Develop Bugs

[Guide] Android Pay on rooted T-Mobile G5 - UPDATE: Workaround developed!

Android Pay use after rooting has been discussed in a few other threads, here on XDA, notably the 6P and 5X Nexi:
http://forum.xda-developers.com/nexus-6p/general/android-pay-root-t3309072
http://forum.xda-developers.com/nexus-5x/general/passing-safetynet-root-t3307659
With our newly rooted H830s (courtesy of http://forum.xda-developers.com/tmobile-lg-g5/development/root-h830-t3384526), it'd be nice to collect our information here.
I am very interested in how Android Pay may or may not work after our TOT flash. Here's a quick tutorial:
SuperSU must install via a 'systemless' root method due to security changes with Marshmallow. Thus, when SuperSU is flashed in TWRP as described in the TOT root thread, it can only install this way. It should not affect the /system partition.
Android Pay uses the "Safetynet API" to detect for tampering/root. What they classify as tampering is not entirely clear. But they do check /system among other things. It looks like apps that have altered the /system partition in some way are detected via this method.
(more boring info here http://www.howtogeek.com/241012/saf...y-and-other-apps-dont-work-on-rooted-devices/ )
It must also check the permissions of the /su/bin folder, as it should have a 751 permission profile (which is the described fix in the TOT root original post).
That is:
-Run "adb shell"
-From the shell run "su"
-On the # prompt run "chmod 751 /su/bin/"
Or, you can use root explorer to change the permissions octal to 751 for that folder.
It is set to this permission state in the rooted TOT upon first install. Obviously other root alterations you do may change it.
There are apps, such as Safetynet Helper sample (https://play.google.com/store/apps/details?id=com.scottyab.safetynet.sample), which can utilize the API to see if the API is tripped.
Right after installing the TOT and getting everything to boot properly, the app shows everything is still kosher. I was able to run Android Pay, add credit cards, and have confirmed with a payment transaction.
I believe any root app that doesn't make permanent changes to /system in and of itself will probably keep Android Pay working. Obviously, for instance, if you have a terminal program app with root, and run some commands that alter your system partition/files, it may trip SafetyNet, though just having the app installed does not.
EDIT1: As of 7/25/16, a change was made to the SafetyNet API and it now detects systemless root. Android Pay no longer works on rooted devices, regardless of method. A new method will need to be developed.
EDIT2: As of 8/22/16, a workaround has been developed and tested!​Developer @topjohnwu has created Magisk (http://forum.xda-developers.com/android/software/mod-magisk-v1-universal-systemless-t3432382). This is a new way of integrating systemless changes into Android devices. This includes root, xposed, etc. The unique thing with Magisk is that you can instantly un-root your device, run Android Pay, and then reactivate root, all without rebooting. It is pretty seamless.
See the referenced thread for the latest information. It does take some work to install but it's fairly straightforward.
If you want to start from a clean install, @Gungrave223 has detailed the steps here:
http://forum.xda-developers.com/showpost.php?p=68353051&postcount=22
If you want to keep your data, it's just slightly more work. Assuming you are starting with a rooted install, here is a quick summary on how to do this:
0. You may want to first un-register the cards you have in Android Pay. Some banks apparently only allow a set # of installs before they block additional installs, thus requiring you to call the bank directly to have them reset that number. If Android Pay resets (unsure what security changes trigger this), it will forget your cards, thus leaving those cards registered on a phantom install. Un-registering first may prevent this.
1. Get the Magisk flashable zip, the Magisk-altered phh-superuser.zip, and the Magisk manager apk from the referenced thread.
2. Go to SuperSU and select full unroot. DO NOT restore the stock boot.img. DO NOT restore the default recovery. The phone should reboot and your root will be lost.
3. You should now restore the stock boot.img. This can be done without losing your data or re-encrypting your data. There are 2 ways.
Flash autoprime's stock boot.img zip file through TWRP (recommended), OR
Flash the TWRP-ed TOT file through LGUP, using the UPGRADE (not refurbish) setting
Why not just allow SuperSU to restore the stock boot.img in step 2? Because it will reboot instantly into system and start encrypting your data, with no way for you to intervene and boot into TWRP first!
4. You likely did not have data encryption on your initial rooted installation. If you want to keep yourself un-encrypted, you MUST immediately boot into TWRP before the next power on. If you do not, it will re-encrypt your data. This is the default behavior of the stock boot partition, which you just restored in the step above. You can make this easy for yourself by TWRP flashing autoprime's stock boot.zip and then immediately doing the next steps. Note: Magisk can be installed just fine on a phone with an encrypted data partition if you don't care about data encryption.
Flash the magisk.zip from the Magisk thread. This installs Magisk and also disables the forced encryption (just like the dm-verity zip)
Re-establish root by then flashing the special modified phh-superuser.zip
Note: Chainfire's SuperSU is NOT compatible if you want to use Android Pay
5. Reboot into system. You need to then install from the Playstore phh's superuser app. You also need to install the Magisk manager apk. Grant all your usual apps root permission in the superuser app.
6. Run Magisk Manager and grant it superuser access. You'll find a simple toggle to mount/unmount root. Unmount! Check that SafetyNet will pass. If you've done everything right, it will!
7. Run Android Pay. Add your card(s) back. Mount root back and go about your business.
8. When you want to use Android Pay, unmount root and run the app. Here's a tricky part (and currently a work in progress). We do not know how often or when Android Pay checks for root. We DO know that it does this when you initiate adding a new card. So you can try an Android Pay transaction. If it fails (they often do, even if you are unmounted root at that time), pretend to add a card, cancel it, and then do the transaction again. It should work now!

