmware.com/I9023%20Flasghuide%20English.pdf |
||
+ | Alternatively, fastboot can be triggererd from adb: adb reboot bootloader |
||
− | ===Restoring (most of) factory ROM (2.3.3) with fastboot=== |
||
− | Ok previous section was about restoring *everything* as genuine but it requires Windows and most of the time all you screwed up was the boot image, the recovery image or the system image so here is how to restore them or part of them provided that you can still enter fastboot: |
||
− | <pre> |
||
− | fastboot oem unlock # if needed, WARNING IT DELETES EVERYTHING!!!!! |
||
− | fastboot flash recovery recovery.img # from Samsung PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar |
||
− | fastboot flash system system.img # from Samsung PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar |
||
− | fastboot flash boot boot.img # from Samsung PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar |
||
− | </pre> |
||
− | Warning: I got /sdcard content erased, maybe because I tried to enter the native recovery, but anyway, make backups first before trying anything you risk regretting!!! |
||
+ | ===OEM unlock=== |
||
− | E.g. to make a backup with clockwordmod: |
||
+ | Necessary step before being able to flash partitions or boot on alternative recovery. |
||
− | * Put phone into fastboot mode |
||
− | * Enter recovery |
||
− | * Choose backup & restore / backup |
||
− | * Choose mount / mount USB storage |
||
− | * From host: copy clockwordmod/backup/* |
||
+ | '''''This will wipe ALL DATA!!!''''' |
||
− | ===Entering fastboot mode=== |
||
+ | fastboot oem unlock |
||
− | * Power off phone |
||
+ | ===OEM unlock for rooted devices=== |
||
− | * Press Volume up and power button together for long |
||
+ | Once the device has been unlocked and rooted, it can be locked/unlocked again without wiping all the data, at least on some phone models. |
||
− | * You've entered fastboot |
||
+ | <br>Install [https://play.google.com/store/apps/details?id=net.segv11.bootunlocker&hl=en BootUnlocker] |
||
− | * Alternatively, fastboot can be triggererd from adb: adb reboot-bootloader |
||
− | For getting fastboot on the host, see further below |
||
− | ===Rooting 2.3.3=== |
||
− | * copy su-2.3.6.1-ef-signed.zip (from http://forum.xda-developers.com/showthread.php?t=682828) on USB storage |
||
− | * enter fastboot mode (see above) |
||
− | * host: fastboot oem unlock '''WARNING IT DELETES EVERYTHING!!!''' |
||
− | * fastboot flash recovery 3025-i9023.img |
||
− | !! Don't touch boot image or try CW 3.0.0.0, one of them caused the phone to not start android anymore, I had to perform the full factory restore with Odin !! |
||
− | * enter recovery mode from fastboot |
||
− | ** You can make a backup now |
||
− | ** install zip from sdcard -> choose -> su-2.3.6.1-ef-signed.zip |
||
− | ** reboot |
||
− | Sources: |
||
− | * http://forum.xda-developers.com/showthread.php?t=988686 |
||
− | * http://nexusshacks.com/nexus-s-hacks/how-to-root-nexus-s/ |
||
− | Note that apparently there is a technique avoiding the full wiping, described [https://completeandroid.wordpress.com/2011/01/31/complete-guide-to-rooting-the-nexus-s/ here]. Not tested. |
||
− | <br>'''UPDATE:''' for Windows users, better to follow [http://nexusshacks.com/nexus-s-hacks/how-to-root-nexus-s-or-nexus-s-4g-new/ these instructions] |
||
− | === |
+ | ===Factory images for Nexus phones=== |
+ | * https://developers.google.com/android/nexus/images |
||
− | A new version was [http://www.frandroid.com/69196/la-version-dandroid-2-3-4-est-disponible-pour-le-nexus-s announced (fr)] two days ago. |
||
− | <br>Official way is apparently to type "*#*#2432546#*#*" while using Wi-Fi but all I got was a "checkin succeeded" notification. Anyway patched won't apply cleanly on my rooted phone so better to do it manually. |
||
− | <br>For GRI54, update.zip is available [http://android.clients.google.com/packages/ota/google_crespo/486786a7fd97.signed-soju-GRJ22-from-GRI54.486786a7.zip here]. |
||
− | <br>I tried to apply it but there are several caveats given the previous hacks: |
||
− | * boot.img: to be able to patch it I've to restore the original boot.img, loosing temporarily the ro.secure=0 setting (cf "adb as root" paragraph). And failing to patch it would probably mean non-bootable as we would have missed replacing the kernel! |
||
− | * radio.img: hash checksum failed, it seems to indicate that expected radio.img is not the one I have. |
||
− | * recovery.img: we want to keep the clockworkmod one, so we just skip it for now |
||
− | To apply those change this means: |
||
− | * fastboot flash boot boot.img (from PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar) |
||
− | * edit update.zip to remove radio.img, recovery/ and edit META-INF/com/google/android/updater-script |
||
− | ** remove all commands about radio & recovery patch |
||
− | ** add following line to keep rooted: set_perm(0, 0, 6755, "/system/bin/su"); |
||
− | ** if that line is not added, patched phone will not be rooted anymore, which can be easily fixed by applying the su..zip again |
||
− | * upload update.zip to /sdcard and apply zip via clockworkmod recovery, it'll skip signature verification by default |
||
− | Ok now we got a system & boot images upgraded to 2.3.4 |
||
− | <br>We can again modify boot.img to restore ro.secure=0: |
||
− | * Extract patched 2.3.4 boot.img (cf below, or use clockworkmod), modify it & flash it back |
||
+ | Typical usage: (requires OEM unlock) |
||
− | I also wanted to patch the stock recovery image, just to get a 2.3.4 stock recovery in case of. |
||
+ | tar xzf CODENAME-VERSION-factory-CHECKSUM.tgz |
||
− | * Install the 2 files from update.zip#recovery/ into /system and chmod 755 /system/etc/install-recovery-sh |
||
+ | cd CODENAME-VERSION |
||
− | * Restore the stock 2.3.3 recovery.img from PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar: adb push recovery.img /sdcard/ |
||
+ | ./flash-all.sh |
||
− | * If you've flash_image on the phone you can try: flash_image recovery /sdcard/recovery.img |
||
− | * Else: |
||
− | <pre> |
||
− | fastboot erase recovery |
||
− | fastboot flash recovery recovery.img |
||
− | </pre> |
||
− | * Reboot the phone & start Android |
||
− | * It should be done, recovery should have been patched, you can remove the 2 files we've put in /system and extract the patched recovery image manually (cp /dev/mtd/mtd3 /sdcard/recovery.img). Hash changed so I assume it's properly patched |
||
− | * Restore clockworkmod recovery image |
||
+ | To avoid erasing user data: |
||
− | '''What's new?''' |
||
+ | <br>Very important if you want to keep your data!!! Edit flash-all.sh and replace |
||
− | <br>I didn't mention it but with 2.3.3 I had two problems I was still busy trying to solve: GPS never fixing, zero satellite! And no way to see I get copy-protected applications (and that's not because of rooting the phone, on a stock phone it failed too). |
||
+ | fastboot -w update image-....zip |
||
− | <br>Now GPS fixed quite fast with 2.3.4 and I could for the first time see & download copy-protected apps \o/ (even when the phone was rooted again). |
||
+ | by |
||
+ | fastboot update image-....zip |
||
+ | ===Recovery=== |
||
− | '''UPDATE''' |
||
+ | ====TWRP==== |
||
− | <br>[http://android.clients.google.com/packages/ota/google_crespo/da8206299fe6.signed-soju-ota-121341.da820629.zip here] is the full ROM update, apparently with a new radio which should be ok for all phones... |
||
+ | * https://twrp.me/Devices/ |
||
− | <br>Seen in [http://forum.xda-developers.com/showthread.php?t=1056062 this thread]. |
||
− | === |
+ | ====ClockworkMod==== |
+ | * http://www.clockworkmod.com/rommanager |
