Build Android with Superuser

Kevin Parker picture Kevin Parker · Apr 8, 2011 · Viewed 16.4k times · Source

Does anyone know how to include super-user privileges when building android from source (AOSP)?

Answer

m-ric picture m-ric · Sep 27, 2012

To get a root(ed) shell, edit system/core/rootdir or the init.rc associated to your device (e.g. device/ti/panda/init.rc for pandaboard) in android sources, and change those lines:

service console /system/bin/sh
    class core
    console
    disabled
    user shell
    group log

into:

service console /system/bin/sh
    class core
    console
    disabled
    user root 
    group root

To embed Superuser.apk in AOSP, you have to fetch and build:

  1. su-binary (e.g. in external/) and stub/remove system/extras/su package.
  2. Superuser (e.g. in packages/app/)

You may also have to set the sticky bit of /system/xbin/su in su-binary/Android.mk. For instance, I used following makefile:

LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)

LOCAL_MODULE := su
LOCAL_SRC_FILES := su.c db.c activity.cpp

SU_SHARED_LIBRARIES := liblog libsqlite
ifeq ($(PLATFORM_SDK_VERSION),4)
    LOCAL_CFLAGS += -DSU_LEGACY_BUILD
    SU_SHARED_LIBRARIES += libandroid_runtime
else
    SU_SHARED_LIBRARIES += libcutils libbinder libutils
    LOCAL_MODULE_TAGS := eng
endif

LOCAL_C_INCLUDES += external/sqlite/dist

LOCAL_SHARED_LIBRARIES := $(SU_SHARED_LIBRARIES)

LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)


SU_INSTALL_DIR := $(TARGET_OUT)/xbin
SU_BINARY := $(SU_INSTALL_DIR)/su
# taken from busybox-android
$(SU_BINARY)-post: su
    @echo "Setting SUID/GUID to su-binary..."
    chmod ug+s $(TARGET_OUT_OPTIONAL_EXECUTABLES)/su

SU_CMD := su
SYMLINKS := $(addprefix $(TARGET_OUT_EXECUTABLES)/,$(SU_CMD))
$(SYMLINKS): $(LOCAL_INSTALLED_MODULE) $(SU_BINARY)-post $(LOCAL_PATH)/Android.mk
    @echo "Symlink: $@ -> /system/xbin/$(SU_CMD)"
    @mkdir -p $(dir $@)
    @rm -rf $@
    @ln -sf /system/xbin/$(SU_CMD) $@

ALL_DEFAULT_INSTALLED_MODULES += $(SU_BINARY)-post $(SYMLINKS)

include $(BUILD_EXECUTABLE)