pay was not working after I installed the Fluence patch, uninstalled xposed and Android Pay is working with no issues with root.

fatapia said:
pay was not working after I installed the Fluence patch, uninstalled xposed and Android Pay is working with no issues with root.
Click to expand...
Click to collapse
The Fluence patch has a huge # of system changes. I would totally expect xposed to break the SafetyNet.
So do you have Fluence still installed, with only xposed removed?

waylo said:
The Fluence patch has a huge # of system changes. I would totally expect xposed to break the SafetyNet.
So do you have Fluence still installed, with only xposed removed?
Click to expand...
Click to collapse
Yup you got it, I had been running Xposed off Fluence for a while until I left my wallet at home and didn't feel like starving. So I downloaded the Xposed uninstaller only, ran it in recovery and then let it reboot and Pay was working again.

I followed the instructions for rooting in this thread, http://forum.xda-developers.com/tmo...p-step-guides-rooting-t-mobile-lg-g5-t3388272 and then the instructions here to change the permissions but an still having problems. The only app root app I installed after rooting was an app to export google play music with track names intact.

What problems specifically are you having?
Did you install the safetynet helper app? What happens when you run it?
What root app did you install? Was it this one? http://forum.xda-developers.com/showthread.php?t=2620331 (play music exporter) aka https://www.david-schulte.de/en/play-music-exporter/
Looks like that app doesn't work in MM regardless, per the developer's page.

waylo said:
What problems specifically are you having?
Did you install the safetynet helper app? What happens when you run it?
What root app did you install? Was it this one? http://forum.xda-developers.com/showthread.php?t=2620331 (play music exporter) aka https://www.david-schulte.de/en/play-music-exporter/
Looks like that app doesn't work in MM regardless, per the developer's page.
Click to expand...
Click to collapse
Yes, that is the app. I noticed MM was not supported after I had it installed
I have installed and run the safetynet app and it shows it gets tripped on the CTS profile
---------- Post added at 02:03 PM ---------- Previous post was at 01:40 PM ----------
I just realized I also had Adguard installed. I have uninstalled it and turned off suppersu and restarted but the phone still does not pass the CTS profile check

Wondering if any of those apps made some changes to /system that were not completely reversed.
Doesn't look like that music app does any permanent changes anyway, rather just copies cache not normally accessible into another folder.
Can you check the permission profile of your /su/bin folder?
Briefly looking at the Adguard website I can't make out how its root version works exactly.
What other apps are listed under your SuperSU app list? You're not running xposed, right?

Apps listed in supersu are adb shell, root checker basic, and Titanium backup.
Titanium backup was installed after safetynet app test failed.
I'm not 100% sure what the permissions are but I followed your instructions above to change the permissions and it appeared to run correctly

eremeya said:
Apps listed in supersu are adb shell, root checker basic, and Titanium backup.
Titanium backup was installed after safetynet app test failed.
I'm not 100% sure what the permissions are but I followed your instructions above to change the permissions and it appeared to run correctly
Click to expand...
Click to collapse
SafetyNet still failing after the permissions change?

It was today. I can try changing them again tonight when I'm at my computer and report back.

I have confirmed that the folder permissions are set to 751

eremeya said:
I have confirmed that the folder permissions are set to 751
Click to expand...
Click to collapse
Well if we can't track down the actual changes made, and you're interested in getting Android pay to work, you could try reflashing the system partition.

It looks like from reports on other threads (Nexus mostly), that something has changed with the SafetyNet check. Phones that were working just fine yesterday now fail. Most likely something server-side was patched so now Android Pay will not work with systemless root.
Details updated as I find them.

For those interested in this topic, a pretty major development has occurred at this thread:
http://forum.xda-developers.com/android/software/mod-magisk-v1-universal-systemless-t3432382
Essentially, this is a brand new way to implement root systemless, which can be toggled via an app, without rebooting. This does allow the SafetyNet api to remain untripped. The steps involved include flashing back to stock kernel/system, flashing the application .zips, and flashing special SuperSU or SuperUser .zips. I have not done any of this yet as it is still very early.
There are some reports, unfortunately, such as this post:
http://forum.xda-developers.com/showpost.php?p=68045722&postcount=121
which reports that despite SafetyNet passing, Android Pay still does not work (user is on Nexus 6P).
I have read of no G5 users doing this yet, but there is a V10 user who has. Stay tuned.