||
− | I saw there was also newer versions of ClockworkMod, probably better than the preview release I was still using. |
||
+ | ====Usage==== |
||
− | <br>Latest ClockworkMod recoveries are [http://download.clockworkmod.com/recoveries/ here]. |
||
+ | Flashing an alternative recovery (requires OEM unlock): |
||
− | <br>For Nexus S, look for "crespo" img |
||
+ | fastboot flash recovery recovery-clockwork-VERSION-CODENAME.img |
||
− | * Go to fastboot (vol-up + power) |
||
− | * Go to recovery |
||
− | * Backup & restore / Backup |
||
− | * Mount USB |
||
− | * Copy all /sdcard content to PC |
||
− | * Reboot -> enter fastboot again |
||
− | * On PC: fastboot flash recovery recovery-clockwork-5.0.2.0-crespo.img |
||
+ | Booting (without flashing) an alternative recovery (requires OEM unlock): |
||
− | For GRJ22, upgrade.zip is available [http://android.clients.google.com/packages/data/ota/google_crespo/7d11404284c0.signed-soju-GRK39F-from-GRJ22.7d114042.zip here] |
||
− | + | fastboot boot recovery-clockwork-VERSION-CODENAME.img |
|
+ | ====Stock recovery==== |
||
− | * edit update.zip to remove recovery/ and edit META-INF/com/google/android/updater-script |
||
+ | To show menu with Nexus stock recovery, it depends on the phone, e.g.: |
||
− | ** remove all commands about recovery |
||
+ | * Nexus 4: hold "power" and press "volume-up" |
||
− | ** add following line to keep rooted: set_perm(0, 0, 6755, "/system/bin/su"); |
||
+ | * Nexus 5: press & release quickly volume-up & power a few times |
||
− | ** because I've mangled cacerts.bks to add CACert stuff, I had also to remove stuffs about cacerts.bks in the script, then make a separate zip where I first restore the previous stock cacerts.bks from GRJ22 then apply the patch. And finally mangle the new cacerts.bks again. |
||
− | * In updater-script, check also which radio version it's able to patch. Look for line similar to this one: |
||
− | apply_patch("MTD:radio:12583040:2ea138c96cc213b2662a4ae1ddee2d5c6bbcc958:12583040:213c2022516ba651f62064e4379487af1e8499a2", |
||
− | "-", 213c2022516ba651f62064e4379487af1e8499a2, 12583040, |
||
− | 2ea138c96cc213b2662a4ae1ddee2d5c6bbcc958, package_extract_file("radio.img.p")); |
||
− | Here it expects a radio.img from GRJ22 with SHA1 = 2ea138c96cc213b2662a4ae1ddee2d5c6bbcc958, ok |
||
− | <br>In case you don't have the right radio img in place, or don want to patch it, remove radio.img from the zip and all commands about radio in updater-script. |
||
− | * upload update.zip to /sdcard and "apply update from sdcard" via clockworkmod recovery, it'll skip signature verification by default |
||
− | * Backup & Restore / Backup |
||
− | * Mount USB |
||
− | * Copy new backup to PC |
||
− | Ok now we got a system & boot images upgraded to 2.3.6 |
||
− | <br>We can again modify boot.img to restore ro.secure=0: |
||
− | * Extract patched 2.3.6 boot.img (cf below, or use clockworkmod), modify it & flash it back |
||
− | ===Upgrading to 4.0.3=== |
||
− | OTA update is available [http://android.clients.google.com/packages/ota/google_crespo/VQ8PQk_V.zip here] |
||
− | === |
+ | ===Rooting=== |
+ | ====SuperSU==== |
||
− | * Go to fastboot (vol-up + power) |
||
+ | Requires OEM unlock, see above fastboot oem unlock (! erase all) and see below BootUnlocker (for already rooted) |
||
− | * Go to recovery |
||
+ | <br>Requires e.g. TWRP recovery |
||
− | * Backup & restore / Backup |
||
+ | <br>Requires e.g. [http://download.chainfire.eu/supersu ChainFire SuperSU] (you can check [http://forum.xda-developers.com/apps/supersu forum] for beta releases) |
||
− | * Mount USB |
||
+ | adb reboot bootloader |
||
− | * Copy all /sdcard content to PC |
||
+ | fastboot boot recovery-xxx.img |
||
− | * Reboot -> enter fastboot again |
||
+ | # In recovery, choose Advanced / Install zip / from sideload |
||
− | ====Preparation bis==== |
||
+ | adb sideload UPDATE-SuperSU-v2.xx.zip |
||
− | As I've already modified the system before, I'm rollbacking some changes to ease the update |
||
+ | # Reboot (and decline erasing recovery updater install-recovery.sh) |
||
− | * dd if=boot.img of=boot2.img bs=262144 count=30 #(with boot.img from 2.3.6, see below) |
||
− | * fastboot flash boot boot.img (from stock 2.3.6) |
||
− | * restore cacerts.bks from 2.3.6. As I had only a 2.3.4 version I used bspatch to apply the 2.3.6 update on that file offline then prepared an update.zip with only /system/etc/security/cacerts.bks |
||
− | * edit update.zip to remove recovery/ and edit META-INF/com/google/android/updater-script |
||
− | ** remove all commands about recovery |
||
− | This time we won't preserve su because we'll have to restore a new one anyway |
||
− | ====Upgrade==== |
||
− | * Go to fastboot (vol-up + power) |
||
− | * Go to recovery |
||
− | * Mount USB |
||
− | * Upload update.zip to /sdcard |
||
− | * Unmount USB |
||
− | * "install zip from sdcard" via clockworkmod recovery, it'll skip signature verification by default |
||
− | * Backup & restore / Backup |
||
− | * Mount USB |
||
− | * Copy new backup to PC |
||
− | * Reboot |
||
− | ====Rooting again==== |
||
− | Infos (fr): http://forum.frandroid.com/topic/84048-romandroid-ice-cream-sandwich-40x-ota/ |
||
− | * Upgrade recovery by flashing the one available in [http://www.multiupload.com/SOHUEIO5EI ClockWorkMod_5.0.2.7_Orange_by_IT4ALii3EN.zip] |
||
− | * Install via recovery the root.zip available in [http://www.multiupload.com/BZ5A87HYIG ics+root-fastboot-recovery.zip], which restored su, Superuser.apk and busybox |
||
− | ** Launch Superuser and update su binary from the prefs |
||
+ | ====Rooting Android M==== |
||
− | <br>We can then restore ro.secure=0 in the boot.img |
||
+ | Rooting method has changed quite a bit and is still uncertain as those lines are written, see e.g. http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344 |
||
− | * Extract new 4.0.3 boot.img (cf below, or use clockworkmod), modify it & flash it back, see [[Android#adb_as_root|below]] |
||
− | * Note that apparently boot img needs to be even smaller than before: |
||
− | dd if=boot.img of=boot2.img bs=262144 count=28 |
||
− | ==== |
+ | ====Rooting securely==== |
+ | Rooting can be done securely if: |
||
− | Much easier in ICS: |
||
+ | * bootloader is locked again |
||
− | * drop certs on /sdcard/ |
||
+ | ** problem is that unlocking would erase again the data |
||
− | * go to settings / personal: security / credential storage: install from storage & select both certs |
||
+ | ** see below BootUnlocker which allows on rooted Nexus to toggle bootloader without deleting data |
||
− | ====Failures==== |
||
+ | * keep stock recovery |
||
− | * Currently, viber does not work on ICS |
||
+ | * SuperSU is locked with a PIN |
||
− | * Avast anti-theft failed (the renamed app was crashing at startup), I removed it manually by deactivating then removing it from /system/app/com.avast.android.antitheft.apk. After proper reinstallation from Avast app itself it worked again. |
||
+ | ** this requires the Pro version |
||
− | ===Upgrading to 4.0.4=== |
||
+ | * SuperSU always require the PIN to authorize an app |
||
− | OTA update is available and the phone proposed me to start upgrade process based on a file of about 17.8Mb |
||
+ | ** or be very careful which ones you authorize permanently |
||
− | <br>File is probably available somewhere but this time I did the exercice to find it on the phone. |
||
− | <br>=> searching for files between 16Mb and 19Mb (/512 as apparently busybox find uses 512b sectors) |
||
− | android# find / -size +31250 -size -37109 |
||
− | /cache/hR7QFEtn.zip |
||
− | pc$ adb pull /cache/hR7QFEtn.zip . |
||
− | ====Preparation==== |
||
