FORUMS
Remove All Ads from XDA

phh's SuperUser/ OpenSource SELinux-capable SuperUser

1,540 posts
Thanks Meter: 930
 
Post Reply Email Thread
Hi,

IT MIGHT BRICK YOUR DEVICE.
Always ensure you have a way back.


Here is a thread about my fork of Koush's Superuser, to handle SELinux: https://github.com/seSuperuser/Superuser
So I would like your help to make this SuperUser a proud opensource SU app!

If you have an application that requires root, and which needs specific SELinux configuration please ask!


Build bot: https://superuser.phh.me/
Currently, four flavors of su are available on the build-bot:
- "eng" which puts "su" in permissive mode. This is the most compatible mode, but you should trust the apps you give root to. This does NOT put SELinux in permissive mode.
- "noverity" is eng and dm-verity disabled
- "nocrypt" is eng, dm-verity and dm-crypt disabled
- "user" is meant to give a safe su. su-apps won't be able to access to your Android Pay (for instance) informations, or keep persistent su access without your consent

Please note that user is in heavy development and isn't up to its promises at the moment.

I setup a build bot, which generates boot.img based on my solution, and pushes them to https://superuser.phh.me/

I did this build bot in a way so it is easy to add new ROMs, so don't hesitate asking for new ROM/devices support.
Supporting new devices might mean some additional work on http://github.com/seSuperuser/super-bootimg/ if they are using non-standard boot.img format, but the aim is to support as many devices as possible.
You need to install the APK from PlayStore afterwards: https://play.google.com/store/apps/d....phh.superuser

Bot-supported devices
Here are some devices, but there are many more !
- A *lot* of Archos devices
- All Nexus-es, including Pixel C (if some Nexus is missing, just ask!)
- nVidia Shield TV
- nVidia Shield Tablet
- Fairphone 2

update.zip format
The zip is available at https://superuser.phh.me/superuser.zip
It should be able to root any device supported by super-bootimg from TWRP (and possibly other custom recoverys)
You still need to install the APK afterwards. https://play.google.com/store/apps/d....phh.superuser [url]https://f-droid.org/repository/browse/?fdid=me.phh.superuser[url]

update.zip successfully tested on...
- HTC A9
- HTC M8 GPE
- HTC M9
- Nexus 5
- Samsung Galaxy Note II (GT-N7100)
- LG G4
- nVidia Shield Tablet
- I stopped counting there.

update.zip can be configured
In the update.zip, there is a config.txt, which defines some changes made by the zip. You can edit this config.txt.
Valid keywords are:
- eng makes su SELinux-permissive
- power makes su SELinux-enforced, but with every rights known of
- user makes su SELinux-enforced, but possibly safer
- noverity disables dm-verity
- nocrypt disables encryption
- nocrypt_all disables encryption on all partitions, not just /data (possibly works better than nocrypt, but breaks adoptable storage)

WANTED:
- Testers from different devices
- Stock ROM/Device maintainers: With the auto-build bot, it is fairly easy to add new devices/firmwares (https://github.com/phhusson/super-bo...merhead/MRA58N describes a firmware, nothing device-specific). This only requires to do some PRs to add a device, or on updated firmwares
- Testers
- UI designer: The current UI dates back from 4.1...? It is really ugly and not really usable.
- Testers
- Root-related devs: SELinux policies are still being written
- Testers
- Security reviewers
- Testers

Bug report
If some app doesn't work, please ask me, not the dev.
I consider I have to fix support for other apps, not the other way around.



ChangeLog
2016-01-31 r170: superuser.zip can be included in other update.zip
2016-01-27 r166: Add support for Viper4Android
2016-01-15 r162: Add su --bind and su --init commands
2016-01-10 r154: Files are no longer copied multiple times. Fixes MultiROM, and multiple install for update.
2016-01-06 r152: Fix support for ChromeOS-like format (Pixel C)
2016-01-01 r144: Detect chromeos-style signature, and don't try to resign it in that case
2015-12-30 r143: Improved compatibility with apps.
2015-12-28 r142: Changed naming convention to include device name and release
2015-12-28: Added "nocrypt" target
2015-12-13: Added "noverity" target to buildbot
2015-12-13: Add options for noencrypt, noverity
2015-12-03: Fix TitaniumBackup
2015-11-24: mount --bind to /system/xbin/su if it exists to override ROM's su
2015-11-23: Fix CF.Lumen
2015-11-14: Add super-bootimg's version in boot.img, several network/firewall-related permissions
2015-11-11: Access to Android's services
2015-11-10: Recursive su access
2015-11-09: Fix pm disable command
The Following 290 Users Say Thank You to phhusson For This Useful Post: [ View ] Gift phhusson Ad-Free
 
