I don't want to use unrevoked!

[Bleelas]

Hi everyone. Thanks for the support. Please note that I'm NOT trying to start an unrevoked debate! After doing quite a bit of reading about rooting, what it entails, and what to expect afterwards, I rooted my Evo with unrevoked. I've had no problems, have been able to create backups, flash, etc. However, after reading about rooting the right way, I thought I'd unroot and re-root with the methods in the stickies here.

I have a few questions before I get started though. First, I don't completely understand why unrevoked is viewed as too easy (i.e. not able to learn anything by doing it) but simple root (which is now one click) is not. Unrevoked is criticized because the user doesn't get to understand what is going on, but doesn't simple root hide just as much of the rooting process by only being 1 click? Don't get me wrong, I would definitely get valuable experience reverting from 2.2 to 2.1 with the android SDK, adb shell etc, but it seems to me that the actual rooting is just as mysterious with simple root as with unrevoked. Am I missing something? There aren't any simple root instructions in the sticky and the website doesn't say a whole lot other than "one click!" so maybe I'm missing something. Which brings me to my next question. If simple root hides a lot of the process, is the real benefit of rooting the "right way" that it's easier to troubleshoot? If I really want to root the "right way" is simple root TOO simple for me?

Again, I don't want to start an argument. I just want to learn about rooting, want to do it the right way, but I want to understand a little more before I jump into it.

Thanks again!

 

[igotsanevo4g]

The exploit for simple root is known, and also you can see what files are being pushed and used to do the stuff.

Adb, sdk, and that stuff is good to know also.

Another thing that is a problem, and gets annoying. Is ALOT of new comers tend to use unrevoked, without reading anything. They are soon after overwhelmed, panicky, and ask questions that the conventional root method user would have already known. My theory on why most don't read, is because its to easy to just download some drivers and click, so they figure everything else must be really straight forward too.

All that being said, the unrevoked team does great work, its just abused.

 

[Bleelas]

Thanks for the info! So while simple root is running, it tells you what step it's on / what files are being pushed? Do you think that the sticky with simple root would be the way to go for me, as someone who wants to learn about this stuff and thinks it's kind of fun? I don't mind unrooting and re-rooting with a different method. Like I said, it's pretty fun.

 

[igotsanevo4g]

Yeah, you don't have to use simple root either. You can use toasts old fashioned manual method.

But definately head the sticky, LJ's guide is great.

 

[fivebass52]

I did a lot of reading, and installed Unrevoked, then the more reading I did, the more I didn't want to be rooted with Unrevoked. Have since uninstalled it, but am not finding an easy way to root again. Mainly because I'm using a MacBook Pro, and it seems that everything I've read at this point is geared for Windows.

Is there a link anyone can point me to for rooting on a Mac? Thanks...

 

[Bleelas]

Yeah, you don't have to use simple root either. You can use toasts old fashioned manual method.

But definately head the sticky, LJ's guide is great.

Thanks again, just a few more questions. In LJs sticky, he links to a rooting method from SteelH at XDA with grayed out instructions and a most recent post of early August and he states it is of historical interest only, so I'm not going to use that method correct?

Now, just so I'm clear on everything (because I like to try to read up and get all my questions answered before I start on anything like this)...

1. I can follow the instructions in LJs sticky and root with simple root OR
2. I can follow LJs sticky and root with Toasts method by following the instructions in these threads:
[TUTORIAL] How To Root The HTC EVO ~ Part-1 \0/ - xda-developers and then
[TUTORIAL] How To Unlock Nand Protection ~ Part-2 [Gaining RW Access/Full Root] - xda-developers
And this is still effective even though it's from way back in May and it grants me the exact same root as simple root would?

Finally, I noticed in your sig that you rooted with Regaw's 2.2 method. I read Regaw's thread [GUIDE] How to root Android 2.2 on the EVO 4G - xda-developers and he uses unrevoked to gain root access with 2.1, but isn't that what people seem to be against doing? Sorry if I sound like a jerk or an idiot. I'm legitimately trying to understand the different ways of doing this. And as always, thanks!