I've been watching the Magisk threads for the past week and decided to take the plunge today. Many Nexus phones seem to have a lot of trouble with Android Pay, but other makes seem to do better. There were confirmations from LG G4 owners. As of this writing Magisk is on v3.
The install steps from the Magisk thread are this:
1. Reflash a stock boot.img to reset your systemless root
2. Flash Magisk.zip
3. Flash modified phh-superuser.zip (not the official one). Chainfire's SuperSU does not currently have as much support, but there is a modified supersu zip as well.
4. Boot and install phh's superuser app from the App store.
5. A 'magisk manager' app is installed via the flashed .zips. This allows you to turn off root for a set # of minutes, without rebooting.
Given the unique way the G5 is rooted, with automatic encryption, I figured it might not be so simple to install this if I wanted to keep my data without a full wipe. It quickly became much more complicated than what I wanted. Here's exactly what happened.
First, I made a full boot+system+data backup.
Then, these were my thoughts/concerns:
I have Adaway installed with the systemless addon zip and SuperSU installed. Magisk installation requests flashing back the stock boot.img. What would this do to the supersu install and Adaway?
The adaway systemless zip makes a script file which is kept in the /su/su.d/ folder. I removed this.
The SuperSU has a complete uninstall feature. As part of this uninstall process, it asks if you want to restore the boot.img (yes--this stock one is backed-up after the initial supersu.zip flash during our initial root/TOT process) and/or the recovery (no, don't do this, but it probably would not have done anything as there is no stock recovery backup). I thought this would accomplish our goal. It does warn you that you may have re-encrypting of the data partition if you go this route.
And unfortunately, after rebooting, it automatically and immediately encrypted the data partition.
Well shoot. Correct me if I'm wrong, but an encrypted data partition cannot be worked on. It booted just fine, but without root.
I started having some doubts at this time so I decided to try to restore back to my initial setup. Through TWRP, I wiped the data partition and flashed the no-verity.zip, to hopefully stop any re-encryption.
Then, after figuring out how to mount system properly (TWRP defaulted to mount system as r/o), I restored my nandroid backup in its entirety.
But upon reboot, it went immediately into bootloader mode. And it continued to do this after every battery pull and power on. I had never heard of this before! Finally, I realized I could still boot into TWRP. I flashed the 10Dcomplete.zip made by autoprime, restoring the boot and system partitions to stock. And then I flashed the magisk v3.zip and the modified phh-superuser zip.
It finally rebooted into Android, with data intact! Oddly, my unlock pattern had changed without my knowledge, but the backup PIN worked. I installed the market phh Superuser. Magisk is installed properly and it passes SafetyNet, and I can add cards to the app. I'll test out Android Pay next opportunity I have.
If I had to do it all again and wanted to keep data intact, this is what I would do.
1. Autoprime did make a 10D boot flashable zip. So this would restore the stock boot.img as intended. There are some files to clean up, such as data/su.img, but that can be dealt with later.
2. I do not know if just flashing the stock boot.img would result in re-encrypting. It probably would. So, immediately after flashing the boot.img in TWRP I would flash magisk and the phh-superuser.
Alternatively, they say you should not dirty flash for things this complex. So consider starting completely new from a 10Dcomplete flash with wiped data.

I've learned that Magisk will work fine with an encrypted data partition, so if you are set on having that, it won't be a problem.

waylo said:
I have a thread here discussing Android Pay while rooted on our G5s:
http://forum.xda-developers.com/tmob...le-g5-t3395036
I thought I was the only one who cared about this kind of stuff!
Which version Magisk did you install?
I just did this 2 days ago but haven't had the opportunity to test AP yet.
What rooted apps are you running? AdAway?
Click to expand...
Click to collapse
To answer your question... I'm using v3 with his v2 of his modified phh superuser.
As for rooted apps...yes AdAways still works perfectly....TB...my one time use of System App Remover etc...
I haven't been able to test Android util tomorrow....but SafetyNet did pass when Magisk was disabled and failed when enabled.
I'll report back tomorrow after I go buy my weekly chicken at my local Fresh Mart.

I'm using the same install as you.
I tried it this AM for the first time and it failed.
On the Magisk-AP thread, someone has posited that maybe the AP app caches any root inquires during that boot. So if you test out AP and it fails while the root is active, it will remember that failure until the next reboot.
That could explain how so many people are getting weird inconsistent results. I'm testing out that theory later today.

Bah, still doesn't work, even if done immediately after a reboot =(

How to install Magisk v12.0 root, re-enable Samsung Health, and pass safetynet

sorry guys Magisk currently does not pass safetynet checks (24-06-2017) so this guide is a bit out of date but you can still use it, I will make another guide for this once magisk v13 comes out and fixes this problem
Hi guys! just a quick guide on how to install magisk, re-enable use of Samsung Health, and pass SafetyNet and be play store certified.
This guide will be pretty brief as i don't have the time or commitment to do an in-depth guide and I believe if you are here that you should know what you are doing (if anyone wants to make this in-depth, please be my guest).
this guide is for people who have tripped knox and still want to use s health while still getting the most out of their phone
You will need:
Odin:
https://www.androidfilehost.com/?fid=529152257862705230
TWRP for your device (you should be able to find guides with the download link)(you should also flash back to complete stock if you are already rooted to avoid any problems with previous roots)
no-verity-no-encrypt_ashyx.zip:
https://www.androidfilehost.com/?fid=24591000424951049
Magisk v12.0:
https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445
Now that you have those 4 files we can start.
Skip steps 1-6 if you already have root and only wish to use samsung health
1. put magisk v12.0 and dm-verity patch onto the sdcard in the phone
2. flash TWRP using odin
3. boot into recovery and swipe to allow modifications.
4. under wipe there should be a button to format data (its in the bottom right). you will need to do this to flash magisk and dm verity.
5. flash Magisk and THEN dm verity
6a. boot into phone and complete setup to get to home page.
6b. download any systemless root app that you want (adaway works you just have to turn on systemless host files in magisk settings + viper4andriod has a module in magisk that you download for it to work)
(DO NOT TURN ON HIDE MAGISK UNTIL THE END)
7. download the app buildprop editor, open it and grant it root. search for the line ro.config.tima=1 and change the value from 1 to 0.
8. reboot the phone and you should now be able to use s health.
continue following if you wish to pass safetynet and be playstore certified (set up your root apps like viper and adaway before doing this)
9. go into magisk settings and enable the setting Magisk Hide. reboot phone. check that you pass safetynet in magisk manager after booting up again
10. go into app manager, find google play store, tap storage and then clear the data.
11. open app again and you should be certified. (this took me a few tries. not sure if it was play store needing to update the property or me needing to reboot the phone)
12. Yay! your device should now be able to pass safetynet and will be play store certified in the play store app. you should soon be able to see netflix in the play store again.
source: I done this on my a520 just on the weekend to be able to update netflix

I'll try this next update, thnx!

Does this require an external sd card?

korwynkim said:
Does this require an external sd card?
Click to expand...
Click to collapse
Yes i believe so, although I have never tried doing it without

According to the XDA page of Magisk it already supports dm-verity and forceencrypt. So is the separate download of no-verity-no-encrypt_ashyx.zip still necessary?
Edit: What does the change " ro.config.tima=0" do?

reayard said:
According to the XDA page of Magisk it already supports dm-verity and forceencrypt. So is the separate download of no-verity-no-encrypt_ashyx.zip still necessary?
Edit: What does the change " ro.config.tima=0" do?
Click to expand...
Click to collapse
oh i did not know that it supported it already so maybe its not? not sure, try it out and see what happens?
the config change make it so that the rom thinks you still have knox enabled to you are able to use samsung health still (it got a "security update" that makes it so that phones with knox tripped will not be able to use it)

Good to know ! Thank so much !
But what's the real possibilities of this recent "magisk" ?
It can root with systemless ?
And in theory with systemless-root ,that don't trip the knox and we can use all apps and full hardware ....because it consider that the system is safe and untouched ===> i'm truth or wrong ?

Loulou-13 said:
And in theory with systemless-root ,that don't trip the knox...
Click to expand...
Click to collapse
According to some other threads (and if I remember correctly from my own experience with the S7) Knox gets triggered as soon as you flash a custom recovery.
A positive effect of Magisk vs. SuperSU could be that system updates are still possible as the system partition is still unchanged. On the other hand the custom recovery will most probably cause the update to fail.
What seems to make Magisk superior to SuperSU is MagiskHide so that the system appears to be unchanged for PlayStore and apps using SafetyNet.

reayard said:
According to some other threads (and if I remember correctly from my own experience with the S7) Knox gets triggered as soon as you flash a custom recovery.
A positive effect of Magisk vs. SuperSU could be that system updates are still possible as the system partition is still unchanged. On the other hand the custom recovery will most probably cause the update to fail.
What seems to make Magisk superior to SuperSU is MagiskHide so that the system appears to be unchanged for PlayStore and apps using SafetyNet.
Click to expand...
Click to collapse
Thank so much for sharing Samsung experience
Before i have had olds goods samsung fully customised ! It was funny before ,at this time ....and then always have had LG phones and just an unlock of bootloader+Systemless root din't have problem at all (full playstore&experience)
Now with the samsung evolution and my new A5 ,i don't want at all loose OTA updates,knox flag.... and all functions+playstore as you have said . And magisk is recent...
I want to be sure at 100....0000% that "magisk" systemless root doesn't affect anything .
i'm not interested at all by TWRP ...completely useless until there eventually have "real" customs developments and many things can be flashed by flashfire,flashify....