 
13th October 2015, 10:25 PM |#2  
Senior Member
Flag Mantes-la-Ville
Thanks Meter: 503
 
More
Do you mean that latest galaxy s5 neo sm-g903f might be rooted soon ?
(Exynos5 & Mali T-720)
The Following User Says Thank You to WILMANS2M For This Useful Post: [ View ] Gift WILMANS2M Ad-Free
20th October 2015, 11:15 PM |#3  
Member
Flag Berlin
Thanks Meter: 35
 
Donate to Me
More
It seems like many people still haven't understood the purpose of apps like SuperSu and Superuser. They are no exploits and don't gain your root access. What they do is they manage the root access and enable you to select which apps to grant root access, otherwise every single application on your device would have it. They are root managers. So this project won't help you in getting root for your device as long as there's no method (exploit) to gain it.
The Following 15 Users Say Thank You to Benko111 For This Useful Post: [ View ] Gift Benko111 Ad-Free
25th October 2015, 01:40 PM |#4  
phhusson's Avatar
OP Senior Member
Flag Paris
Thanks Meter: 930
 
Donate to Me
More
Not much activity here, but a lot on my side.
Android 6.0 is now out, with its new SELinux policy, which makes it impossible to update the policy after the boot, and dm-verity becomes mandatory (so no /system change without boot.img)
I'm thus totally retargetting my work:
- I've created https://github.com/phhusson/super-bootimg which will edit boot.img (the complicated part, because it needs A LOT of testing across many devices)
- change sepolicy
- Add su in /sbin/su
- Enable su daemon

With various options to disable dm-verity, encryption, etc. (please note that this is NOT required, since only boot.img is changed)
The Following 25 Users Say Thank You to phhusson For This Useful Post: [ View ] Gift phhusson Ad-Free
26th October 2015, 08:20 PM |#5  
Senior Member
Thanks Meter: 157
 
More
dude - you should kickstarter this. SuperSu is pretty much a mandatory install for every rooted device. this is big for the XDA community and we would love to support you.
The Following 9 Users Say Thank You to sandys1 For This Useful Post: [ View ] Gift sandys1 Ad-Free
27th October 2015, 01:19 PM |#6  
Senior Member
Thanks Meter: 376
 
More
Cannot express enough how much i want this project to succeed

And, at least for myself

"I also wonder about displaying an user-understandable SELinux policy, so that root applications can be "more secure
Would anyone be interested in such a feature?"

......Hell yeah, that most certainly does interest me.........controllable levels of su right?

Obviously, if its possible to do........even if android denies this possibility, an open source su is most assuredly welcome from this neck of the woods

I wish this project major luck



Edit
"(I'm thinking that I'm trying to be even more secure than "standard" non-rooted ROMs, that's perhaps a bit optimistic.)"

I love that mentality, and im enjoying immensley your discussions on github with lbdroid........i love that your taking security more seriously then most...love where your coming from on this.....major props
3rd November 2015, 08:41 AM |#7  
Junior Member
Thanks Meter: 18
 
More
To better test on shell of recovery without making an update.zip , I modified the sepolicy-inject.c so that the usage() no longer blocks the "booting.sh"

on sepolicy-inject.c:377, insert a line "if ( NULL == optarg ) break;", as in my shell there will be a parameter value with null on last entry of "char** arguv", which will trigger the default switching case and exit the sepolicy-inject unexpectedly.

......
while ((ch = getopt_long(argc, argv, "a:f:g:s:t:c:P:Z:z:n", long_options, NULL)) != -1) {
if ( NULL == optarg ) break;
switch (ch) {
......
5th November 2015, 09:44 PM |#8  
phhusson's Avatar
OP Senior Member
Flag Paris
Thanks Meter: 930
 
Donate to Me
More
Quote:
Originally Posted by kennylam

To better test on shell of recovery without making an update.zip , I modified the sepolicy-inject.c so that the usage() no longer blocks the "booting.sh"

on sepolicy-inject.c:377, insert a line "if ( NULL == optarg ) break;", as in my shell there will be a parameter value with null on last entry of "char** arguv", which will trigger the default switching case and exit the sepolicy-inject unexpectedly.

......
while ((ch = getopt_long(argc, argv, "a:f:g:s:t:c:P:Z:z:n", long_options, NULL)) != -1) {
if ( NULL == optarg ) break;
switch (ch) {
......

I'm not sure I understand...
When calling what command do you need this?
The Following User Says Thank You to phhusson For This Useful Post: [ View ] Gift phhusson Ad-Free
8th November 2015, 07:36 PM |#9  
Member
Thanks Meter: 4
 
More
Quote:
Originally Posted by phhusson

Hi,

IT MIGHT BRICK YOUR DEVICE.
Always ensure you have a way back.