Oh, and as for the mac issue, I haven't read about that at all as I have a PC, but have you cheched out this thread? http://forum.androidcentral.com/htc-evo-4g-roms-hacks/17766-how-full-root-evo-4g-mac.html

 

[igotsanevo4g]

Regaw method is to roll back to android 2.1 when you can then use simple root, unrevoked, and I believe toasts method.

Simple root is an automated program that does toasts method automatically instead of manually doing it your self. I think.

 

[Bleelas]

Awesome, exactly the information I was looking for. Can't thank you enough. I'll let you know how everything turns out after reading some more and finally taking the plunge.

 

[igotsanevo4g]

I did a lot of reading, and installed Unrevoked, then the more reading I did, the more I didn't want to be rooted with Unrevoked. Have since uninstalled it, but am not finding an easy way to root again. Mainly because I'm using a MacBook Pro, and it seems that everything I've read at this point is geared for Windows.

Is there a link anyone can point me to for rooting on a Mac? Thanks...

[Guide] How to gain root on 2.2 for Mac - xda-developers

There's a how to for Mac.

---------

No problem man.

 

[2CupsWithString]

My favorite way to root without a click:

The first part of the 2.2 root, until you're back to stock 2.1

then:

The easiest 1.47.651.1 root+nand unlock you'll ever see without a gui (Updated) - xda-developers

 

[rizorith]

I rooted last night with unrevoked and it worked fine as best I can tell. I'm also not sure exactly why it's looked down upon but my understanding is that I can always "un-root" if I have problems.

I think most of the people who post here are intent on learning at least a little bit about what root is and probably follow the directions well. The noob who has 1 post and writes "Unrevoked broke my phone! Help" is another story.

On that note, I'm about to post a ton of questions about rooting

 

[d3xn2o]

I rooted last night with unrevoked and it worked fine as best I can tell. I'm also not sure exactly why it's looked down upon but my understanding is that I can always "un-root" if I have problems.

I think most of the people who post here are intent on learning at least a little bit about what root is and probably follow the directions well. The noob who has 1 post and writes "Unrevoked broke my phone! Help" is another story.

On that note, I'm about to post a ton of questions about rooting

As long as you search before Asking those questions...

There are a ton of Thread most likely covering these questions...



On a side Note... Thx to JRun talking to MYN he's working on RLS 3

Also a Sense-less version... CANT WAIT!!!!

 

[Kevin OQuinn]

As long as you search before Asking those questions...

There are a ton of Thread most likely covering these questions...



On a side Note... Thx to JRun talking to MYN he's working on RLS 3

Also a Sense-less version... CANT WAIT!!!!

OMG Senseless Myn?!?! I think I just...oh wait nevermind LOL. I'm already running LP on Myn but I'd love to see how fast Myn is without the Sense stuff.

Anyone else thinking Myn and Vael should get together on this one?

 

[igotsanevo4g]

anyone else thinking myn and vael should get together on this one?

Epic super rom.

 

[Bleelas]

My favorite way to root without a click:

The first part of the 2.2 root, until you're back to stock 2.1

then:

The easiest 1.47.651.1 root+nand unlock you'll ever see without a gui (Updated) - xda-developers

Sweet, thanks! So I would follow those instructions AFTER reverting to 2.1 via LJs sticky?

Now, hopefully you all can help me in my quest to understand what is actually going on. AFAICT, using the method in the above link:

1. First you create a soft link between mtd1 (recovery partition) and mid.txt to get full access permissions to the recovery partition. This is accomplished because the boot script will do chmod 777 on the link (and therefore mtd1 instead of mid.txt) thus granting rwx permissions.
2. Then you cat the new flash_image onto the existing flash_image which will allow you to flash mtd-eng.img
3. Then you chmod the flash_image 755 (so you get execute permission in addition to read?)
4. Then you flash mtd-eng.img

I'll stop here for a second to ask questions. Is flash_image just a binary that *erm* flashes images (and if so, why isn't it in /system/bin)? Why does it need to be changed to a custom one to flash mtd-eng? And finally, what exactly does mtd-eng do? Is it the engineering bootloader? Why do you flash it to the misc directory and not elsewhere?