− | * Go to fastboot (vol-up + power) |
||
− | * Go to recovery |
||
− | * Backup & restore / Backup |
||
− | * Mount USB |
||
− | * Copy all /sdcard content to PC |
||
− | * Reboot -> enter fastboot again |
||
− | ====Preparation bis==== |
||
− | As I've already modified the system before, I'm rollbacking some changes to ease the update |
||
− | * dd if=boot.img of=boot-fit.img bs=262144 count=30 #(with original boot.img from 4.0.3) |
||
− | * fastboot flash boot boot-fit.img |
||
− | * edit update.zip to remove recovery/ and edit META-INF/com/google/android/updater-script |
||
− | ** remove all commands about recovery |
||
− | ** add following line to keep rooted: set_perm(0, 0, 6755, "/system/bin/su"); |
||
− | ** cacerts.bks is not used anymore (see above) and radio image don't seem to be affected by update, nothing to do here |
||
− | ====Upgrade==== |
||
− | * Go to fastboot (vol-up + power) |
||
− | * Go to recovery |
||
− | * Mount USB |
||
− | * Upload myupdate.zip to /sdcard |
||
− | * Unmount USB |
||
− | * "install zip from sdcard" via clockworkmod recovery, it'll skip signature verification by default |
||
− | * Backup & restore / Backup |
||
− | * Mount USB |
||
− | * Copy new backup to PC |
||
− | * Reboot |
||
− | ====Rooting again==== |
||
− | Our mangled update kept the rooting active but the boot was overwritten so we can then restore ro.secure=0 in the boot.img |
||
− | * Extract new 4.0.4 boot.img (e.g. using clockworkmod backup), modify it & flash it back, see [[Android#adb_as_root|below]] |
||
− | * Note that apparently boot img needs to be even smaller than before: |
||
− | dd if=boot.img of=boot-fit.img bs=262144 count=28 |
||
− | === |
+ | ====Rooting and OTA==== |
+ | By experience, it's always quite difficult to apply an OTA on a rooted phone, even after having attempted to unroot the phone. |
||
− | OTA update is available [http://android.clients.google.com/packages/ota/google_crespo/9ZGgDXDi.zip here] (114Mb) for upgrading IMM76D to JRO03E ([http://www.android.com/about/jelly-bean/ changelog]). |
||
+ | <br>So I prefer to apply a full factory image (being careful not to overwrite the data) and root it again. |
||
− | ====Preparation==== |
||
+ | <br>If latest factory image isn't available yet, flash the latest available then apply the regular OTA before rooting. |
||
− | * Go to fastboot (vol-up + power) |
||
− | * Go to recovery |
||
− | * Backup & restore / Backup |
||
− | * Mount USB |
||
− | * Copy all /sdcard content to PC |
||
− | * Reboot -> enter fastboot again |
||
− | ====Preparation bis==== |
||
− | As I've already modified the system before, I'm rollbacking some changes to ease the update |
||
− | * dd if=boot.img of=boot-fit.img bs=262144 count=28 #(with original boot.img from 4.0.4) |
||
− | * fastboot flash boot boot-fit.img |
||
− | * edit update.zip to remove recovery/ and edit META-INF/com/google/android/updater-script |
||
− | ** remove all commands about recovery |
||
− | ** add following line to keep rooted: set_perm(0, 0, 6755, "/system/bin/su"); |
||
− | ** radio image don't seem to be affected by update, nothing to do here |
||
− | ====Upgrade==== |
||
− | * Go to fastboot (vol-up + power) |
||
− | * Go to recovery |
||
− | * Mount USB |
||
− | * Upload myupdate.zip to /sdcard |
||
− | * Unmount USB |
||
− | * "install zip from sdcard" via clockworkmod recovery, it'll skip signature verification by default |
||
− | * Backup & restore / Backup |
||
− | * Mount USB |
||
− | * Copy new backup to PC |
||
− | * Reboot |
||
− | ====Rooting again==== |
||
− | Our mangled update kept the rooting active but the boot was overwritten so we can then restore ro.secure=0 in the boot.img |
||
− | * Extract new 4.1.1 boot.img (e.g. using clockworkmod backup), modify it & flash it back, see [[Android#adb_as_root|below]] |
||
− | * Note that apparently boot img needs to be even smaller than before: |
||
− | dd if=boot.img of=boot-fit.img bs=262144 count=28 |
||
+ | ====Prevent OTA==== |
||
− | ===Extracting manually images from phone=== |
||
+ | Normally rooting is enough to prevent OTA but to be sure, one can touch build.prop (so its sha1sum won't match anymore) |
||
− | On root shell on the phone: |
||
+ | adb shell |
||
− | <pre> |
||
+ | su |
||
− | # cat /proc/mtd |
||
+ | mount -o remount,rw /system |
||
− | dev: size erasesize name |
||
+ | echo "# Remove me to allow OTA update" >> /system/build.prop |
||
− | mtd0: 00200000 00040000 "bootloader" |
||
+ | mount -o remount,ro /system |
||
− | mtd1: 00140000 00040000 "misc" |
||
+ | ====Attempt OTA==== |
||
− | mtd2: 00800000 00040000 "boot" |
||
+ | I don't recommend it as most attempts end in an infinite loop after the reboot. |
||
− | mtd3: 00800000 00040000 "recovery" |
||
− | mtd4: 1d580000 00040000 "cache" |
||
− | mtd5: 00d80000 00040000 "radio" |
||
− | mtd6: 006c0000 00040000 "efs" |
||
− | # cat /dev/mtd/mtd5 > /sdcard/radio.img |
||
− | </pre> |
||
− | etc |
||
− | ===Battery=== |
||
− | Interesting links: |
||
− | * https://ghost301tech.wordpress.com/2011/04/04/day-10-with-nexus-s-battery-mystery-10-battery-power-saving-tips-maxis10/ |
||
− | * http://www.androidpolice.com/2010/12/14/your-battery-gauge-is-lying-to-you-everything-you-need-to-know-about-bump-charging-and-inconsistent-battery-drain/ |
||
− | ===Google Wallet=== |
||
− | '''NOT TESTED''' |
||
− | <br>See [http://forum.xda-developers.com/showthread.php?t=1311072 here] |
||
− | ===Test menu=== |
||
− | Dial *#*#4636#*#* (== *#*#INFO#*#*) |
||
+ | When ready to really do OTA update: |
||
− | ==Android 2.3== |
||
− | ===Getting fastboot & Android sources=== |
||
− | There are several binaries around but I wanted to build my own. |
||
− | Maybe not the shortest way... I downloaded all android sources... |
||
− | <br> cf http://source.android.com/source/downloading.html |
||
− | <br> Some missing deps on my 64-but debian when I tried to compile everything: gperf, libc6-dev-i386, lib32ncurses5-dev ia32-libs g++-multilib lib32z1-dev lib32readline6-dev |
||
− | <pre> |
||
− | . build/envsetup.sh |
||
− | lunch crespo-eng |
||
− | make -j2 |
||
− | </pre> |
||
− | Maybe we can just compile adb & fastboot: |
||
− | <pre> |
||
− | make adb |
||
− | make fastboot |
||
− | </pre> |
||
− | cf http://www.cduce.org/~abate/build-android-adb-debian-sid-amd64 |
||
+ | 1. '''Unlock bootloader with BootUnlocker''', super critical step!!! |
||
− | ===Getting adb & Android SDK=== |
||
− | Get it from http://developer.android.com/sdk/index.html |
||
− | <br>Run tools/android -> in installed packages make sure to have "Android SDK Tools", latest revision and "Android SDK Platform-tools", latest revision |
||
− | <br>It brings also adb but not fastboot |
||
− | <br>If you want to update SDK: tools/android update sdk |
||
+ | 2. Make a backup of the proposed OTA patch, just in case |
||
− | ===adb=== |
||
+ | adb shell |
||
− | You need to activate USB debugging: |
||
+ | ls -l /cache |
||
− | * Settings > Applications > Development > USB debugging |
||
+ | adb pull /cache/update.zip |
||
+ | 3. Restore build.prop: |
||
− | Some examples: |
||
− | + | adb shell |
|
+ | su |
||
− | * adb shell |
||
+ | mount -o remount,rw /system |
||
− | * adb logcat |
||
+ | sed -i '/Remove me/d' /system/build.prop |
||
− | ===adb as root=== |
||
+ | # or if you don't have sed/busybox: |
||
− | Once the phone is rooted, you can, from a shell with e.g. adb shell invoke "su" & get root. |
||
+ | grep -v "Remove me" /system/build.prop > /sdcard/build.prop.tmp |
||
− | <br>But to get immediately into root, the file /default.prop needs to contain ro.secure=0 |
||
+ | cat /sdcard/build.prop.tmp > /system/build.prop |
||
