... /system/etc/ works for Android, (once the container's been made R/W). Mine's symlinked (via Adaway) to /data/data to save space.
Incidentally, I noticed that /data/data is accessible in Chrome OS at /home/root/*/android-data/data/data and a couple of other locations under /opt and /run (the latter being temporary).
I executed the combined RootandSEpatch.sh script and appear to have successfully acquired root on a Samsung Chromebook Plus, but my /system/etc/ folder is still not R/W for Adaway, is there another step to make this container R/W?
I executed the combined RootandSEpatch.sh script and appear to have successfully acquired root on a Samsung Chromebook Plus, but my /system/etc/ folder is still not R/W for Adaway, is there another step to make this container R/W?
Same problem. Can't get write access to /system with Adaway or root explorer. Apps are able to gain root privilege but can't write to the system partition
"dev",
Which Chrome OS version?
The likely fix: Check my post on github for a little more detail if you like, but, essentially, if you open /opt/google/containers/android/config.json in vi, and see the line:
under the mount options for the Android "/" (it was at line 32 on my device, but this may vary depending on CrOS version), you can remove this line, then reboot, and then the container should mount R/W.Code:"dev",
Or, if you want, you can add your config.json (or the first 40 or so lines of it) to a post here, and we can take a look at it to further investigate.
Good morning and thanks for the quick response. I am on 68.0.3440.25 dev channel on the samsung chromebook plus. I found a similar line and it reads as follows:
"root": {
"path": "rootfs/root"
},
"hostname": "android",
"mounts": [
{
"destination": "/",
"type": "bind",
"source": "rootfs/root",
"options": [
"rslave",
"suid",
"exec"
],
"performInIntermediateNamespace": true
},
{
As you can see "dev" is not present.
printf "mount | grep loop1" | android-sh
mount | grep loop1
printf "mount | grep loop1" | android-sh
mount | grep loop1
kevin_cheets:/ $ mount | grep loop1
/dev/loop1 on / type ext4 (ro,seclabel,nodev,relatime,block_validity,delalloc,barrier,user_xattr,acl)
Good morning, thank you again for the quick response. No, it shows as RO
@Nolirum, are you using a Chromebook plus? If not, I would be glad to help if you would like me to test anything. If you are interested PM me for my hangouts info. Thank you againYeah, so although the line I mentioned is not present in your config.json, I'm guessing that it may be something similar, still. I had a brief look at some of the changelogs on chromium.googlesource.com related to arc++ and couldn't immediately see anything that might have caused it this time around. If necessary I'll have a proper look again when I have time, later in the week.
I'll set up a completely fresh CrOS install, probably tomorrow, and see if I can replicate the issue.
Any update here?Yeah, so although the line I mentioned is not present in your config.json, I'm guessing that it may be something similar, still. I had a brief look at some of the changelogs on chromium.googlesource.com related to arc++ and couldn't immediately see anything that might have caused it this time around. If necessary I'll have a proper look again when I have time, later in the week.
I'll set up a completely fresh CrOS install, probably tomorrow, and see if I can replicate the issue.
on post-fs
start logd
# Once everything is setup, no need to modify /.
# The bind+remount combination allows this to work in containers.
mount rootfs rootfs / remount bind ro nodev
on post-fs
start logd
# Once everything is setup, no need to modify /.
# The bind+remount combination allows this to work in containers.
mount rootfs rootfs / remount bind ro
localhost / # printf "mount | grep loop1" | android-sh
/dev/loop1 on / type ext4 (rw,seclabel,nodev,relatime)
sed -i.old 's|mount rootfs rootfs / remount bind ro.*$|mount rootfs rootfs / remount bind ro|g' /opt/google/containers/android/rootfs/root/init.rc
sed -i 's|mount rootfs rootfs / remount bind ro|mount rootfs rootfs / remount bind rw|g' /opt/google/containers/android/rootfs/root/init.rc
mount rootfs rootfs / remount bind ro
mount rootfs rootfs / remount bind rw
Apologies for the delayed response. I've been a bit busy, besides couldn't replicate it my end on any of the CrOS versions or find anything in the source, and I think it can be quite tricky to troubleshoot these types of issue remotely.
however, I can now replicate this issue on v69.0.3491.0 on my device, and after some diffing and A/B testing I have found that this time the source of the problem appears to be within the container. A recent change to init.rc seems to be the culprit.
Starting from arc version 4892840 (on my device), the argument "nodev" has been added to the mount options for the rootfs. On my device this is at line 288 of init.rc.
After removing "nodev" and rebooting, the Android container now mounts read/write again.
i.e.
Edit /opt/google/containers/android/rootfs/root/init.rc
Remove "nodev" from the mount options for the rootfs therein (line 288 on my device).
So the following
Code:on post-fs start logd # Once everything is setup, no need to modify /. # The bind+remount combination allows this to work in containers. mount rootfs rootfs / remount bind ro nodev
becomes
Code:on post-fs start logd # Once everything is setup, no need to modify /. # The bind+remount combination allows this to work in containers. mount rootfs rootfs / remount bind ro
After a reboot, the Android rootfs is now writeable again.