Okay, so now we:
1. Again cat flash_image and change permissions
2. Flash recovery.img

A few more questions. Why do you cat flash_image in /data/local/rights in the first step but in /data in the second? Are there more than one flash_image binary? Is recovery.img the custom recovery (ala Amon_RA) that will allow you to flash a ROM (or other zips) from the bootloader->recovery?

Finally, where exactly in all this is superuser enabled? Somewhere in there are you adding su to /system/bin and given executable permissions? And adding the superuser.apk (which as I understand it just moderates the use of su)? And where exactly is NAND unlocked?


I really REALLY appreciate the help! Like I said, I'm just trying to understand as much as possible. And I hope I'm not pissing you off with all the questions. Thanks!

 

[2CupsWithString]

You got it right, yes, this is for after you get back to a 2.1 ROM, the recovery is clockwork I believe and you're flashing the engineering bootloader. This is good to know also if you choose to flash CM6 (it's a aosp ROM that has issues with newer bootloaders).

flash_image does indeed flash images.

I don't know why we use two different flash_images when you're just using the same one really, maybe someone else can answer that.

Here you're getting root access on the engineering ROM from the PC36 file.

You're doing a few things in this process, you're writing a custom recovery, installing a boot loader that will install un-signed images and then installing the engineering build for the Evo with root enabled.

Sweet, thanks! So I would follow those instructions AFTER reverting to 2.1 via LJs sticky?

Now, hopefully you all can help me in my quest to understand what is actually going on. AFAICT, using the method in the above link:

1. First you create a soft link between mtd1 (recovery partition) and mid.txt to get full access permissions to the recovery partition. This is accomplished because the boot script will do chmod 777 on the link (and therefore mtd1 instead of mid.txt) thus granting rwx permissions.
2. Then you cat the new flash_image onto the existing flash_image which will allow you to flash mtd-eng.img
3. Then you chmod the flash_image 755 (so you get execute permission in addition to read?)
4. Then you flash mtd-eng.img

I'll stop here for a second to ask questions. Is flash_image just a binary that *erm* flashes images (and if so, why isn't it in /system/bin)? Why does it need to be changed to a custom one to flash mtd-eng? And finally, what exactly does mtd-eng do? Is it the engineering bootloader? Why do you flash it to the misc directory and not elsewhere?

Okay, so now we:
1. Again cat flash_image and change permissions
2. Flash recovery.img

A few more questions. Why do you cat flash_image in /data/local/rights in the first step but in /data in the second? Are there more than one flash_image binary? Is recovery.img the custom recovery (ala Amon_RA) that will allow you to flash a ROM (or other zips) from the bootloader->recovery?

Finally, where exactly in all this is superuser enabled? Somewhere in there are you adding su to /system/bin and given executable permissions? And adding the superuser.apk (which as I understand it just moderates the use of su)? And where exactly is NAND unlocked?


I really REALLY appreciate the help! Like I said, I'm just trying to understand as much as possible. And I hope I'm not pissing you off with all the questions. Thanks!

 

[Bleelas]

So just one more question. The exploit used to gain root (linking mid.txt to the recovery partition) is pretty transparent in the netarchy method, but what is the exploit used in Toast's method and simple root? It seems to be contained within the PC36IMG (I can't open and look at for some reason), which loads a custom ROM with root access built in. Is this right and if so, then through what exploit does it load the custom ROM?

 

[2CupsWithString]

So just one more question. The exploit used to gain root (linking mid.txt to the recovery partition) is pretty transparent in the netarchy method, but what is the exploit used in Toast's method and simple root? It seems to be contained within the PC36IMG (I can't open and look at for some reason), which loads a custom ROM with root access built in. Is this right and if so, then through what exploit does it load the custom ROM?

I'm not sure because the ROM is already rooted, I think it may be that the engineering build for the Evo just has root access enabled for the regular user on the system. I'm not 100% sure though.

Be careful with opening image files/ROMs, make sure you use one that you didn't open when flashing to your phone - signatures can break (if they are signed in the first place) and then it won't work.

 

[Bleelas]

I gotcha. Thanks everyone for all the answers and dealing with my long posts!