• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

[Verizon] When an OTA Breaks Root? Now What?

gapi

gapi

Android Expert
Sooner or later there is going to be a OTA that will break my Root?

I just looked at the guide trying to find what to do, or what the options are, when a OTA is released and had no luck.

So....... I am a new rooter and have been venturing in to the deep and the Dark and have realized I have not left a bread crumb trail.

Can I get some clarification or pointed to what I need?:)
 
All you will need to do is use fastboot to either flash CWM or softboot CWM then in recovery flash superuser and you are rooted once again.

If you are running a custom rom you shouldn't have any issues since the OTA shouldn't hit your phone.
 
Ah. OK. Thanks.

I have been reading and it also looks like no-one knows for sure yet and the DEV's will have something ready a day or so after eh?

Thanks
 
gapi said:
Ah. OK. Thanks.

I have been reading and it also looks like no-one knows for sure yet and the DEV's will have something ready a day or so after eh?

Thanks
Click to expand...

My bet is that the developers will get it days before :p
 
Well, I'm a little confused about the above, but I'll tell you what I've found in my own testing regarding how OTA's affect root and the thread I posted about it:

http://androidforums.com/galaxy-nexus-all-things-root/469782-ota-updates-vs-clockworkmod-root.html

Here's the "TL;DR" (too long--didn't read) version:

Q: can I get/install an OTA if I have a custom recovery (ClockworkMod) installed?

A: nope

Q: can I then just re-flash the stock recovery and then get/install the OTA?

A: yep

Q: can I be rooted and get/install an OTA?

A: yep

Q: do I lose root access at that point?

A: yep

Q: what do I do then?

A: invoke custom recovery and re-install the su.zip root package

---

So yes, an OTA install will break root. No big deal though.

So, its really no biggie when an OTA comes in or becomes available. If you know about it ahead of time and want to take the OTA, then you just need to make sure you've got a stock recovery installed (How to restore stock recovery), then take the OTA, re-install ClockworkMod and flash the su.zip file (from the ClockworkMod rooting method--very simple).

If you don't want the OTA to install, just keep your currently installed custom recovery.

Hope that helps :).

Cheers!
 
think i've read that if you're on a custom rom, like AOKP, you won't get an OTA.

And you don't need to manually root or flash super user, just unlock, flash AOKP and bam you're rooted. That's how i got root anyway.
 
mistermojorizi said:
think i've read that if you're on a custom rom, like AOKP, you won't get an OTA.

And you don't need to manually root or flash super user, just unlock, flash AOKP and bam you're rooted. That's how i got root anyway.
Click to expand...

You have to get into recovery after unlocking but yeah you should be able to soft boot or flash CWM and flash a rom to become rooted.
 
To clarify the above (the answer is obviously, "yes, it's easy to regain root"):

Fastboot allows us to flash whatever we want to the recovery partition of the phone.

The recovery partition can write to any part of the phone's filesystem.

Therefore, all you have to do is install a new recovery (in this case, Clockworkmod), and you can use that to push new files to your phone (i.e. a superuser file).

So nothing that happens with an OTA really breaks root - it just temporarily removes the files necessary to access it.
 
binary visions said:
So nothing that happens with an OTA really breaks root - it just temporarily removes the files necessary to access it.
Click to expand...

I think/thought an OTA leaves the su program in-place in /system/bin (or wherever its installed), but removes the permission bit (4xxx) that allows the binary to execute as root.

I can re-test this tonight if you want (but I thought I did this before)...could be wrong, though :p.

iowabowtech said:
Haven't tried it yet, but this may come in handy down the road:

https://market.android.com/details?id=org.projectvoodoo.otarootkeeper
Click to expand...

gapi said:
Heh! I hope so. I am waiting for those that know to comment on that app.

I am in a dizzy spin. I don't see the su.zip root package on my phone.

I hope there is a step by stepper when its time to get what Google dishes out.
Click to expand...

I looked at the app source and it looks like it just sandboxes (saves) the current su binary to a /system/su-backup folder while/when you are still rooted. Then, when you are ready to re-root, it just restores the su binary back, using the sandboxed su binary (i.e., to re-gain root) to restore things.

Really, root is just "set-aside" for a bit...since the app knows where the su binary is (in the /system/su-backup folder), it can gain root access whereas other apps can't because they normally look for the su binary in /system/bin or /system/xbin.

The Superuser.apk app doesn't have to move and doesn't get disturbed since the linchpin is the su binary.

Simple. Elegant.

Cheers!
 
Heh! I found a su file in System/xbin. That it?

So, do you endorse or condemn the root keeper app.

I'm still gonna need a step by stepper, when the time comes. Mercy don't tell me now. :-)
 
gapi said:
Heh! I found a su file in System/xbin. That it?

So, do you endorse or condemn the root keeper app.

I'm still gonna need a step by stepper, when the time comes. Mercy don't tell me now. :-)
Click to expand...

It looks solid, but I haven't personally used it, though :).

I did some manual testing like this last year that looks identical to what Root Keeper does. I think I posted in the Moto Triumph root area, where folks were trying to figure-out basically how to unroot and root, on-the-fly (not related to receiving an OTA).

