Semi-Bricked? No shell...

[ppww]

Well, I had a nicely rooted OV, but then I had to go and upgrade some things in /system/bin (bash and busybox). Of course just before I got all the symlinks made, my adb session disconnected, leaving me without either /system/bin/sh or /system/bin/su at the moment.

So here's a puzzle, how to recover from this, and restore "sh", after which it's a simple matter to obtain root again?

I can do a few things:

• 'adb push' files into /mnt/sdcard and /data/local/tmp
• get a shell in the Terminal Emulator app using /system/bin/bash (which I was just about to link to "sh")
• run any commands supported by /system/bin/busybox (which is not setuid root)

But I cannot:

• 'adb shell' (exec '/system/bin/sh' failed: No such file or directory)
• write to /data/local or /system/bin from Terminal Emulator, because it runs as a different user than adb shell
• chmod exploit files pushed into /data/local/tmp to make them executable (permission denied, for same reason as previous point)

So does anyone know of a way to get temporary root, without using 'adb shell'? Or to change the adb user's shell from sh to bash?

If not, can the stock recovery mode be used to flash a replacement (stock or other) ROM? All references I've found here describe flash restore operations using a custom recovery loader (which I hadn't gotten around to installing yet), adb shell + root, or various other backup utilities that require root privilege; and no one has reported getting Emergency Recovery mode to work.

I haven't rebooted, as this will revert the /system filesystem to read-only, and not sure what else will be broken due to missing "sh".

 

[koopakid08]

You can use super one click to shell root, that will give you root until you reboot.

Sent from my NookColor using Tapatalk

 

[Vishwar]

You can use super one click to shell root, that will give you root until you reboot.

Sent from my NookColor using Tapatalk

Yup.

Just make sure you click SHELL ROOT. Clicking ROOT will twack your phone.

 

[ppww]

You can use super one click to shell root, that will give you root until you reboot.

Unfortunately, SuperOneClick is just a front-end that automates a few adb commands, of which the "adb shell" used to chmod and run the exploit file doesn't work:

Pushing psneuter...
1257 KB/s (585731 bytes in 0.455s)
OK
chmod psneuter...
- exec '/system/bin/sh' failed: No such file or directory (2) -
OK
Running psneuter...
- exec '/system/bin/sh' failed: No such file or directory (2) -
FAILED

 

[Eollie]

How does a adb session disconnect?

 

[ppww]

How does a adb session disconnect?

Probably by instinctively hitting ctrl-c intending to kill some command running on the phone, but it kills the adb application on the windows side instead. You've never done that? Well, doesn't matter how it happened, just that it did, before I was done "fixing" things.

 

[Eollie]

Fair enough.

Have you thought about fastboot?

 

[ppww]

Have you thought about fastboot?

Yep, looks like that's my best option.

For anyone interested, here are the results of examining the source code for the available root exploits. In short, all of them require an adb shell, and can't be done in Terminal Emulator or anything else installed through a .apk package, even with appropriate source code mods. So if adb shell doesn't work, as is my special case, you can't get root without reflashing the system partition.

Rageagainstthecage and psneuter rely on bugs in the adb daemon; GingerBreak doesn't require the adb executable, but must be run as the adb user, which has sufficient group membership to read the system log.

So now, I can boot my Optimus into fastboot mode, but am having trouble finding a Windows Vista 32 driver that works. In fastboot, the USB device signature is different, so it needs a different driver than the normal debug & USB storage modes. In fastboot, the phone reports itself as VID_18D1&PID_D00D, which seems to have been removed from all recent LG and Google drivers. Tried adding

%SingleBootLoaderInterface% = USB_Install, USB\VID_18D1&PID_D00D

to the Google SDK driver .inf file, but no success so far; it churns away for a few minutes, and eventually errors out when updating the driver from Device Manager. Maybe another reboot, or removing the other driver packages will solve that.

When I get the driver issue resolved, here's what I'm planning:

1. Boot into fastboot, flash recovery-clockwork-3.2.0.1-thunderc.img over recovery partition.
2. Boot into Clockworkmod recovery console, backup everything to sdcard. (Should have done this when I first bought it.)
3. Modify system.img offline to fix the files in /system/bin.
4. Restore system.img from Clockworkmod recovery.
5. Reboot, root as usual, and back to normal.

See any problems with that?

 

[AndyOpie150]

How to install Fastboot drivers go here Optimus V Rooting,Roms,Tutorials thread - Android Forums

 

[ppww]

How to install Fastboot drivers go here Optimus V Rooting,Roms,Tutorials thread - Android Forums

The driver package on the LG web site referenced in that guide does not work for fastboot mode (product ID d00d). Maybe a previous version of it did, and it was subsequently removed? I had to add the SingleBootLoaderInterface line to the appropriate .inf file, rebooted, got it to load, then all went as expected.

The procedure I outlined above worked fine, back to normal and now fully backed up. For step 3, I used the unyaffs utility to unpack my system image, made the necessary repairs, then mkyaffs2image to rebuild it. Thanks for the tips, everyone!

 

[JerryScript]

Did you try Gingerbreak from the Market?