The ramdisk itself contains - for instance - default.prop that can be edited to unsecure the image - that means having adb shell directly as root, or ability to use adb remount
Boot partition can be extracted with dd if=/dev/mtd/mtd2 (on Nexus S) or as generic way, from recovery using flash_dump boot boot.img
Needed steps are:
$ unpack-bootimg.pl boot.img
kernel written to boot.img-kernel.gz
ramdisk written to boot.img-ramdisk.cpio.gz
removed old directory boot.img-ramdisk
gzip: ../boot.img-ramdisk.cpio.gz: decompression OK, trailing garbage ignored
529 blocks
extracted ramdisk contents to directory boot.img-ramdisk/
$ cd boot.img-ramdisk/
# ... do whatever edits you need ...
# Repack
$ find . | cpio -o -H newc | gzip > ../boot.img-ramdisk-new.cpio.gz
$ cd ..
$ mkbootimg --kernel boot.img-kernel.gz --ramdisk boot.img-ramdisk-new.cpio.gz --base 0x30000000 --pagesize 4096 -o boot.img.new
Example 1 - Unsecuring boot.img
After unpacking the img, we can chdir to unpacked ramdisk folder and change in default.prop:ro.secure=1
ro.secure=0
Example 2 - Adding init.d support
At the end of init.rc we may add (if we also add busybox to system.img of course):
# Execute files in /etc/init.d before booting
service userinit /system/xbin/busybox run-parts /system/etc/init.d
oneshot
class late_start
user root
group root
Attach: mkbootimg.zip containing all needed tools
thank u very much for ur post, however can u plz give us whole procedure step by step. thanks
ResponderEliminarI have a problem when i tried to pull data from android device which requests root access for adb. adb root displays "adbd cannot run as root in production builds" I tried every thing but it does work. I think ur .pl will be work however I dont have no idea to how to run. can plz help me.
ResponderEliminarthanks
yamoulyss
BTW I use Galaxy S3
ResponderEliminarRICARDO E GAY
ResponderEliminar