Loulou-13 said:
I want to be sure at 100....0000% that "magisk" systemless root doesn't affect anything .
i'm not interested at all by TWRP ...completely useless until there eventually have "real" customs developments and many things can be flashed by flashfire,flashify....
Click to expand...
Click to collapse
I doubt that FlashFire or Flashify can flash anything without root. The website of FlashFire for example says "FlashFire is the most advanced on-device firmware flasher available for rooted Android devices.". And the same for Flashify: [APP][4.0+][ROOT] Flashify.

reayard said:
I doubt that FlashFire or Flashify can flash anything without root. The website of FlashFire for example says "FlashFire is the most advanced on-device firmware flasher available for rooted Android devices.". And the same for Flashify: [APP][4.0+][ROOT] Flashify.
Click to expand...
Click to collapse
Yes yes....sure...i didn't have precised...
Root with a method who din't need twrp and don't touch samsung things....and then flash what we want with these apps ...

Hi, Im XxViRUsPRO.
1.You Need Magisk Manager (Removed Form PlayStore) So this is the Download Link https://mega.nz/#!olRzFRTZ!eNOb6yVtvsAlb3V8sIOaRRfsHtQG952_WU--3TCDvck
2.To Use S Health On Rooted Phone You Need To Edit /System/Build.prop
and Change ro.config.tima=1 to ro.config.tima=0 using (Es File Explorer or Root Browser)

safety net check does not pass in Samsung galaxy a5 2015
What is this dm verity and for encryption? I have the latest magisk and i see those options in my magisk manager but donot know its utilization! and probably for the same reason my safety net check does not pass in Samsung galaxy a5 2015
reayard said:
According to the XDA page of Magisk it already supports dm-verity and forceencrypt. So is the separate download of no-verity-no-encrypt_ashyx.zip still necessary?
Edit: What does the change " ro.config.tima=0" do?
Click to expand...
Click to collapse

Dis any one could enable the fm chip in nougat once rooted ,in Canada Samsung disable the fm chip and i would get it back

why does flashing magisk wipes all user data including internal storage?

Samsung A5 sm-a500f

What's the deal with magisk?

Ok so, I have known magisk for its root hide feature.....as systemless root method and, you know, first things you read about it
Now I'm realizing it's bigger than that......with modules!
wow, xposed wasn't f%&ing up our devices enough, now we need magisk modules too
joke, anyway....I once tried to flash it and resulted in bootloop (like 5/6 months ago) so it was closed story for me
BUT again....I see everyone asking for it, modules and stuff....
I know that unless you use special carrier features is not mandatory
So now....these are my questions to you, magisk power users:
1) Is it better/less invasive on the system than lastest superSU beta?
2) is it better for performance? or stability?
3) are there really useful modules? do many modules break things, decrease performance/stability as xposed does? (yes. I hate xposed)
thank you for your attention

Since no one else has given input yet, although I'm not very experienced with Magisk, I'm using it right now for the first time.
The most popular reason for using Magisk as far as I've noticed is so that you can successfully and easily hide that you're rooted so that you can use Android Pay, Pokemon Go and some other apps that check for that.
The only reason I'm using Magisk right now is because I'm running Viper10 ROM with it's all SuperSU option and although I believe my phone kept root after the Play Store SuperSU update to 2.80 and updating binaries/rebooting, the update to 2.81 broke SuperSU for me so badly that even flashing 2.8x or 2.79 SR3 SuperSU zips didn't restore root/SuperSU even after a dirty flash of the ROM.
I could've restored a TWRP backup but instead did a dirty flash of the ROM but with the full Magisk option and now root is restored.
Overall I like SuperSU better because I don't need any apps that won't run while detecting root, and I like SuperSU's ability to require a pin when granting superuser access.
By the way I really liked Xposed but I don't need it as much any more because of Nougat's custom tiles feature and the excellent ROMs available.

I'm really glad you asked this because I can' tseem to find a proper tutorial on how to install magisk and keep things such as my Banking app and other Finger print recognition software working correctly.
Have you found a tutorial which shows you how to do this?

gaiden0000 said:
I'm really glad you asked this because I can' tseem to find a proper tutorial on how to install magisk and keep things such as my Banking app and other Finger print recognition software working correctly.
Have you found a tutorial which shows you how to do this?
Click to expand...
Click to collapse
Instructions are in the Magisk thread:
https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445
If you already have twrp then it's as easy as just flashing the zip file. For your banking app etc, after you've flashed Magisk from the above thread, you just need to open the Magisk Manager app, go to settings and enable Magisk Hide. Then go into the Magisk Hide menu and chose the apps want to hide root from.

