The old phone's hostname is
selen. The new phone will have the
orion until it's set up and reasonably operational, whereupon
Selen will be renamed to Selen-S5 and Orion will be renamed to Selen.
The IP addresses follow the names; the MAC
address stays with the chassis. I've paid for one phone line, and the
micro-SIM is in Selen. When I do the changeover I will need to get a nano-SIM
for the new phone. And to make sure that the phone number isn't randomized.
This will take a trip to the brick and mortar store.
There are hints in the documentation about dual SIM operation on some models. To find out, dial the phone, give it the number *#06# and it will show the IMEI(s), one per SIM slot. Too bad, I have only one slot. And if it were dual, both would be nano size. The second SIM goes in the SD card slot (despite different sizes), so you can't have both at the same time.
What's in the box:
Going through the steps in Sony's Startup Guide:
drag outthe SIM and SD trays, which are at the left upper corner of the phone. Turn the screen downward. Remove the SIM/SD cover, which includes the SIM tray; don't drop and lose your SIM. You could break a fingernail doing this; you'll probably need something metallic. Once you get the cover off, you'll see a white layer at the bottom of both slots, and there's a cutout in the one under the SD tray, by which both together can be dragged out. Copy down the various numbers: Model, IMEI, SI, Type, FCC ID, IC. Drop the SIM and SD cards in the trays, if you have them, with the contacts up, i.e. toward the rear of the phone, and reassemble. (My strategy involves keeping the SIM out of the phone until after checkout.)
Set up as new.
Not Now(or ever).
If you do not sign in, you will miss out on a lot!Skip.
Five years ago I did a battery test on the Galaxy S5 like this:
When new, the Galaxy S5 would run this for 151 minutes, taking the battery
from 100% to 4%. Test conditions: executing in a local terminal, no other
active tasks, Wi-Fi and cell were enabled. Dropbear and a remote shell session
existed but were doing nothing, screen was about 50% bright with a dark
background, battery started fully charged to 100%. Here is the battery use
history, interpolating for the time (in minutes) at each percentage.
Cap'y is the run time as a ratio to the Galaxy S5 when
new. Run time is the relevant functional measure, but the Pioneer has more
nominal battery capacity (3.3 amp-hours at 3.15V) than the Galaxy S5, and its
8 core processor is supposed to use less energy for a standard app-like task,
whereas this test procedure doubles the number of cores doing sums, cutting
in half the run time. And the time to completion of the same file on one core
of the two devices is going to be different but is not measured.
|%Charge||Galaxy S5 2015||Galaxy S5 2020||Xperia X2 2020|
|Killed||151 (4%)||97 (5%)||277 (1%)||3.37V|
Recharging the Pioneer's battery using the provided 1.5A charger: similarly
times are in minutes, interpolated to even percentages. On both the provided
charger and my
smart charger both devices announce that they are
charging slowly, implying that high voltage on the power bus has not
been negotiated. The charge time (0 to 80%) could be speeded up substantially
if that were done, i.e. with a USB cable with type C connectors on both ends
(and a charger with such a connector), vs. the provided cable with type C
on the phone end and type A at the charger.
|%Charge||Xperia X2 2020|
There's an issue which for me is spiralling out of control: what to do about the Trim Area or TA partition. It contains your DRM keys for licensed preinstalled Sony content, plus other items like the IMEI and the Wi-Fi and Bluetooth MAC addresses, that are not license related.
If you unlock the bootloader it trashes the TA partition, or at least the DRM keys in the TA partition. I get the impression that they are encrypted and the key is wiped when you unlock. Confirmation from expert, see post #291 (at end of page 29).
The discussion of trimarea_tool by p0kemon (2016-12-09) (read lurid warning) suggests that the whole thing is in a weird format and is encrypted, but there are multiple keys, only one of which is deleted when you unlock the bootloader. This is jimc's interpretation and should not be taken as authoritative.
Warning: never flash a backed up TA partition from a different phone! People report that this bricks your phone, including at least two people who actually did it and now regret.
There are at least three programs available that can back up the TA partition and restore it. The LOS installation guide has no guidance for doing the backup; they wouldn't touch it with a 10 foot pole. This is going to be hard.
TWRP Recovery can back up the TA partition, but you can't flash TWRP until after you've unlocked the bootloader. You're saving and restoring an exact copy of the bytes, not decrypted, not interpreted, and not alterable (unless you have Sony secret keys to re-encrypt the altered items). So your DRM keys are gone forever, but there are important items that are preserved and that can be restored in extremely rare failure events like if malware vandalizes your TA partition.