− | <br>But that file is restored from boot.img at each boot so you need to modify that one |
||
+ | rm /sdcard/build.prop.tmp |
||
− | <br>See http://android-dls.com/wiki/index.php?title=HOWTO:_Unpack%2C_Edit%2C_and_Re-Pack_Boot_Images#Alternative_Method |
||
+ | mount -o remount,ro /system |
||
− | <br>but there is also abootimg in debian: |
||
− | * Taking the boot.img from Samsung (see above in I9023_EUR_GRI54_XXKB3/I9023_EUR_GRI54_XXKB3/PDA_SOJU_GRI54_TMO_EUR_MR1_SIGNED.tar). |
||
− | <pre> |
||
− | abootimg -x boot.img |
||
− | mkdir ramdisk |
||
− | cd ramdisk |
||
− | gzip -dc ../initrd.img | cpio -i |
||
− | sed -i 's/ro.secure=1/ro.secure=0/' default.prop |
||
− | find . -print|cpio -o -Hnewc|gzip > ../initrd.img2 |
||
− | cd .. |
||
− | abootimg -u boot.img -r initrd.img2 |
||
− | fastboot flash boot boot.img |
||
− | </pre> |
||
− | For the last command, the phone needs of course to be in fastboot mode |
||
− | <br>Reboot phone |
||
− | <br>I had to re-enable USB debugging but now adb shell brings me immediately a root shell :) |
||
− | <br>Note that link mentioned above proposes an alternative way to flash the boot partition, directly from adb shell as root |
||
+ | 4. Restore /system/bin/install-recovery.sh |
||
− | Without this setup, it's a bit cumbersome to automate root commands from host, it looks like |
||
+ | <br>SuperSU may have hijacked /system/bin/install-recovery.sh. If so, we need to restore it. Unfortunately using "full unroot" won't help, see [https://www.reddit.com/r/Nexus5/comments/2zdc8b/ here] (and you'll get stuck unrooted!) so we'll restore it manually. |
||
− | adb shell su -c "netcfg usb0 dhcp" |
||
+ | adb shell |
||
− | and the SuperUser app prompts you for confirmation on the phone for each new command |
||
+ | su |
||
+ | ls -l /system/bin/install-recovery* |
||
+ | # should be fixed or not? |
||
+ | mount -o remount,rw /system |
||
+ | mv /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh |
||
+ | mount -o remount,ro /system |
||
+ | 5. Install proposed OTA update from Android itself |
||
− | Got a failure when trying to flash back a 8Mb boot.img? |
||
− | <br>From example above I started from a boot.img smaller than the full boot partition but if you create a new boot.img or start from an image of the full partition taken manually or with clockworkmod, boot.img will be 8Mb-large (8388608) and fastboot fails with "FAILED exceed blocks 0x00000020 > 0x0000001e". |
||
− | <br>I'm not really sure about what size the file should be but as it's filled with zeroes till reaching 8Mb, I decided to cut it: |
||
− | <br>0x00000020 => 0x0000001e means for me 8388608 / 0x20 * 0x1e = 7864320, so I did: |
||
− | dd if=boot.img of=boot2.img bs=262144 count=30 |
||
− | fastboot flash boot boot2.img |
||
− | And it worked! |
||
− | <br>Note that on ICS I need to use count=28 |
||
− | dd if=boot.img of=boot2.img bs=262144 count=28 |
||
+ | 5b. Check recovery logs |
||
− | ===Images structure=== |
||
+ | <br>In case the automatic update failed, check the recovery logs: |
||
− | You may want to explore .img content (from backups, stock ROMs etc). |
||
+ | <br>At this point you should be already in stock recovery, if not, go to recovery |
||
− | <br>Actually all .img are not the same |
||
+ | <br>Keep power button pressed and press volume-up to get the menu |
||
− | ====bootloader.img==== |
||
+ | <br>Go to "view recovery logs" |
||
− | /dev/mtd/mtd0 |
||
− | <br>Unknown format |
||
− | ====radio.img==== |
||
− | /dev/mtd/mtd5 |
||
− | <br>Unknown format, for baseband |
||
− | ====recovery.img==== |
||
− | /dev/mtd/mtd3 |
||
− | <br>Unknown format |
||
− | ====boot.img==== |
||
− | /dev/mtd/mtd2 |
||
− | <br>See [http://forum.xda-developers.com/showthread.php?t=443994 here] for details on the structure, and abootimg on Debian |
||
+ | 5c. Install proposed OTA update manually from a local copy on the PC |
||
− | ====system.img==== |
||
+ | adb reboot recovery |
||
− | Yaffs2 image, can be unpacked with [https://code.google.com/p/unyaffs/ unyaffs] |
||
+ | Keep power button pressed and press volume-up to get the menu |
||
− | <br>Note that unyaffs failed unpacking stock system.img 2.3.3 & userdata.img but works fine on clockworkmod backups |
||
+ | <br>Go to "apply update from ADB" |
||
− | ====data.img==== |
||
+ | adb sideload update.zip |
||
− | Yaffs2 image, can be unpacked with [https://code.google.com/p/unyaffs/ unyaffs] |
||
− | ====cache.img==== |
||
− | /dev/mtd/mtd4 |
||
− | <br>Yaffs2 image, can be unpacked with [https://code.google.com/p/unyaffs/ unyaffs] |
||
− | ====misc==== |
||
− | /dev/mtd/mtd1 |
||
− | <br>Not backuped by clockworkmod |
||
− | ====efs==== |
||
− | /dev/mtd/mtd6 |
||
− | <br>Yaffs2 image, can be unpacked with [https://code.google.com/p/unyaffs/ unyaffs] |
||
− | <br>Not backuped by clockworkmod |
||
− | <br>Contains stuffs linked to baseband & bluetooth |
||
+ | 6. Reboot and let the system updating its apps |
||
− | ===Screenshots=== |
||
+ | <br>If it seems to stand forever with the boot logo, you can have a look at the same time to the system logs: |
||
− | Run ddms (from SDK) -> Tools / Device / Screen capture |
||
+ | adb logcat |
||
− | ===USB tethering=== |
||
+ | Seeing looping logs with a repetition of |
||
− | Plug phone & PC via USB |
||
+ | >>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<< |
||
− | <br>Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering) |
||
+ | is a bad sign, time for a full ROM recovery! |
||
− | <br>It works OOB on Debian, nothing to do |
||
+ | |||
− | ===Getting busybox=== |
||
− | + | 7. Root again, see [[#SuperSU]] |
|
+ | |||
− | <br>Google's stripped busybox, called toolbox, is far from enough once you get a shell on the phone |
||
+ | 8. Prevent OTA updates: |
||
− | * Get [https://market.android.com/details?id=com.jrummy.busybox.installer Busybox Installer] from Market |
||
+ | adb shell |
||
− | Examples to use busybox versions instead of toolbox versions when the command exists twice: |
||
+ | su |
||
− | <pre> |
||
− | + | mount -o remount,rw /system |
|
+ | echo "# Remove me to allow OTA update" >> /system/build.prop |
||
− | # /system/xbin/mount -o remount,rw /system |
||
+ | mount -o remount,ro /system |
||
− | </pre> |
||
+ | |||
+ | 9. Lock bootloader with BootUnlocker |
||
+ | |||
+ | See also my [https://code.google.com/p/boot-unlocker-gnex/issues/detail?id=30 feature request] for BootUnlocker |
||
+ | |||
+ | ====Upgrade with factory image==== |
||
+ | That's my preferred method. |
||
+ | |||
+ | 1. '''Unlock bootloader with BootUnlocker''', super critical step!!! |
||
+ | |||
+ | 2. Flash a factory image |
||
+ | <br>Get latest image at https://developers.google.com/android/nexus/images |
||
+ | tar xzf ...tgz |
||
+ | cd ... |
||
+ | Or in one go: |
||
+ | wget -O - ... | tar xz |
||
+ | cd ... |
||
+ | Very important if you want to keep your data!!! Edit flash-all.sh and replace |
||
+ | fastboot -w update image-....zip |
||
+ | by |
||
+ | fastboot update image-....zip |
||
+ | <br>Then reboot the phone to bootloader and launch that script: |
||
+ | adb reboot bootloader |
||
+ | ./flash-all.sh |
||
+ | Reboot |
||
+ | |||
+ | 2b. Apply OTA |
||
+ | If you didn't flash the latest version, apply OTA update |
||
+ | |||
+ | 3. Root again, see [[#SuperSU]] |
||
+ | |||
+ | 4. Prevent OTA updates: |
||
+ | adb shell |
||
+ | su |
||
+ | mount -o remount,rw /system |
||
+ | echo "# Remove me to allow OTA update" >> /system/build.prop |
||
+ | mount -o remount,ro /system |
||
+ | |||
+ | 5. Lock bootloader with BootUnlocker |
||
+ | |||
+ | ===On rooted devices=== |
||
+ | ====adbd insecure==== |
||
+ | As USB debugging is now pretty secure, let's enable immediate root access: |
||
+ | <br>Install [https://play.google.com/store/apps/details?id=eu.chainfire.adbd adbd insecure] |
||
+ | <br>Open app -> enable & enable at boot time |
||
+ | ====Busybox==== |
||
+ | From Google Play: https://play.google.com/store/apps/details?id=stericson.busybox&hl=en |
||
+ | <br>Local install: |
||
+ | adb install stericson.busybox-1.apk |
||
+ | => Run busybox -> install -> smart install |
||
+ | Consider buying Busybox Pro... |
||
+ | |||
+ | ===Modifying stuffs in system partition using su=== |
||
+ | adb push some_file /sdcard/ |
||
+ | adb shell su -c "mount -o remount,rw /system" |
||
+ | adb shell su -c "cat /sdcard/some_file > /etc/some_file" |
||
+ | sleep 1 |
||
+ | adb shell su -c "mount -o remount,ro /system" |
||
+ | ===Modifying stuffs in system partition with insecure adbd (=being root by default)=== |
||
+ | adb shell mount -o remount,rw /system |
||
+ | adb push some_file /etc/some_file |
||
+ | sleep 1 |
||
+ | adb shell mount -o remount,ro /system |
||
+ | |||
+ | ===Encrypt device=== |
||
+ | See [https://support.google.com/android/answer/1663755?hl=en official help] |
||
+ | <br>Some reports say they had to repeat the process several times on Nexus 4 before encryption started. I didn't have that problem. |
||
+ | |||
+ | One major caveat is that this is the same password for disk encryption and screen unlock, cf [https://code.google.com/p/android/issues/detail?id=29468 this longstanding bugreport]. |
||
+ | <br>On a rooted device this can be achieved thanks to [https://play.google.com/store/apps/details?id=org.nick.cryptfs.passwdmanager Cryptfs password] or simply by doing: |
||
+ | vdc cryptfs changepw <new_password> |
||
+ | Note that it will have to be done every time the screen PIN or pwd is changed. |
||
+ | <br>See also http://nelenkov.blogspot.jp/2012/08/changing-androids-disk-encryption.html |
||
+ | ==Phone-specific notes== |
||
+ | See [[Android phones]] |
||
+ | |||
+ | ==Applications== |
||
+ | See [[Android Apps]] |
||
+ | |||
+ | ==Applications development== |
||
+ | See [[Android SDK]] |
||
+ | ==Using the embedded SE== |
||
+ | See [[Android SE]] |
||
+ | ==Using TrustZone== |
||
+ | See [[Android TrustZone]] |
||
+ | |||
+ | ==using Software Card Emulation== |
||
+ | See [[Android Software Card Emulation]] |
||
+ | ==Misc== |
||
+ | ===Security=== |
||
+ | http://wiki.secmobi.com/ |
||
===Wi-Fi & client certs=== |
===Wi-Fi & client certs=== |
||
To be able to authenticate to a Wi-Fi network using client certificates via TLS: |
To be able to authenticate to a Wi-Fi network using client certificates via TLS: |
||
Line 505: | Line 308: | ||
===Importing certs=== |
===Importing certs=== |
||
+ | Since Android 3.0, no need for rooting anymore |
||
− | I could only manage it via a webserver & crafted headers: |
||
+ | <br>If troubles, use PEM format, with file extension .crt |
||
− | <pre> |
||
+ | * drop certs on /sdcard/ |
||
− | <?php |
||
+ | * go to settings / personal: security / credential storage: install from storage & select both certs |
||
− | header("Content-Type: application/x-x509-ca-cert"); |
||
+ | ===Test menu=== |
||
− | ?> |
||
+ | Dial *#*#4636#*#* (== *#*#INFO#*#*) |
||
− | -----BEGIN CERTIFICATE----- |
||
+ | ===SMSC configuration=== |
||
− | ... |
||
+ | To configure the SMSC (SMS gateway) on Android is not straight forward. |
||
− | -----END CERTIFICATE----- |
||
+ | <br>Access a hidden settings menu by dialing *#*#4636#*#* (*#*#INFO#*#*) -> phone settings -> SMSC -> Refresh (to get current value) |
||
− | </pre> |
||
+ | <br>To update that field, if it does not work in plain or between quotes, try [http://www.twit88.com/home/utility/sms-pdu-encode-decode encode it in PDU] |
||
+ | * First byte is length of SMSC info, so if it's e.g. +32475161616, it's 11 digits to code on 6 bytes, + 1 byte to code type of SMSC address => 7 bytes |
||
+ | * Second byte is the type of SMSC address, 91 for international format |
||
+ | * Next bytes are the SMSC digits, padded with "f" if odd, then nibble-swapped so in our example: 32475161616F => 2374151616F6 |
||
+ | * Full PDU-encoded SMSC is then: 07912374151616F6 -> Update |
||
+ | ===Screenshots=== |
||
− | You may try this free service: http://www.realmb.com/droidCert/ which seems to do the same. |
||
+ | Run ddms (from [[Android SDK]]) -> Tools / Device / Screen capture |
||
− | <br>But even if imported they seem not to be used e.g. for IMAP TLS. |
||
+ | ===Screencast=== |
||
+ | [http://droid-at-screen.ribomation.com/ Droid@Screen]: |
||
+ | <br>You'll need [[Android SDK]] too. |
||
+ | <br>Make sure you're using the adb from SDK and not from e.g. Debian packages: |
||
+ | <source lang=bash> |
||
+ | adb kill-server |
||
+ | export ANDROID_HOME=/path_to_your/android-sdk-linux_x86 |
||
+ | java -jar droidAtScreen-1.0.2.jar |
||
+ | </source> |
||
+ | androidscreencast: |
||
− | ===Importing CA certs in /system=== |
||
+ | <br>Get jnlp file from [https://code.google.com/p/androidscreencast/ project page] |
||
− | ====Android < 3.0==== |
||
+ | <source lang=bash> |
||
− | Source: [https://wiki.cacert.org/ImportRootCert#Android_Phones CACert wiki]. |
||
+ | adb kill-server |
||
− | <br>You don't need the full Android SDK, just adb binary. |
||
+ | export ANDROID_HOME=/path_to_your/android-sdk-linux_x86 |
||
− | <br>I'm not sure if it's really the proper way but to get recognized the BouncyCastle lib which was already on my system (apt-get install libbcprov-java) I did |
||
+ | $ANDROID_HOME/platform-tools/adb start-server |
||
− | sudo ln -s /usr/share/java/bcprov.jar /usr/lib/jvm/java-6-sun/jre/lib/ext/ |
||
+ | javaws androidscreencast.jnlp |
||
− | <br>Adding CACert certificates: |
||
− | < |
+ | </source> |
+ | ===USB tethering=== |
||
− | adb pull /system/etc/security/cacerts.bks |
||
+ | Plug phone & PC via USB |
||
− | wget http://www.cacert.org/certs/root.crt |
||
+ | <br>Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering) |
||
− | wget http://www.cacert.org/certs/class3.crt |
||
+ | <br>It works OOB on Debian, nothing to do |
||
− | keytool -keystore cacerts.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -storepass changeit -importcert -trustcacerts -alias CACERT -file root.crt |
||
+ | ===Mounting USB as MTP or PTP=== |
||
− | keytool -keystore cacerts.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -storepass changeit -importcert -trustcacerts -alias CACERT3 -file class3.crt |
||
+ | New Nexus devices don't use USB mass storage anymore but MTP or PTP, mainly to be able to access data both from Android & PC at the same time. |
||
− | adb shell busybox mount -o remount,rw /system |
||
+ | <br>There are two methods using fuse so make sure your user is member of fuse group: |
||
− | adb push cacerts.bks /system/etc/security |
||
+ | sudo adduser <your_user> fuse |
||
− | adb shell busybox mount -o remount,ro /system |
||
+ | and make sure your user can access the USB device (cf above: /etc/udev/rules.d/...) |
||
− | </pre> |
||
+ | ====Using mtpfs==== |
||
− | * reboot phone |
||
+ | See [http://www.omgubuntu.co.uk/2011/12/how-to-connect-your-android-ice-cream-sandwich-phone-to-ubuntu-for-file-access/ this article] |
||
− | * try https://www.cacert.org, should work without warning |
||
+ | sudo apt-get install mtpfs mtp-tools |
||
− | Now my IMAP TLS which is using a CACert-signed certificate works with strict TLS setting on the phone, cool! |
||
+ | mkdir ~/MyAndroid |
||
+ | mtpfs ~/MyAndroid |
||
− | '''WARNING''' this has broken proper upgrades and I had to mangle the update.zip to restore first the original cacert.bks file then get it patched. |
||
+ | ... |
||