I copied the su binary to su-backup to see if I could keep root even if the su binary was moved, renamed, or its permissions were reset. You can, but you have to manually invoke the su-backup binary from an adb shell OR you would have to code an app like the Root Keeper app, that knows how and where to invoke it from. You can't simply move or save su and expect other traditional root apps like Root Explorer, TiBu, etc. to still retain root.

So, the "TL;DR" answer to your question is, yep, Root Keeper looks like a keeper :), although its certainly still pretty easy to re-flash su.zip from CWM, too, to re-obtain root post-OTA.

Cheers!
 
I was referred to that app by some dev cohorts so my confidence level is high if that counts for anything. I've had it loaded since release day just waiting for an update so it'd work on the gnex. And that just occurred. In all honesty, I may not end up using it since I've become partial to more manual methods but I think it'll be a nifty tool for those who seek maximum automation.
 
Okay, here's the deal from a "little" testing I did tonight:

- flashed back to 4.0.1 stock/factory (this wipes everything, by the way)

- soft-booted CWM and re-rooted by flashing the su.zip file

- rebooted, verified that I had root access

- allowed the 4.0.2 OTA to download and install

- rebooted and saw that root was indeed lost (as expected)

- the /system/bin/su file was indeed still present, but it was stripped of its SUID-bit permissions that allowed it to run as the root user

So, that (the above) was the gist and purpose of my test, so that did indeed confirm that the su binary remains in place.

Now, I also did a little side test where I manually backed-up the su binary and the Superuser.apk file to the /system/su-backup folder like I thought OTA Root Keeper would have. The issue I saw was that after the 4.0.2 OTA came in, the su in the /system/su-backup folder was also stripped of its SUID-bit permissions.

The app does explicitly say that the Galaxy Nexus is supported, so I'd trust that in lieu of my test above, but I'll still play around with it and examine the code a little more to try to figure-out what the deal is.

Cheers!
 
I am having dyslexia on flashing thies su.zip file. I don't seem to have one, I think.

Where are you finding it. I went into CWM looking for it and do not seem to have it.
 
gapi said:
I am having dyslexia on flashing thies su.zip file. I don't seem to have one, I think.

Where are you finding it. I went into CWM looking for it and do not seem to have it.
Click to expand...

Its in the "ClockworkMod Method" of this thread:

http://androidforums.com/verizon-galaxy-nexus-all-things-root/469049-how-root-vzw-lte-samsung-galaxy-nexus.html

(click the "Show" button to expand the details in there).

Here's the direct download the from the CWM site:

http://download.clockworkmod.com/test/su.zip

Cheers!
 
Okay, quick follow-up to the OTA Root Keeper and my little experiment tonight...the "secret recipe" to OTA Root Keeper is the "chattr" (change file attribute of an ext2 filesystem) on the /system/su-backup directory to protect it from having its permissions reset by the OTA. I didn't do that during my little test, but I'm confident that it would have had its intended effect.

So, bottom line: use the app if you are so inclined, should work just fine :).

Cheers!
 
scary alien said:
I think/thought an OTA leaves the su program in-place in /system/bin (or wherever its installed), but removes the permission bit (4xxx) that allows the binary to execute as root.

I can re-test this tonight if you want (but I thought I did this before)...could be wrong, though :p.
Click to expand...

Well, what the OTA does can/will vary between OTA updates, right?

So whether it leaves the SU binary in place might change. So, extending that, "root keeper" will only work if indeed all the OTAs ever do is modify the file attribute and not wipe out parts or all of the /system partition. Frankly, if I were a developer, I'd have a sanity check to identify anything unfamiliar in the /system and fail the update. Updating uncontrolled environments (and we KNOW it's uncontrolled if there's unfamiliar data in /system since that's not normally something a user can write to) is a recipe for problems.

Or have all OTA updates thus far across all devices actually left the SU binary alone?
 
binary visions said:
Well, what the OTA does can/will vary between OTA updates, right?

So whether it leaves the SU binary in place might change. So, extending that, "root keeper" will only work if indeed all the OTAs ever do is modify the file attribute and not wipe out parts or all of the /system partition. Frankly, if I were a developer, I'd have a sanity check to identify anything unfamiliar in the /system and fail the update. Updating uncontrolled environments (and we KNOW it's uncontrolled if there's unfamiliar data in /system since that's not normally something a user can write to) is a recipe for problems.

Or have all OTA updates thus far across all devices actually left the SU binary alone?
Click to expand...

I'm not sure, bv....I get what you are saying and I wholeheartedly agree that one shouldn't count on an OTA behaving like prior ones. In fact, I would expect that they might vary from vendor to vendor.

Notice also that OTA RootKeeper does not tout itself as working on every device.

I do think that one would expect an OTA update to leave most things in place, since it function would be to update existing components (although a major OS change like going from Eclair to Froyo or Froyo to Gingerbread, you would imagine more draconian wipes taking place).

This is probably the feature that a root keeper relies on, that things only the OTA knows about and plans on touching (or is mainly subordinate to them) will be touched, leaving something like the rootkeeper created set-aside /system/su-backup folder untouched.

Cheers!
 
After running the rootkeeper I found a su-backup file in the /system folder.
The only permissions not checked are , sticky, and Group & others write boxes.
 
You must log in or register to reply here.
Back
Top Bottom