You can't just use
dd to do the same thing because you
don't have, and aren't going to get, a SELinux security context that
allows you to read the raw device. Whereas Recovery does not have
SELinux (or more likely, didn't put it in enforcing mode) and can
read-write whatever it pleases.
To back up your TA partition in the main kernel, preserving your
DRM keys, you need to downgrade to the stock image for Android
Marshmallow, which is vulnerable to the
(Wikipedia article about it) (see
This exploit is used by the recommended backup program to
steal the contents of the partition.
Now a key question is, when you put a custom OS (CyanogenMod) on the phone, can you restore the TA partition and have the DRM keys work? Does anything bad happen if you do this? Are you going to be able to use whatever depends on the DRM keys, without support from the stock OS? Can you even extract and install, e.g. the stock camera app?
Another question: what do I lose if I botch (or don't do) the TA backup? Answering this will take some work.
Tutorial for backing up and restoring the Trim Area
by rickwyatt (2013-04-14). The backup-restore program (Backup-TA)
executes on Windows. Run it and make sure ta.img (the backup)
has been written. Run it with a different option to restore.
In between, he unlocked his bootloader and the DRM keys were lost,
ba2 (whatever that is, I couldn't find a
reference). And presumably he put on a
custom image. He says,
I then reflashed it with adb and
rebooted; my Sony Z was locked and DRM and BA2 were working again
as if I never unlocked it. Is he saying the custom image
was still there, or that he reflashed the stock OS plus TA area?
It looks like rickywatt did the procedure and wrote it up. See this tutorial by Yunlong (2014-10-13). DevShaft developed the BackupTA program. And the phone has to be rooted first. Yunlong also tells how to check if the keys are still working. On the Service Menu, run Service Test-Security, except the Pioneer doesn't have this test. It's under Service Info, and more stuff is shown. Under Suntory Blobs, I recognize two keys that other people have mentioned: CKB and WIDEVINE (I'm not sure what they do). On my stock image, both of them are OK[ACTIVE], which is good.
Xperia X: backup TA partition before unlocking bootloader (wiki
page, OP not stated, initiated 2017-10-09, last update 2018-06-10).
It's a very detailed howto, telling how to downgrade the stock image to
Marshmallow (Android-6) and then do the backup. There's also a link to
a different howto and to the Marshmallow stock image. Note, this is
not for the Xperia XA2
Pioneer but for Xperia X. The
introduction talks about returning your phone to original factory
condition, i.e. the stock OS plus the backed-up TA area.
naytsyrhc says: He followed a different howto (in German, his language), and it went smoothly. He put Sailfish on it and it looks like his DRM keys are still unavailable but Sailfish works.
Giacomo says: This is a PITA. I'd rather purchase another Xperia X than break my head with that process. (Jimc says: I kind of agree.)
Tidbit from somewhere else: To check if your DRM keys have been
trashed, open the service menu, service info, verify certificates.
On jimc's Xperia XA2
Pioneer with the stock image, it
reports 138 platform, 43 apps, 5 media, 7 shared packages, and
nothing that looks like an error message. Update: after my DRM keys
were trashed, this menu item gave the same count and no error message.
At one time, on a particular model, if you trashed your TA
partition, the camera would take pictures all in green, but when
this model was upgraded to Android 8
Oreo, the camera worked
normally with a trashed TA (within the reporter's ability to
judge normalcy). Other sources say Oreo is still vulnerable to green
photos but in Pie this is fixed.
Android Pie and DRM keys (OP rogger888, 2019-01-09, on
together.jolla.com, sponsor for Sailfish custom ROM). laubblaeser
replies: XA2 camera does not break when unlocking the bootloader.
rozgwi replies: when you're using another system (such as Sailfish)
you'll be left with a basic camera… jimc combines several
sources: when the origin OS was Android-8.1
Oreo the camera
could have annoying issues like taking everything in green, but this
has been fixed in Android-9
Pie. rozgwi in his Answer says
(paraphrased by jimc): it matters which stock OS you jumped ship from,
when you put on a custom ROM. When you unlock from Pie, the important
stuff (non-DRM) is not trashed, as it might have been from Oreo.
