Keep-root Recovery for Motorola Droid
2011-01-02 android

If you currently have root access on your Motorola Droid but are running a vanilla (not custom) ROM, you need to take precautions when applying an OTA update. By default an OTA update will remove your root access. Some phones are rather easy to re-root (for instance, Nexus One), but in some cases the OTA update patches up the security holes exploited to gain root access.

My remedy is shsu -- a very simple patch on top of the standard recovery image that will prevent loss of root access when applying an OTA update. Here's how to install and use it:

Use at your own risk! I am not responsible for any damage incurred by following these instructions or using the linked software!

  1. Download flash_image and recovery-ERE22D-shsu.

  2. Push them to /sdcard on the phone -- either mount the SD card and copy it or use 

    adb push flash_image /sdcard/
adb push recovery-ERE22D-shsu.img /sdcard/

  3. Execute within adb shell: 

    cd /sdcard/
chmod 755 flash_image
su -c ./flash_image recovery recovery-ERE22D-shsu.img

Test Drive

Verify that you have installed the recovery image correctly, by rebooting into recovery mode. The easiest way:

adb reboot recovery

In the modified recovery, you can toggle menu using the space button. You should see

[ szym ] system recovery utility

and the last option on the list should be install shsu:

This recovery will install shsu (shell-only su) every time it exits, so after rebooting back you can check that it worked by running within adb shell:

ls -l /system/xbin/shsu
-rwsr-x--- root     shell       80492 2011-01-02 02:10 shsu
shsu
id
uid=0(root) gid=0(root) groups=...

This is a shell-only su, meaning that no app other than the shell (that is, adb shell) will be able to use it.

Restoring root access using shsu

It is now safe to apply an OTA update. After applying the update, you will lose root access via regular su. Assuming the (now ineffective) su binary is in /system/xbin we need to fix its permissions. Enter adb shell:

shsu
mount -o remount,rw /dev/block/mtdblock4 /system
chmod 4755 /system/xbin/su
mount -o remount,ro /dev/block/mtdblock4 /system
blog comments powered by Disqus