− | <br>Before I patched it again, my imap server gave me a lot of "couriertls: read: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number" errors before I realized it was because I didn't' have the CACert certificates anymore... |
||
+ | fusermount -u ~/MyAndroid |
||
− | ====Android 3.0 & 4.0==== |
||
+ | Problem is that it's very slow to mount |
||
− | Seems much easier: |
||
− | <br>'''no need for rooting anymore!''' |
||
− | * drop certs on /sdcard/ |
||
− | * go to settings / personal: security / credential storage: install from storage & select both certs |
||
+ | ====Using go-mtpfs==== |
||
− | ==Applications== |
||
+ | See [http://blog.itsbilal.com/2012/12/connect-an-android-4-0-phonetablet-to-ubuntu-the-reliable-way/ this article] |
||
− | See [[Android Apps]] |
||
+ | sudo apt-get install golang fuse git-core libmtp-dev libfuse-dev |
||
+ | mkdir /tmp/go |
||
+ | GOPATH=/tmp/go go get github.com/hanwen/go-mtpfs |
||
+ | sudo mv /tmp/go/bin/go-mtpfs /usr/local/bin/ |
||
+ | mkdir ~/MyAndroid |
||
+ | go-mtpfs ~/MyAndroid & |
||
− | ==Applications development== |
||
+ | ... |
||
− | See [[Android SDK]] |
||
+ | fusermount -u ~/MyAndroid |
||
− | ==Backuping via BackupPC== |
||
+ | ====Using gphotofs==== |
||
+ | This method requires the phone to share files over USB as Camera (PTP), *not* MTP. |
||
+ | |||
+ | sudo apt-get install gphotofs |
||
+ | mkdir ~/MyAndroid |
||
+ | |||
+ | gphotofs ~/MyAndroid |
||
+ | ... |
||
+ | fusermount -u ~/MyAndroid |
||
+ | Problem is that it only shows DCIM & Pictures |
||
+ | <br>Not sure if it's a limitation of Android or Gphoto... |
||
+ | |||
+ | ===Backuping via BackupPC=== |
||
I'm a big fan of [[BackupPc]] and [http://www.tolaris.com/2011/06/13/backing-up-your-android-device-with-backuppc/ this guy] managed to link android & backuppc so let's give it a try. |
I'm a big fan of [[BackupPc]] and [http://www.tolaris.com/2011/06/13/backing-up-your-android-device-with-backuppc/ this guy] managed to link android & backuppc so let's give it a try. |
||
<br>Check the mentioned link but his setup is a bit different, running CyanogenMod while I'm using a stock fw. |
<br>Check the mentioned link but his setup is a bit different, running CyanogenMod while I'm using a stock fw. |
||
<br>Instructions here suppose your phone is rooted. |
<br>Instructions here suppose your phone is rooted. |
||
− | ===IP=== |
+ | ====IP==== |
Backuppc server needs to reach the phone so your phone needs a static (or DHCP statically attributed) IP or whatever dyndns system. |
Backuppc server needs to reach the phone so your phone needs a static (or DHCP statically attributed) IP or whatever dyndns system. |
||
− | ===SSH=== |
+ | ====SSH==== |
I'm using [http://wiki.yobi.be/wiki/Android_Apps#With_root_support SshDroidPro] |
I'm using [http://wiki.yobi.be/wiki/Android_Apps#With_root_support SshDroidPro] |
||
<br>Make sure backuppc key is properly installed in /data/data/berserker.android.apps.sshdroidpro/home/.ssh/authorized_keys |
<br>Make sure backuppc key is properly installed in /data/data/berserker.android.apps.sshdroidpro/home/.ssh/authorized_keys |
||
<br>Then test it as user backuppc, trying to access the phone and accept the server key fingerprint. |
<br>Then test it as user backuppc, trying to access the phone and accept the server key fingerprint. |
||
− | ===rsync=== |
+ | ====rsync==== |
To get rsync binary, I found [https://market.android.com/details?id=eu.kowalczuk.rsync4android rsync backup for Android] which downloads a rsync binary during install (a weird way to deal with a GPL program IMHO). |
To get rsync binary, I found [https://market.android.com/details?id=eu.kowalczuk.rsync4android rsync backup for Android] which downloads a rsync binary during install (a weird way to deal with a GPL program IMHO). |
||
<br>The actual binary it downloads is available [https://sites.google.com/a/kowalczuk.eu/android/rsync here]. |
<br>The actual binary it downloads is available [https://sites.google.com/a/kowalczuk.eu/android/rsync here]. |
||
Line 577: | Line 410: | ||
</source> |
</source> |
||
− | ===Wi-Fi=== |
+ | ====Wi-Fi==== |
Make sure Wi-Fi will stay on! |
Make sure Wi-Fi will stay on! |
||
<br>Menu > Settings > Wireless & networks > Wi-Fi settings > Menu > Advanced > Wi-Fi sleep policy > Never (or never when powered) |
<br>Menu > Settings > Wireless & networks > Wi-Fi settings > Menu > Advanced > Wi-Fi sleep policy > Never (or never when powered) |
||
− | ===BackupPC config=== |
+ | ====BackupPC config==== |
My config: create new host in backuppc web interface with: |
My config: create new host in backuppc web interface with: |
||
XferMethod = rsync |
XferMethod = rsync |
||
Line 592: | Line 425: | ||
PingMaxMsec = 400 |
PingMaxMsec = 400 |
||
as anyway it's on local network |
as anyway it's on local network |
||
− | ===Non-rooted device=== |
+ | ====Non-rooted device==== |
For non-rooted devices the setup is a bit different: |
For non-rooted devices the setup is a bit different: |
||
* SSH server will run on a non-privilegied port, e.g. port 2222 |
* SSH server will run on a non-privilegied port, e.g. port 2222 |
||
Line 607: | Line 440: | ||
RsyncClientRestoreCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+" |
RsyncClientRestoreCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+" |
||
Because we cannot directly backup /data content, what can be done is to use e.g. MyBackupPro to backup most of the data to the SD card, in a scheduled way. |
Because we cannot directly backup /data content, what can be done is to use e.g. MyBackupPro to backup most of the data to the SD card, in a scheduled way. |
||
− | ==Rooting Samsung Galaxy Tab 10.1== |
||
− | cf http://forum.xda-developers.com/showthread.php?t=1239185 |
||
− | <br>I used a WinXP within a virtualbox under Debian |
||
− | <br>When flashing with Odin3 I had problems process being stuck at SetupConnection |
||
− | <br>Trick was to unplug physically the USB cable, start Odin3, plug the cable, connect the USB device through virtualbox to WinXP |
||
− | |||
− | Once rooted, upgrade the Superuser application |
||
− | <br>Once started, the app should detect su binary needs also to be updated. Follow instructions. |
||
− | |||
− | To enter clockwork recovery: power off / press vol down + power till 2 icons appear / press vol down to select left icon / press vol up / you should see recovery menu now |
||
− | |||
− | Installing new Market application: |
||
− | <br>Some apk are lying around, here is how I use them |
||
− | <br>First test their certificate as I don't want to get a malicious app: |
||
− | $ adb install Vending_3.1.5.apk |
||
− | Failure [INSTALL_FAILED_ALREADY_EXISTS] |
||
− | <br>This is ok, but e.g. this one seems more worrisome, I wouldn't try it: |
||
− | $ adb install Vending_3.1.6.apk |
||
− | Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES] |
||
− | |||
− | Make your backups! |
||
− | <br>Replace manually /system/app/Vending.apk by the new version and reboot. |
||
− | <br>If trouble you may try to clean the Dalvik cache from Clockwork recovery advanced menu |
||
− | |||
− | busybox mount -o remount,rw /system |
||
− | mv /system/app/Vending.apk /sdcard/Vending_1.0.apk |
||
− | mv /sdcard/Vending_3.1.5.apk /system/app/Vending.apk |
||
− | chown 0.0 /system/app/Vending.apk |
||
− | busybox mount -o remount,ro /system |
Latest revision as of 15:00, 26 April 2016
Links
App stores
Alternate views on the official market:
Alternate markets:
- AppsLib
- AndSpot (beta)
- GetJar
- Handmark
- Mobango
- Handango
- explorePDA
- MiKandi
- MobiHand
- Mobspot
- Smartphone.net
- AndroidGear
- SlideME
User manuals
Short notes
ADB
To reveal developer menu, tap 10x on "settings/about/build nr"
Then enable usb debug.