Unlocking the bootloader no longer breaks the camera on Sony Xperia devices running Android Pie by Mishaal Rahman on XDA-Developers (2018-11-20). He gives a very complete discussion of the TA partition mess, and in particular he passes on a report from LazerL0rd telling what works and what doesn't, after you unlock the bootloader. (This is on an Xperia XZ Premium.)
Widevine L1 is what prevented many flagship phones from playing Netflix or Amazon Prime Video above 480p.(Jimc assumes he means lack of Widevine L1 prevented…)
Another serious issue: in reports of successfully backing up the TA partition, nobody clearly states that they have been able to actually do the DRM-restricted activities in their custom image like LineageOS or Sailfish, e.g. play Netflix movies at over 480p. Success is reported in reverting to stock, but not in using the custom image.
Jimc judges that he is extremely unlikely to even notice the absence of the non-working items. Thus I'm cutting off this project with the decision to not back up the DRM keys. However, I will use TWRP Recovery to back up the TA partition (minus DRM keys) after unlocking the bootloader.
Procedure to back up the TA partition:
imagevariants of some of these.
backup trim area TA partitionyields (ancient) procedures to back it up before unlocking the bootloader, which is not what I'm doing. Nobody actually says which partition is being backed up, by name.
/vendoris the most likely one. A second choice is the non-user-accessible region of /storage.
lock your bootloader(ignore), SONY splash screen, TeamWIN splash screen, enter your pattern (to decrypt /data, which it takes a while to do), finally the main screen.
Vendor Image. Hit Select Storage and choose the SD card. The numbers shown are the amount of free space in Mbytes. Don't mess with the other tabs; compression does nothing for the images, though it probably helps the tar files a lot.
(Numbers refer to steps in LineageOS' howto for unlocking the bootloader.
The next section,
Installing CyanogenMod, has
preliminary steps that should be done first; then keep in mind the lessons
learned in this section when you unlock.)
0. WARNING, your DRM keys will be gone forever (see previous discussion of the consequences), and the rest of the phone is totally wiped, so back up user data. (It isn't clear if the SD card is included, but one forum post suggested that it is, so I removed the SD card; follow the link for suggestions how to do it. However, other documentation says it isn't.)
1. Dial the Service Menu code. I did this already, at the very beginning.
2. Go to service info - configuration - rooting status. Yes, bootloader unlocking is allowed.
2a. The instructions mention this after you've started fastboot: you need OEM Bootloader Unlocking to be turned on. Find it in Settings - System - the Advanced section.
3. Connect the USB cable to the host. How you connect makes a difference: peek ahead to step 5.
4. We're supposed to run the bootloader (fastboot). On the host:
adb reboot bootloader
Screen goes black for about 30 secs, then shows the boot splash screen
Sony for about 10 secs, shows battery charging icon for
10 secs, then goes black again. Not in the instructions, but the
notification light should have changed from red to blue, very dim, hard
5. On the host, execute:
Blecch, no devices are shown. Various interventions produced partial success, but never enough to actually unlock the bootloader.
Condensing a page of turgid story line: My laptop has one USB-2.0 port and two USB-3.0 ports. On the sub-Reddit for LineageOS I got some help from LuK1337, the manager for this build: he suggested that I try using the USB-2.0 port or a USB-2.0 hub. Just using that port helped but did not get to successful unlocking. But with the hub, I got the phone unlocked. Thanks to LuK1337. Here are some details that may be useful:
To start fastboot, with the USB cable connected directly to
the USB-3.0 port,
adb reboot bootloader just hung.
But the key combination works: turn off power and disconnect
the USB cable.
Hold down volume-up, and connect the USB cable while holding it.
Watch the notification light (upper right corner). It will come
on very dim red, then change to dim blue, hard to see. When
it stays blue, you can release volume-up. 15sec was enough.
fastboot devices reported the phone's ID number.
With USB connected to the USB-3.0 port, the key combination resulted in fastboot starting up but immediately rebooting (red, then blue again). If I held down volume-up through that, fastboot would be useable. Sort of.
With USB connected to the USB-2.0 port or the hub,
adb reboot bootloader would successfully start fastboot.
To go through the whole installation successfully, I needed to connect USB through the hub to the USB-2.0 port.
In a different context a different user reported that a particular USB-3.0 hub, presumably badly designed, emitted enough EMI (electromagnetic interference) to prevent Wi-Fi and Bluetooth in the 2.4GHz ISM band from working on his laptop. Being aware of this issue, I did not blow off suggestions to isolate possible EMI from the Pioneer.