Code:localhost / # printf "mount | grep loop1" | android-sh /dev/loop1 on / type ext4 (rw,seclabel,nodev,relatime)
Edit: I guess you could do it with sed, something like
Code:sed -i.old 's|mount rootfs rootfs / remount bind ro.*$|mount rootfs rootfs / remount bind ro|g' /opt/google/containers/android/rootfs/root/init.rc
Hopefully the above works for you. If needed I could add this to the rooting script, but it'll probably be best to wait a bit anyway, and see there are any further changes in forthcoming CrOS updates (v70?).
Edit 2: I've had a commentfrom someone else with a Chromebook Plus, and the above fix did not work for them.
I have also found that, on my device, it is also possible to get the Android rootfs to mount RW again by actually changing, on the same line, the RO argument (which, I understand, previously would be overridden by Chrome OS) to RW.
After making either one, or both, of those changes, I found that the rootfs would mount R/W on my device.
So, to change RO to RW, it would be something like
which should change the lineCode:sed -i 's|mount rootfs rootfs / remount bind ro|mount rootfs rootfs / remount bind rw|g' /opt/google/containers/android/rootfs/root/init.rc
toCode:mount rootfs rootfs / remount bind ro
I have suggested that they try this and, after rebooting, check again to see if /dev/loop1 is still read-only in Android.Code:mount rootfs rootfs / remount bind rw
If/when i find out more on this, I'll post back.
Edit 3. The latter command has now been confirmed to work on the Chromebook Plus on v69 to re-enable the R/W mount for the Android rootfs. It also works for me on v70. I'll probably add it to the rooting script presently.
I tested your scripts & got it install/patch -
However in SuperSU it says no root detected, & using a root checking app says partially rooted, any idea around this?
sorry, I'm completely new to modifying chrome books. I have an asus flipbook and would like root access. I've rooted phones a number of times and installed new roms so I know how to do it on phones, it's just chromeos I'm not familiar toying with.
Could you write out a step by step guide please on how to do this? it would be very much appreciated!
sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partitions $(( $(rootdev -s | sed -r 's/.*(.)$/\1/') - 1))
curl -Ls https://raw.githubusercontent.com/nolirium/aroc/onescript/RootandSEpatch.sh | sudo sh
sudo mv /opt/google/containers/android/system.raw.img.bk /opt/google/containers/android/system.raw.img
I worked a bit more on building chromiumos for caroline... have run into this now:
[...]
The thing is, since at least the Android portion of the chrome build isn't public, I guess I should be expecting it to not fully build...
So if we build chromiumos with "USE=arc", should we expect to see everything except the container (which I think should end up in `/opt/google/containers`)? I tried that, then started to diff my build against an asus flip (in dev mode) and found a bunch of stuff in addition to the container missing. Init scripts such as `arc-camera.conf`, `arc-mount.com` are missing. Binaries in /usr/bin such as `arc_camera_services` and `arc-obb-mounter` are missing. And some users and groups such as `arc-bridge` were missing.
I used an Asus Flip v54.0.2824.5, and the release-R54-8743.B building for the `veyron_minnie` board as comparisons.
Maybe I should just focus on the kernel partition and not try to build the whole thing. Not even sure what my goal is here except to see how far I can get. Maybe put unionfs in the kernel to override squashfs...
Might be nice to have a version that could be piped to bash or something with a one-liner to do everything in one step...
curl -Ls https://raw.githubusercontent.com/nolirium/aroc/onescript/RootandSEpatch.sh | sudo sh
curl -Ls https://raw.githubusercontent.com/nolirium/aroc/master/01Root.sh | sudo sh
curl -Ls https://raw.githubusercontent.com/nolirium/aroc/master/02SEPatch.sh | sudo sh
I noticed a few things:
1. that Alt?-F2 command (ctrl-f2? I don't have the cb in front of me) to put you in the terminal still used that password I had set.
2. sudo bash did NOT work without a password (as it did on the previous cb) - or even with the password I had set. I had to reset chonos' password manually and then I was able to get root.
So whatever that screen did, it did set up some passwords, but I'm not clear on what the chronos account is for vs. root or where they are stored-- I see nothing in /etc/passwd or in /etc/shadow.
# If we're not in dev-mode, skip to the system password stack.
[...]
# Check if a custom devmode password file exists and prefer it.
[..]
# If we get to pwdfile, use it or bypass the password-less login.
[..]
pwdfile /mnt/stateful_partition/etc/devmode.passwd
# See if the account exists in /etc and does not yet have a system password
# set. Only then will we allow password-less login access (see below).
# For accounts not listed in /etc, or that have a password, we do not want
# to allow them to log in.
auth [success=ignore default=1] pam_exec.so \
quiet seteuid \
/usr/bin/awk -F: [ \
BEGIN { ret = 1 } \
$1 == ENVIRON["PAM_USER"\] && $2 == "*" { ret = 0 } \
END { exit ret }] /etc/shadow
# If we get here, allow password-less access
auth sufficient pam_exec.so \
quiet seteuid \
/usr/bin/crossystem cros_debug?1
# Fallback to a system password if one was stamped in after initial build.
ok so two questions, one do you think this would work on the Acer r13 convertable? and 2 where can I find the actual instructions/scripts