USB debugging is pretty secured since Jelly Bean but beware for older versions!
Since Android 5.0.1, it's required to use at least adb v1.0.32.
apt-get install android-tools-adb
Note that from recovery, you can also use adb:
- adb shell
- adb sideload update.zip
- adb push
etc
Fastboot
apt-get install android-tools-fastboot
USB permissions on the host
Create /etc/udev/rules.d/99-android.rules for Nexus phones:
SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", MODE="0666", OWNER="<your_account>" # all Nexus
Then execute /etc/init.d/udev reload
To enter Fastboot mode
- Power off phone
- Depends on the phone, e.g.:
- Nexus S: keep volume-up pressed while pressing power on for 5 secs
- Nexus 4: keep volume-down pressed while pressing power on for 5 secs
- Nexus 5: keep volume-down pressed while pressing power on for 5 secs
- You've entered fastboot
See https://source.android.com/source/running.html for other models
Alternatively, fastboot can be triggererd from adb: adb reboot bootloader
OEM unlock
Necessary step before being able to flash partitions or boot on alternative recovery.
This will wipe ALL DATA!!!
fastboot oem unlock
OEM unlock for rooted devices
Once the device has been unlocked and rooted, it can be locked/unlocked again without wiping all the data, at least on some phone models.
Install BootUnlocker
Factory images for Nexus phones
Typical usage: (requires OEM unlock)
tar xzf CODENAME-VERSION-factory-CHECKSUM.tgz cd CODENAME-VERSION ./flash-all.sh
To avoid erasing user data:
Very important if you want to keep your data!!! Edit flash-all.sh and replace
fastboot -w update image-....zip
by
fastboot update image-....zip
Recovery
TWRP
ClockworkMod
Usage
Flashing an alternative recovery (requires OEM unlock):
fastboot flash recovery recovery-clockwork-VERSION-CODENAME.img
Booting (without flashing) an alternative recovery (requires OEM unlock):
fastboot boot recovery-clockwork-VERSION-CODENAME.img
Stock recovery
To show menu with Nexus stock recovery, it depends on the phone, e.g.:
- Nexus 4: hold "power" and press "volume-up"
- Nexus 5: press & release quickly volume-up & power a few times
Rooting
SuperSU
Requires OEM unlock, see above fastboot oem unlock (! erase all) and see below BootUnlocker (for already rooted)
Requires e.g. TWRP recovery
Requires e.g. ChainFire SuperSU (you can check forum for beta releases)
adb reboot bootloader fastboot boot recovery-xxx.img # In recovery, choose Advanced / Install zip / from sideload adb sideload UPDATE-SuperSU-v2.xx.zip # Reboot (and decline erasing recovery updater install-recovery.sh)
Rooting Android M
Rooting method has changed quite a bit and is still uncertain as those lines are written, see e.g. http://forum.xda-developers.com/apps/supersu/wip-android-6-0-marshmellow-t3219344
Rooting securely
Rooting can be done securely if:
- bootloader is locked again
- problem is that unlocking would erase again the data
- see below BootUnlocker which allows on rooted Nexus to toggle bootloader without deleting data
- keep stock recovery
- SuperSU is locked with a PIN
- this requires the Pro version
- SuperSU always require the PIN to authorize an app
- or be very careful which ones you authorize permanently
Rooting and OTA
By experience, it's always quite difficult to apply an OTA on a rooted phone, even after having attempted to unroot the phone.
So I prefer to apply a full factory image (being careful not to overwrite the data) and root it again.
If latest factory image isn't available yet, flash the latest available then apply the regular OTA before rooting.
Prevent OTA
Normally rooting is enough to prevent OTA but to be sure, one can touch build.prop (so its sha1sum won't match anymore)
adb shell su mount -o remount,rw /system echo "# Remove me to allow OTA update" >> /system/build.prop mount -o remount,ro /system
Attempt OTA
I don't recommend it as most attempts end in an infinite loop after the reboot.
When ready to really do OTA update:
1. Unlock bootloader with BootUnlocker, super critical step!!!
2. Make a backup of the proposed OTA patch, just in case
adb shell ls -l /cache adb pull /cache/update.zip
3. Restore build.prop:
adb shell su mount -o remount,rw /system sed -i '/Remove me/d' /system/build.prop # or if you don't have sed/busybox: grep -v "Remove me" /system/build.prop > /sdcard/build.prop.tmp cat /sdcard/build.prop.tmp > /system/build.prop rm /sdcard/build.prop.tmp mount -o remount,ro /system
4. Restore /system/bin/install-recovery.sh
SuperSU may have hijacked /system/bin/install-recovery.sh. If so, we need to restore it. Unfortunately using "full unroot" won't help, see here (and you'll get stuck unrooted!) so we'll restore it manually.
adb shell su ls -l /system/bin/install-recovery* # should be fixed or not? mount -o remount,rw /system mv /system/bin/install-recovery_original.sh /system/bin/install-recovery.sh mount -o remount,ro /system
5. Install proposed OTA update from Android itself
5b. Check recovery logs
In case the automatic update failed, check the recovery logs:
At this point you should be already in stock recovery, if not, go to recovery
Keep power button pressed and press volume-up to get the menu
Go to "view recovery logs"
5c. Install proposed OTA update manually from a local copy on the PC
adb reboot recovery
Keep power button pressed and press volume-up to get the menu
Go to "apply update from ADB"
adb sideload update.zip
6. Reboot and let the system updating its apps
If it seems to stand forever with the boot logo, you can have a look at the same time to the system logs:
adb logcat
Seeing looping logs with a repetition of
>>>>>> START com.android.internal.os.ZygoteInit uid 0 <<<<<<
is a bad sign, time for a full ROM recovery!
7. Root again, see #SuperSU
8. Prevent OTA updates:
adb shell su mount -o remount,rw /system echo "# Remove me to allow OTA update" >> /system/build.prop mount -o remount,ro /system
9. Lock bootloader with BootUnlocker
See also my feature request for BootUnlocker
Upgrade with factory image
That's my preferred method.
1. Unlock bootloader with BootUnlocker, super critical step!!!
2. Flash a factory image
Get latest image at https://developers.google.com/android/nexus/images
tar xzf ...tgz cd ...
Or in one go:
wget -O - ... | tar xz cd ...
Very important if you want to keep your data!!! Edit flash-all.sh and replace
fastboot -w update image-....zip
by
fastboot update image-....zip
Then reboot the phone to bootloader and launch that script:
adb reboot bootloader ./flash-all.sh
Reboot
2b. Apply OTA If you didn't flash the latest version, apply OTA update
3. Root again, see #SuperSU
4. Prevent OTA updates:
adb shell su mount -o remount,rw /system echo "# Remove me to allow OTA update" >> /system/build.prop mount -o remount,ro /system
5. Lock bootloader with BootUnlocker
On rooted devices
adbd insecure
As USB debugging is now pretty secure, let's enable immediate root access:
Install adbd insecure
Open app -> enable & enable at boot time
Busybox
From Google Play: https://play.google.com/store/apps/details?id=stericson.busybox&hl=en
Local install:
adb install stericson.busybox-1.apk => Run busybox -> install -> smart install
Consider buying Busybox Pro...