Another user installing LOS-16 did not succeed with his USB-2.0 port, but one of his machines, presumably newest, had a USB-3.2 port, and that worked. He recommends, try every port on every machine you have until one of them works.
6. Wing off to Sony's official unlocking site.
Erasing, then rebooted again into the stock image, and it ran initial setup. This was the point where the phone's former internal flash was wiped.
Procedure for installing CyanogenMod (LineageOS), from LineageOS product page for Sony Xperia XA2 and the linked-to installation guide.
This process is destructive. You need to back up any user files
that you want to preserve. Is the SD card wiped too? HOWTOs vary in
what they say, but I'm going to physically
remove my SD card after doing backups that end up there. Also see
the note after
install custom recovery; I'll reinsert the SD
card, back up the TA partition (unfortunately after DRM keys
have been trashed), and remove the card again.
In the stock image internal flash is encrypted, whereas in AOSP it is plaintext. This does not refer to decrypting files; it refers to wiping the partition and creating a new empty filesystem.
Update: see Settings - Security & Location - Advanced - Encryption & Credentials - Encrypt Phone. It says Encrypted. There is no option to decrypt in place. This says to me that major parts of the phone's storage are encrypted with a key that is released (decrypted) when you enter your PIN, lock pattern, or fingerprint. This key is different from the one that formerly encrypted the stock image, which is erased (key and data) when LOS is installed.
You need to decide whether to back up your TA partition (Trim Area) which contains your DRM keys for licensed preinstalled Sony content. See a previous section for extensive discussion of how and whether to do that. The conclusion was that this backup is too horrendous to be accomplished, and it is very dubious whether anyone has actually been able to use the saved DRM keys in a non-stock OS image like LineageOS or Sailfish.
However, backing up the non-DRM content is prudent and important, and that backup will have to wait until after the bootloader is unlocked and the DRM keys have been trashed, since I'm going to do a TWRP backup.
Just before the second try at installation (when LOS-16.0 was running), I backed up the configuration to Google Drive, which I normally don't do. Setup - Google - Account Services - Backup - (turn on). It says the backup is encrypted with your Google Account password and includes apps, app data, call history, contacts, device settings (incuding Wi-Fi passwords), and SMS. After enabling this, go to Settings - Accounts - (your Google account) - Account Sync. It will list backup categories, skimpy since you just turned on general backups. Dotdotdot menu, hit Sync Now. Well, it doesn't re-sync in any other categories than these. You have to add a backup account (the phone account isn't automatically used). Now it's doing it. Let's save my 2 photos as well.
Whatever may or may not have been backed up, restoring it did not seem to produce the desired result, and I had to set up the phone anew.
2nd pass: For backup I installed Backup Your Mobile By Artur Jaszczyk. It couldn't get permission to put the backups on SD partition 2, but did work on SD-1. Took about 1 min. 760Mb, about 0.1Gb free on this partition, blecch. Installed AndFTP. Now copying it off the SD card into /tmp/jimc.junk -- Done. So far I haven't had an opportunity to actually test whether restoring this backup is useful.
I've now started doing ADB backups onto my normal backup media. Again, this needs a test whether restoration is going to be useful. [Needs work]
LineageOS product page for Sony Xperia XA2; it has a link to the installation guide.
Follow link to
Get the Builds Here. Image filenames have the
form: lineage-16.0-202002XX-nightly-pioneer-signed.zip (where XX is the
day), and you will need to download the SHA-256 checksum also. Do any
of these builds have customer complaints? By Google search, there were
no hits mentioning any of the download filenames.
Downloading the 2020-02-23 nightly image and SHA-256 sum. Saved in
/scr/orion-downloads-200208/ , 596Mb, took 7.4min. Checksum: OK,
Make sure the host computer has adb and fastboot installed.
On Suse the package is android-tools. Version 9.0.0_r52 in
hardware (experimental). The included programs are:
fastboot --help | lessfor docs. It communicates with a lowlevel component of the phone's control programs, below the Linux kernel (bootloader?), and can flash partitions, reboot the machine, etc.
On the phone, activate Developer Options. Procedure: in Settings - About Phone - Build Number, tap 7 times on it. Now turn on Settings - System - Advanced - Developer Options - Android debugging (also Debugging Notify). Also you need OEM Bootloader Unlocking (in Settings - System - Advanced), which the instructions tell you after you've already started fastboot. Once you turn this on and actually unlock the bootloader, this menu item disappears.