Magisk is an amazing creation.
Although I am in no way a power user of Magisk, as I don't use it myself, at the moment. This doesn't mean I don't recognize the importance and brilliance of the Application and what it can do.
For awhile, it was mandatory to use Magisk ROMs for VoLTE/Wi-Fi Calling on Nougat firmware, but that was squashed (updater-script issues if I recall correctly. A great team effort though for those that fixed it).
Anyway, I guess my .2 cents is this. If you need a system-less set-up, for whatever reason. Be it Pokemon, or banking applications, etc...
Then Magisk is highly suggested, and really the only route. The modules that are being created are amazing.. However, they don't do anything that can't be done to the system itself. Unlike Xposed, which could do a lot of things (I also hate Xposed..) with its modules, this is different.
Such as this recent Magisk Module that was shared, I just went ahead and enabled it manually in my ROM.
Since I have no use for system-less I run my device the same way I always have. TWRP recovery and flashing custom ROMs. The latest SuperSU has fixed all root issues for myself on Sense based ROMs, and I like to use the stock LOS SuperUser on AOSP/LOS based ROMs.
I use multirom and it is an amazing creation, should check it out. Worth a peek.
Best of luck with whatever direction you decide to go.

Lineage 14.1 Root not active

Hey, today I flashed Lionage 14.1 in my Sm-j510fn with twrp. Now i wanted to installiert Root and flashed Root in my device. In the dev settings i ticked Apps and ADB. But if i now want to open Root checker and check it, it says that my device is not rooted. In Es file Explorer i also can not tick Root mode.
Anyone help PLZ
Thanks

DoppelM said:
Hey, today I flashed Lionage 14.1 in my Sm-j510fn with twrp. Now i wanted to installiert Root and flashed Root in my device. In the dev settings i ticked Apps and ADB. But if i now want to open Root checker and check it, it says that my device is not rooted. In Es file Explorer i also can not tick Root mode.
Anyone help PLZ
Thanks
Click to expand...
Click to collapse
Download a recovery flashable zip from here: and flash in TWRP.
http://www.supersu.com/download
Sent from my N9515 using Tapatalk

bcrichster said:
Download a recovery flashable zip from here: and flash in TWRP.
http://www.supersu.com/download
Click to expand...
Click to collapse
I would not give up so soon. At least try a clean installation of ROM and addonsu in one twrp session.

DoppelM said:
Hey, today I flashed Lionage 14.1 in my Sm-j510fn with twrp. Now i wanted to installiert Root and flashed Root in my device. In the dev settings i ticked Apps and ADB. But if i now want to open Root checker and check it, it says that my device is not rooted. In Es file Explorer i also can not tick Root mode.
Anyone help PLZ
Thanks
Click to expand...
Click to collapse
https://download.lineageos.org/extras you can download it here just choose 14.1 between the 3 arm arm64 x68 depending on your device. flashing lineageOS nightlies doesnt automatically root your device

shadow_blitz said:
you can download it here just choose 14.1 between the 3 arm arm64 x68 depending on your device. flashing lineageOS nightlies doesnt automatically root your device
Click to expand...
Click to collapse
he said he already did that.
why can no one give a real answer to this issue. Installed the correct extras, says root for adb and apps in developers mode, but will not give root access to apps that need root, nor can you remove/rename system apps as permission denied. No prompts, no questions, just denied. Adaway will just refuse to open saying the device needs to be rooter. SuperSU says that Su is occupied, and flashing it from TWRP causes a boot loop.
It was a lot better when it was part of the rom, why the decision to remove it? all it causes is headache and people reverting away from the rom.

wrecche said:
he said he already did that.
why can no one give a real answer to this issue. Installed the correct extras, says root for adb and apps in developers mode, but will not give root access to apps that need root, nor can you remove/rename system apps as permission denied. No prompts, no questions, just denied. Adaway will just refuse to open saying the device needs to be rooter. SuperSU says that Su is occupied, and flashing it from TWRP causes a boot loop.
It was a lot better when it was part of the rom, why the decision to remove it? all it causes is headache and people reverting away from the rom.
Click to expand...
Click to collapse
We are talking about an unofficial LineageOS? Maybe you should talk with the person that built it.

any solution ?

Me 2
I am having the same issue.
I installed the su extra package using TWRP 3.2 .
I now have the "root" and "manage root acesses" menus under development options.
I enabled "apps and adb" option.
When I type "su" in any terminal app (including the built in one), I get "permission denied"
With root access set to "disabled", when I type "su" I get "command not found".
With root access set to "apps and adb", if I run a root checker app or try to use any app that requires root, I do not get a prompt to allow root access, and I do not get any notifications from Privacy Guard, either.
The root checker apps all say that I do not have root.
Even after running apps that should request root, when I look in the "manage root accesses" menu, it says that no apps have requested root yet.
What gives? I am really trying to use the built in root access features, I do not want to use SuperSU. Partly because SuperSU did not work either (same behavior as above), and because I don't like SuperSU's bloated code and proprietary implementation.
I really hope we can get this working, If I can provide any other info to anyone who wants to help, let me know.
I am seeing a lot of posts about this in relation to Lineage 14.1 and 15.1 and roms based on those builds. The issue is apparent on multiple different devices, so I suspect it is an issue with the base lineage source somewhere. I havn't looked at the source, though, so I don't really know... All I do know is that this is very frustrating.