Modifying stuffs in system partition using su
adb push some_file /sdcard/ adb shell su -c "mount -o remount,rw /system" adb shell su -c "cat /sdcard/some_file > /etc/some_file" sleep 1 adb shell su -c "mount -o remount,ro /system"
Modifying stuffs in system partition with insecure adbd (=being root by default)
adb shell mount -o remount,rw /system adb push some_file /etc/some_file sleep 1 adb shell mount -o remount,ro /system
Encrypt device
See official help
Some reports say they had to repeat the process several times on Nexus 4 before encryption started. I didn't have that problem.
One major caveat is that this is the same password for disk encryption and screen unlock, cf this longstanding bugreport.
On a rooted device this can be achieved thanks to Cryptfs password or simply by doing:
vdc cryptfs changepw <new_password>
Note that it will have to be done every time the screen PIN or pwd is changed.
See also http://nelenkov.blogspot.jp/2012/08/changing-androids-disk-encryption.html
Phone-specific notes
See Android phones
Applications
See Android Apps
Applications development
See Android SDK
Using the embedded SE
See Android SE
Using TrustZone
using Software Card Emulation
See Android Software Card Emulation
Misc
Security
Wi-Fi & client certs
To be able to authenticate to a Wi-Fi network using client certificates via TLS:
If needed, export certificate from IE in Pkcs#12 PFX, *with* private key, *with* all certs, *without* strong enc, *without* deletion of private key.
Rename .pfx file as .p12
(source: http://www.google.com/support/mobile/bin/answer.py?answer=168466&topic=27214#1086573)
Copy pkcs#12 certificate to root of USB storage.
File must end with .p12, not .pfx!
One single file with key+cert+cacerts is ok
Wi-Fi params: 802.1x EAP / TLS / phase2: None / CA cert: cf previous import / user cert: idem / Identity: DOMAIN\user... / Anonymous id: empty / password:...
Note that after each reboot, you'll have to select manually one of the protected networks to unlock the secure storage of personal certificates or open manually the certificates storage:
Settings > Location & Security > Use secure credentials
See also Keystore Unlocker
Importing certs
Since Android 3.0, no need for rooting anymore
If troubles, use PEM format, with file extension .crt
- drop certs on /sdcard/
- go to settings / personal: security / credential storage: install from storage & select both certs
Dial *#*#4636#*#* (== *#*#INFO#*#*)
SMSC configuration
To configure the SMSC (SMS gateway) on Android is not straight forward.
Access a hidden settings menu by dialing *#*#4636#*#* (*#*#INFO#*#*) -> phone settings -> SMSC -> Refresh (to get current value)
To update that field, if it does not work in plain or between quotes, try encode it in PDU
- First byte is length of SMSC info, so if it's e.g. +32475161616, it's 11 digits to code on 6 bytes, + 1 byte to code type of SMSC address => 7 bytes
- Second byte is the type of SMSC address, 91 for international format
- Next bytes are the SMSC digits, padded with "f" if odd, then nibble-swapped so in our example: 32475161616F => 2374151616F6
- Full PDU-encoded SMSC is then: 07912374151616F6 -> Update
Screenshots
Run ddms (from Android SDK) -> Tools / Device / Screen capture
Screencast
Droid@Screen:
You'll need Android SDK too.
Make sure you're using the adb from SDK and not from e.g. Debian packages:
adb kill-server
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
java -jar droidAtScreen-1.0.2.jar
androidscreencast:
Get jnlp file from project page
adb kill-server
export ANDROID_HOME=/path_to_your/android-sdk-linux_x86
$ANDROID_HOME/platform-tools/adb start-server
javaws androidscreencast.jnlp
USB tethering
Plug phone & PC via USB
Activate USB tethering (Settings / Wireless & networks / Tethering / USB Tethering)
It works OOB on Debian, nothing to do
Mounting USB as MTP or PTP
New Nexus devices don't use USB mass storage anymore but MTP or PTP, mainly to be able to access data both from Android & PC at the same time.
There are two methods using fuse so make sure your user is member of fuse group:
sudo adduser <your_user> fuse
and make sure your user can access the USB device (cf above: /etc/udev/rules.d/...)
Using mtpfs
See this article
sudo apt-get install mtpfs mtp-tools mkdir ~/MyAndroid
mtpfs ~/MyAndroid ... fusermount -u ~/MyAndroid
Problem is that it's very slow to mount
Using go-mtpfs
See this article
sudo apt-get install golang fuse git-core libmtp-dev libfuse-dev mkdir /tmp/go GOPATH=/tmp/go go get github.com/hanwen/go-mtpfs sudo mv /tmp/go/bin/go-mtpfs /usr/local/bin/ mkdir ~/MyAndroid
go-mtpfs ~/MyAndroid & ... fusermount -u ~/MyAndroid
Using gphotofs
This method requires the phone to share files over USB as Camera (PTP), *not* MTP.
sudo apt-get install gphotofs mkdir ~/MyAndroid
gphotofs ~/MyAndroid ... fusermount -u ~/MyAndroid
Problem is that it only shows DCIM & Pictures
Not sure if it's a limitation of Android or Gphoto...
Backuping via BackupPC
I'm a big fan of BackupPc and this guy managed to link android & backuppc so let's give it a try.
Check the mentioned link but his setup is a bit different, running CyanogenMod while I'm using a stock fw.
Instructions here suppose your phone is rooted.
IP
Backuppc server needs to reach the phone so your phone needs a static (or DHCP statically attributed) IP or whatever dyndns system.
SSH
I'm using SshDroidPro
Make sure backuppc key is properly installed in /data/data/berserker.android.apps.sshdroidpro/home/.ssh/authorized_keys
Then test it as user backuppc, trying to access the phone and accept the server key fingerprint.
rsync
To get rsync binary, I found rsync backup for Android which downloads a rsync binary during install (a weird way to deal with a GPL program IMHO).
The actual binary it downloads is available here.
But Android wget doesn't support https so you've to transfer it to your phone by another mean.
One way is to install the application I mentioned and let it download that binary.
Then, to install it at a more rooted-Android standard place:
cd /system/xbin
busybox mount -o remount,rw /system
cp /data/data/eu.kowalczuk.rsync4android/files/rsync /system/xbin/
chmod 755 /system/xbin/rsync
chown root.shell /system/xbin/rsync
busybox mount -o remount,ro /system
Wi-Fi
Make sure Wi-Fi will stay on!
Menu > Settings > Wireless & networks > Wi-Fi settings > Menu > Advanced > Wi-Fi sleep policy > Never (or never when powered)
BackupPC config
My config: create new host in backuppc web interface with:
XferMethod = rsync RsyncShareName = [/data/, /efs/ (useful??), /system/, /mnt/asec/, /mnt/sdcard/] RsyncClientPath = /system/xbin/rsync BackupFilesExclude = /mnt/sdcard/ => [/oruxmaps/mapfiles, /clockworkmod/backup, /radio_dump_*, /videos]
Note that in the mentioned link he's using RsyncShareName = / and playing with BackupFilesOnly but for me it looks like BackupFilesOnly was not respected, so I preferred to have separate RsyncShareName
Some info on APP2SD here and here
I had errors "Ping too slow" so I increased
PingMaxMsec = 400
as anyway it's on local network
Non-rooted device
For non-rooted devices the setup is a bit different:
- SSH server will run on a non-privilegied port, e.g. port 2222
- login will be done with sshdroid permissions, not root, so it cannot access rsync binary neither /data content
- rsync needs to be available so we'll transfer it again, as sshdroid user:
scp -P2222 rsync galaxy:/data/data/berserker.android.apps.sshdroid/home/bin/
then make it executable
- BackupPC config is e.g.:
XferMethod = rsync RsyncShareName = [/mnt/sdcard/] RsyncClientPath = /data/data/berserker.android.apps.sshdroid/home/bin/rsync BackupFilesExclude = /mnt/sdcard/ => [/Movies] RsyncClientCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+" RsyncClientRestoreCmd: add "-p2222" to ssh options: "$sshPath -p2222 -q -x -l root $host $rsyncPath $argList+"
Because we cannot directly backup /data content, what can be done is to use e.g. MyBackupPro to backup most of the data to the SD card, in a scheduled way.