I'm the author of a fork of Koush's Superuser, to handle SELinux: https://github.com/phhusson/Superuser
It is in early-stage, but thanks to recent events related to SuperSU, it got some spotlight.

So I would like your help to make this SuperUser a proud opensource SU app!

I have mostly two sides of things left to do:
- Device compatiblity/update.zip
- Application compatbility

I've tested my Superuser on Qualcomm/CAF 5.1 devices, on MTK 5.1 devices, on CAF 6.0, on Nexus 5/9 6.0, and I believe it should work on most devices which are close enough to AOSP.

I have missing steps to be compatible with SuperSU (see https://github.com/phhusson/Superuser#todo-list ).
I'd like to have feedback from app developers about which features they need the most.

If you have an application that requires root, and which needs specific SELinux configuration please ask!

There are main two types of builds, and some sub-types in it:
- @doitright did an integration in an AOSP tree, to make it suitable for ROM integration, https://github.com/lbdroid/AOSP-SU-PATCH/
- I did http://github.com/phhusson/super-bootimg/ which integrates su in a binary boot.img, and outputs a root-ed boot.img

@doitright's source solution currently has one SELinux policy, which is fully enforcing, and currently works in most cases.
My solution currently has two different policies, one which has su permissive, meaning it can do anything, which is not as safe as source-based s solution, and one which is WIP (basically unusable, because almost nothing is allowed to root).

I setup a build bot, which generates boot.img based on my solution, and pushes them to https://superuser.phh.me/

I did this build bot in a way so it is easy to add new ROMs, so don't hesitate asking for new ROM/devices support.
Supporting new devices might mean some additional work on http://github.com/phhusson/super-bootimg/ if they are using non-standard boot.img format, but the aim is to support as many devices as possible.

The plan is to have a third method for rooting:
super-bootimg will work from a recovery, so that you can root any ROM from recovery.

Thanks !

my question is how to change a file label to u: object_r:system_file:s0
i modify system.img to add some additional apps into /system/app/ directory i did modification then build a new system.img after flashing phone with new system.img the app was appear in menu but once i am trying to open it gives me error (com.xxxxxx.andriod) stopped working then i execute ls -Z command in /system/app/ directory to see the different and i realize that the new app i copied in system/app/ directory it has a different label than others
so i tried to change .apk file label to (u: object_r:system_file:s0) using chcon command but failed
chcon: Could not label u: object_r:system_file:s0

can you please guide me how to do it ?
10th November 2015, 09:52 AM |#10  
phhusson's Avatar
OP Senior Member
Flag Paris
Thanks Meter: 930
 
Donate to Me
More
Quote:
Originally Posted by zameer_yus

my question is how to change a file label to u: object_r:system_file:s0
i modify system.img to add some additional apps into /system/app/ directory i did modification then build a new system.img after flashing phone with new system.img the app was appear in menu but once i am trying to open it gives me error (com.xxxxxx.andriod) stopped working then i execute ls -Z command in /system/app/ directory to see the different and i realize that the new app i copied in system/app/ directory it has a different label than others
so i tried to change .apk file label to (u: object_r:system_file:s0) using chcon command but failed
chcon: Could not label u: object_r:system_file:s0

can you please guide me how to do it ?

Can you check in audit log?
How did you put the file?
Don't you have any other message?
The Following 2 Users Say Thank You to phhusson For This Useful Post: [ View ] Gift phhusson Ad-Free
11th November 2015, 11:33 PM |#11  
Senior Member
Thanks Meter: 42
 
More
Maybe in your intro you can eloborate on the naming convention of your bot built .img’s?

one which has su permissive (power?), meaning it can do anything, which is not as safe as source-based s solution (user?), and one which is WIP (eng?)


Your HTTPS link to superuser.phh.me is refusing connections?:

This webpage is not available

ERR_CONNECTION_REFUSED
ReloadHide details
Google Chrome's connection attempt to superuser.phh.me was rejected. The website may be down, or your network may not be properly configured.
Check your Internet connection
Check any cables and reboot any routers, modems, or other network devices you may be using.
Allow Chrome to access the network in your firewall or antivirus settings.
If it is already listed as a program allowed to access the network, try removing it from the list and adding it again.
If you use a proxy server...
Check your proxy settings or contact your network administrator to make sure the proxy server is working.

If I do a flash-all.sh of mra58r, reboot to bootloader, fastboot flash boot your-boot.img, would you expect this to boot fine?

Can you detail which phones can take a custom keystore?
The Following User Says Thank You to havealoha For This Useful Post: [ View ] Gift havealoha Ad-Free
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes