forked from nolirium/aroc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
02SEPatch.sh
114 lines (101 loc) · 4.06 KB
/
02SEPatch.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
#!/bin/sh -e
echo "Test Rooting scripts for Android on Chrome OS"
sleep 0.1
echo
echo "Version 0.25"
sleep 0.1
echo
echo "Unofficial scripts to copy SuperSU files to an Android system image on Chrome OS"
sleep 0.1
echo
echo "Part 2 of 2"
sleep 0.1
echo
echo "There is an SE Linux policy file located at /etc/selinux/arc/policy/policy.30, which can be patched with SuperSU's patching tool."
sleep 0.1
echo
echo "This script assists with the process."
sleep 0.1
if [ ! -e /opt/google/containers/android/rootfs/root/system/xbin/su ]; then
echo
echo
echo "Checking for the presence of SuperSU..."
sleep 1
echo
echo "Error!"
echo "SU binary not found! Unable to continue."
echo
echo "You may need to retry script 01Root.sh and check its output for any errors. If you ran script 01Root.sh without rebooting, you do need to reboot before running this script."
exit 1
else
echo
if [ ! -e /etc/selinux/arc/policy/policy.30.old ]; then
echo "Copying original policy.30 to /etc/selinux/arc/policy/policy.30.old"
cp /etc/selinux/arc/policy/policy.30 /etc/selinux/arc/policy/policy.30.old
fi
if [ ! -e /usr/local/Backup/policy.30.old ]; then
mkdir -p /usr/local/Backup
echo "Copying original policy.30 to /usr/local/Backup/policy.30.old"
cp /etc/selinux/arc/policy/policy.30 /usr/local/Backup/policy.30.old
fi
echo "Copying policy.30 to /home/chronos/user/Downloads/policy.30 to allow Android access to the file".
cp -a /etc/selinux/arc/policy/policy.30 /home/chronos/user/Downloads/policy.30
echo
echo "Opening an Android shell and attempting to patch policy_30."
sleep 0.1
echo
echo
# Testing out sending the command via printf
printf 'su -c supolicy --file /var/run/arc/sdcard/default/emulated/0/Download/policy.30 /var/run/arc/sdcard/default/emulated/0/Download/policy.30_out --sdk=25 \n su -c "chmod 0644 /var/run/arc/sdcard/default/emulated/0/Download/policy.30_out"' | android-sh
# Old version, requiring manual copy and paste, is commented out below.
# echo "Copy and paste the following two su commands into the Android shell."
# echo "Hit Enter after each one."
# echo "If SuperSU is present, the first command should patch the file and display a message indicating this."
# echo
# echo "NOTE: If you are still running Android 6.0.1 (Marshmallow), change --sdk=25 to --sdk=23 at to the end of the first command."
# sleep 2
# echo
# echo
# echo
# echo
# echo "su -c "supolicy --file /var/run/arc/sdcard/default/emulated/0/Download/policy.30 /var/run/arc/sdcard/default/emulated/0/Download/policy.30_out --sdk=25""
# echo
# echo
# echo "su -c "chmod 0644 /var/run/arc/sdcard/default/emulated/0/Download/policy.30_out""
# echo
# echo
# echo
# echo
# echo "After copy/pasting the commands, leave the Android shell by typing:"
# echo
# echo "exit"
# echo
#
#android-sh
if [ -e /home/chronos/user/Downloads/policy.30_out ]; then
echo
echo "Overwriting policy.30"
echo "Copying patched policy from /home/chronos/user/Downloads/policy.30_out to /etc/selinux/arc/policy/policy.30"
cp -a /home/chronos/user/Downloads/policy.30_out /etc/selinux/arc/policy/policy.30
echo "Setting SE Linux to 'Permissive' temporarily"
setenforce 0
echo "Copying Android /sepolicy to /usr/local/Backup/sepolicy.old"
cp -a /opt/google/containers/android/rootfs/root/sepolicy /usr/local/Backup/sepolicy.old
echo "Overwriting Android /sepolicy with patched policy.30"
cp -a /home/chronos/user/Downloads/policy.30_out /opt/google/containers/android/rootfs/root/sepolicy
echo "Setting permissions and context for /sepolicy"
chown 655360 /opt/google/containers/android/rootfs/root/sepolicy
chgrp 655360 /opt/google/containers/android/rootfs/root/sepolicy
chcon u:object_r:rootfs:s0 /opt/google/containers/android/rootfs/root/sepolicy
sleep 0.1
echo "Done!"
echo "Please reboot now"
else
echo
echo "Error!"
echo "Patched SE policy file not found! Unable to complete the procedure."
echo
echo "You may need to retry script 01Root.sh and check its output for any errors."
exit 1
fi
fi