m1st3r3 said:
I am having the same issue.
I installed the su extra package using TWRP 3.2 .
I now have the "root" and "manage root acesses" menus under development options.
I enabled "apps and adb" option.
When I type "su" in any terminal app (including the built in one), I get "permission denied"
With root access set to "disabled", when I type "su" I get "command not found".
With root access set to "apps and adb", if I run a root checker app or try to use any app that requires root, I do not get a prompt to allow root access, and I do not get any notifications from Privacy Guard, either.
The root checker apps all say that I do not have root.
Even after running apps that should request root, when I look in the "manage root accesses" menu, it says that no apps have requested root yet.
What gives? I am really trying to use the built in root access features, I do not want to use SuperSU. Partly because SuperSU did not work either (same behavior as above), and because I don't like SuperSU's bloated code and proprietary implementation.
I really hope we can get this working, If I can provide any other info to anyone who wants to help, let me know.
I am seeing a lot of posts about this in relation to Lineage 14.1 and 15.1 and roms based on those builds. The issue is apparent on multiple different devices, so I suspect it is an issue with the base lineage source somewhere. I havn't looked at the source, though, so I don't really know... All I do know is that this is very frustrating.
Click to expand...
Click to collapse
I bet you have installed unofficial lineageOS. On all my officially supported devices root works as expected.

kurtn said:
I bet you have installed unofficial lineageOS. On all my officially supported devices root works as expected.
Click to expand...
Click to collapse
Essentially saying 'it works great for me, you must be doing something wrong' isn't actually a very practical troubleshooting approach. While there is definitely the possibility that I am doing something wrong, troubleshooting will reveal if I have made a mistake and will also benefit the loads of other people posting about similar or same issues. That's why we have forums, right?
You bet wrong, do I win anything?
Like I mentioned, I have experienced this issue with both Lineage 14.1, 15.1, as well as unofficial builds and ROMs based on Lineage.
It is hit or miss, in most cases I just tried flashing different ROMs on my devices until I find one that has working built-in root.
I had a lot of issues installing the official builds on my 'bacon' device, I eventually went with resurrection remix instead. That was the only Oreo build that built-in root packages worked with.
In the case of my 'klte' (g900v variant), I installed 7 different Oreo based ROMs. Since there is no official Lineage build for the 'klte' (which is sad, it's a great device), I was using all unofficial builds in the case of this device. They were all based on Lineage, or just unofficial Lineage builds focused on supporting the klte. I couldn't get the built in root functionally working on any of these builds (Lineage unofficial 14.1 & 15.1, Havoc OS, etc). If anyone thinks it will help, I can elaborate further on which packages and versions I used...

Rooted lineageos not recognized
I have exactly the same issue with my Samsung S3 I9300.
I flashed it with lineageos using CWM and thereafter I flashed with the extra armsu. I cannot see anything I could have done wrong. However, neither Titanium nor a root checker recognizes the rooted state. As far as I can see there are quite many having the same issue. Unfortunately most replies are just best guesses like flash with TRWP or add gapps (the katter didn't solve the oroblem either. I am not an expert but I successfully got rid of extremely persisting boot loops most probably caused by Magix which I avoided therefore with this try to root the lineageos.

warbexda said:
I have exactly the same issue with my Samsung S3 I9300.
I flashed it with lineageos using CWM and thereafter I flashed with the extra armsu. I cannot see anything I could have done wrong. However, neither Titanium nor a root checker recognizes the rooted state. As far as I can see there are quite many having the same issue. Unfortunately most replies are just best guesses like flash with TRWP or add gapps (the katter didn't solve the oroblem either. I am not an expert but I successfully got rid of extremely persisting boot loops most probably caused by Magix which I avoided therefore with this try to root the lineageos.
Click to expand...
Click to collapse
So what's your goal? Just moaning or asking for help? In the 2nd case you should provide more details like filenames and procedures.
And yes. Root works well on my S3.

kurtn said:
So what's your goal? Just moaning or asking for help? In the 2nd case you should provide more details like filenames and procedures.
And yes. Root works well on my S3.
Click to expand...
Click to collapse
Yes you are right. Just moaning is not an option. Here are the details:
1. Flashed with lineage-14.1-20181025-nightly-i9300-signed.zip using CWM
2. Installed Titanium (with "not rooted" as result of course)
3. Installed addonsu-15.1-arm-signed.zip using CWM and changed the setting to "apps and ADB" , an option which I didn't have before - however, with no effect on Titanium
4. Checked root status with "Root Checker" which resulted in "not rooted"
5. Installed open_gapps-arm-7.1-pico-20181120.zip using CWM (because someone suggested it as solution) - with no effect.
Now to the observed "irregularities":
1. The installation of the "addonsu" which I repeated had a "Warning: No file_contexts." but ended successfully
2. The reboot metioned: " Root access possibly lost. Fix?" which I replied with "Yes fix root (/system/xbin/su)"
Possibly worth to be mentioned: Titamium tries with command "system/bin/su". I've checked that su resides in both directories bin and xbin with identical size
In writing this I realized the version mismatch 14.1 lineageos and 15.1 addonsu. I uninstalled addonsu 15.1 and installed addonsu 14.1 instead and THIS SOLVED THE PROBLEM
Many thanks for your help.