Review the previous section, Struggles With Unlocking the Bootloader.
Unlock the bootloader, see Sony's instructions. This means to make a setting so the phone will let you install a custom (non-stock) Recovery. Warning: when you do this, your DRM keys are gone forever. See prior discussion of the consequences. Once unlocked, it stays unlocked; you only need to unlock once per lifetime. You need an unlock key, which depends on your IMEI, which you enter into a form on the instruction page.
Yes, looking on the Service menu, bootloader unlock is allowed.
Download and temporarily install a custom Recovery other than the one provided by the vendor (which will refuse to install non-vendor images). TWRP is recommended, being reliable and easily available.
gpg: BAD signature from TeamWin <email@example.com>and
twrp-3.3.1-6-pioneer.img: FAILED; sha256sum: WARNING: 1 computed checksum did NOT match. But twrp-3.3.1-5-pioneer.img (1 week earlier) has a good signature. Using that one. Bug report was submitted.
Why don't we flash TWRP permanently? Jimc's speculation: the LineageOS (CyanogenMod) image includes the AOSP Recovery, which will overwrite TWRP, and each periodic update will do the same. If I need TWRP's special features later, I'll re-flash it then.
Update: If you follow the instructions you never really install TWRP; you send the image from the host computer and execute it on the spot. You'll need to do this twice during the installation procedure. LuK1337, the developer in charge of the LineageOS build for Pioneer, recommends against permanently installing TWRP.
More update: The Pioneer has an A/B arrangement of basic partitions, so while executing out of one of these, the active slot, it can write a new system image into the other slot. If anything goes wrong, the active slot is unchanged and you can just do it over. But there is no traditional Recovery partition into which a non-stock Recovery program could be installed, and alternatives apparently are hard to get right.
I'm going to back up my TA partition (minus DRM keys) using TWRP. The backup ends up on the SD card, so it has to be reinserted now. And removed after the backup. The procedure to do the backup can be found at the end of Backing Up the Trim Area.
Download and install your LineageOS image. (See the installation guide for the command lines.) Repeat the process for Google Apps and AddonSU (to root the phone). Since I want to make Google Pay work, I'm going to use Magisk as the rooter. Images to be downloaded, used in this order:
nanosize variant, recommended by LOS instructions.
The procedure totally wipes your phone and makes internal flash unencrypted. Update: this is what the instructions say, but the phone claims that it's encrypted.
adb boot $filething, see below.
Struggles With Unlocking the Bootloaderfor why this was necessary.
can't be checked for corruption, lock your bootloader(which you ignore). Shows
Sonysplash screen. Shows TeamWIN splash screen. You need to authenticate with your unlock pattern (or PIN?) There's a screensaver, don't waste time taking notes :-) If the screen goes dark, press the power button and then swipe. There's an option under Settings to turn off the screen saver.
adb reboot sideloadso you can install Google Apps; you must do that before rebooting. But that was a mistake; you'll end up in LOS Recovery which is useless for this. When I tried…
Sony, repeats these screens. "Can't load Android system", I selected
Try Again. Same result. 3rd time, I told it Factory Data Reset.
At this point I shut down the phone and reinserted the SD card. I tried to use sticky tape again to re-extract it but could not get it underneath the tray.
Help with Installing Lineage on Xperia XA2,
OP davidovski on Reddit (about 2019-03-xx).
He describes the procedure he followed, which to jimc seems to not agree
with LineageOS instructions. He gets a public key verification error on
(I'm pretty sure) the LineageOS zip file. shamanonymous replies:
You definitely don't need to install TWRP permanently. The XA2 uses the
new A/B system image method, so there is no recovery partition…
I only needed TWRP for reinstalling root, but now Magisk is also A/B aware,
so I just have to run it after the Lineage OTA.
He continues with a summary of the install process (with extra notes from jimc):
adb install MagiskManager-v7.5.1.apk(after rebooting).
He continues with how to handle a Lineage update. It will write the
new image to the other (A/B) set of partitions. If botched it will say so
and exit. If OK it will change that partition to be active. Before
you reboot, start the Magisk Manager app and click Install - On The Other
Partition. Do this, then reboot.
Lineage OTA updates work just fine
in this configuration.
thinkofdoc responds: LuK1337 is the primary developer for this build. He advises against installing TWRP, and provides a link to a custom TWRP image that works better with the XA2 image. (jimc says: looks like the reported issue is very minor and in 2020 it will be long forgotten.)