warbexda said:
Yes you are right. Just moaning is not an option. Here are the details:
1. Flashed with lineage-14.1-20181025-nightly-i9300-signed.zip using CWM
2. Installed Titanium (with "not rooted" as result of course)
3. Installed addonsu-15.1-arm-signed.zip using CWM and changed the setting to "apps and ADB" , an option which I didn't have before - however, with no effect on Titanium
4. Checked root status with "Root Checker" which resulted in "not rooted"
5. Installed open_gapps-arm-7.1-pico-20181120.zip using CWM (because someone suggested it as solution) - with no effect.
Now to the observed "irregularities":
1. The installation of the "addonsu" which I repeated had a "Warning: No file_contexts." but ended successfully
2. The reboot metioned: " Root access possibly lost. Fix? Which I replied with "Yes fix root (/system/xbin/su)"
I hope this helps.
Click to expand...
Click to collapse
Ha! For a 14.1 Rom you need a 14.1 addonsu

For future readers:
There are two versions of lineage os root images, 32 and 64 bit. Please check that you installed correct one, this way I solved this problem!

Solution
wrecche said:
he said he already did that.
why can no one give a real answer to this issue. Installed the correct extras, says root for adb and apps in developers mode, but will not give root access to apps that need root, nor can you remove/rename system apps as permission denied. No prompts, no questions, just denied. Adaway will just refuse to open saying the device needs to be rooter. SuperSU says that Su is occupied, and flashing it from TWRP causes a boot loop.
It was a lot better when it was part of the rom, why the decision to remove it? all it causes is headache and people reverting away from the rom.
Click to expand...
Click to collapse
Did you get any solution???????

Atharva C said:
Did you get any solution???????
Click to expand...
Click to collapse
Solution for what? I think lineageOS people found the best way to ship a non-pre-rooted ROM with native root solution.

NO ROOT Access
kurtn said:
Solution for what? I think lineageOS people found the best way to ship a non-pre-rooted ROM with native root solution.
Click to expand...
Click to collapse
Are u able to provide a way to Root?

Atharva C said:
Are u able to provide a way to Root?
Click to expand...
Click to collapse
Flash the su package from download/extras matching your lineageOS version. Enable root in settings/developer

NO ROOT Access yet #failed
kurtn said:
Flash the su package from download/extras matching your lineageOS version. Enable root in settings/developer
Click to expand...
Click to collapse
Root for adb and apps in developers mode, but will not give root access to apps that need root, nor can you remove/rename system apps as permission denied. No prompts, no questions, just denied. Adaway will just refuse to open saying the device needs to be rooter. SuperSU says that Su is occupied, and flashing it from TWRP causes a boot loop.

Tab S7+ SM-T970 SafetyNet

Hi I rooted my tab s7+ sm-t970 but when I use magisk it give me a SafetyNetApi error it never passes can someone help me fix this. Thank you

I have the same exact issue.

Maybe could be our root?

homogamez said:
Maybe could be our root?
Click to expand...
Click to collapse
I guess its possible. It's been a long time since I've rooted something. When I open the Magisk app it says install next to magisk and the same for app. I hit install and it goes through the processes but nothing happens. There's no other area to add modules or anything. Can we go start over and do it again without breaking something? I'm lost. lol

It also happens on One Ace and N10
Hopefully next version will fix it

I can use banking app but not netflix. I get the red warning at boot up so I figure I gotta be rooted. Maybe I'll try adding TWRP
EDIT:
Went to backup using TWRP and said my device isn't rooted. I give up. lol

There's a discussion about this issue. There's an error on API key.
You can get Safety net check from play store and see the actual results

Let me look for this thread because I don’t see a way to fix

Safetynet api error
Hello looking for help as I can't figure out what's wrong. I've tried downloading the code on only wifi and only mobile data and I still get the api error. I'm not running any add blockers. Using magisk canary.
forum.xda-developers.com

I'm about to become your favorite person ever, everyone! ​​I am currently passing SafetyNet after flashing the kdrag0n safetynet-fix to my Samsung Galaxy Tab S7+ SM-T970 and enabling the MagiskHide Props Config module in Magisk.​
HOWEVER, as was the case with literally all of the stock-based ROMs for the Galaxy S8, it appears that there will still be issues with a select few apps. For example, you will get soft-banned from Snapchat every few days. Also, certain healthcare apps will still be able to detect root (likely all related to Knox, since a Pixel 5 rooted via the same methods will launch the same apps without issue).
All the best from your fellow tinkerer - Godless1
(P.S. I'm going to copy and paste this into its own thread for better visibility.)