Respondent moroi (2018-08-14 on XDA-Developers) (this is post 311, last on page 31 of this very long thread). He tells why you mustn't boot LineageOS before installing Google Apps: on an A/B system, TWRP installs the LOS zip into the inactive partition, then (on success) marks it active. But it installs Google Apps in the active partition. So after installing LOS you have to reboot back into TWRP, not into LineageOS. This seems a little strange to jimc. My speculation (without objective evidence): TWRP installs everything to the inactive A/B set of partitions. On success with LOS it swaps the active/inactive markings. But the partition isn't really active until you reboot, so if you install something else (Google Apps), it will again go in the currently inactive partition where LOS was just installed, which is what you want. Whereas if you rebooted into LOS (without Google Apps), then got back into TWRP and installed Google Apps, it would go into the then-prevailing inactive partition, where LOS isn't.
Running Magisk Manager to set up Magisk:
Restore Magisk Manager, which you would use to change back to the default app name.
Update: The following hodge-podge of forum posts documents unsuccessful attempts
to get the phone to pass ctsProfile. Suggestion, pick up at
Google Pay on Rooted Phone.
A lot of the forum posts linked here refer
to how to take an image that Google won't certify, and make it look
like one that can be. But I had no problem registering this LOS image with
[FIX] SafetyNet Failed: CTS Profile Mismatch Errors — Full Guide!
by Arvind Rana on DroidHolic (2020-03-05).
Compatibility Test Suite.
Among quite a lot of other items to check/fix, he says USB Debugging (in
Settings - System - Developer Options) is a red flag for CTS. For me, turning
it off did not solve the problem.
Cant find Enable Busybox in Magisk settings and ctsProfile not succesfull, OP rolferikalfheim on XDA-Developers (2017-09-14). He has my symptom, no Busybox option in Magisk Manager, and ctsProfile test fails. Digeridoohan (moderator) replies, that setting has been absent for some time. Use the Busybox module in the Downloads section of Magisk Manager.
Magisk and MagiskHide Guide - SafetyNet maintained by didgeridoohan. One issue: check in Play Store settings (at the bottom) for Play Protect certification: Device is not certified. The linked page gives some fixes. Basically, make sure you can pass SafetyNet. Jigger some props to match a known certified kernel/system. Clear data for Play Store. Reboot. The main symptom of this failed certification is that certain apps won't appear, or will appear but won't be installable. Netflix is the one most often complained about. I did this but still can't pass ctsProfile. The item for Play Protect Certification has disappeared, and the Netflix product page can be displayed. (I didn't try to install it; I didn't try to see it before improving my compliance level.)
Following instructions in the above wiki and various forum posts, I disabled Magisk Hide, rebooted, tested SafetyNet (ctsProfile false, basicIntegrity true), enabled it again, rebooted, and tested SafetyNet again. Still ctsProfile false.
LineageOS is supposed to be certified by Google. But from time to time updated versions fail to be certified. Basically, install the Magisk modules for Busybox (prereqisite) and MagiskHide Props Config. Guess which device to emulate. That got him past SafetyNet, except for one game. He had forgotten to spoof the name of MagiskManager; doing that brought that game to life.
After clearing data for Play Store and rebooting, I configured settings
again, then selected
My Apps and Games. It showed a panel saying
Install apps you've used before. It found 10 apps: apps from
the Sony stock image (that I never opened) like PlayStation App, three that
I had on the old phone, and one that I actually installed on the Sony stock
image. Selectively installing them on the Pioneer.
I found out a better way to install previous apps: Play Store web URL, likely you can click to install, on the phone. It has most of them, including some that I must have had at one time but then uninstalled.
In MagiskManager I installed Busybox by osm0sis (prerequisite) and
MagiskHide Props Config by didgeridoohan. Reboot afterward.
Following instructions: start a
terminal (LOS has one, unless you suppressed it in initial setup), command
props and grant root access, choice 3
to enable better hiding
(and reboot if it prompts), then choice 1, and then 'f', and pick your
Now I have LineageOS running on the phone, with Magisk. Here's a journal of what I did to set it up.
OpenVPN For Androidsucceeded in installing it.
Yet Another Phase Beamby Davide Nabais. Follow the link for how to adjust the colors. The AOSP wallpaper app for Android-9 (LOS-16) did not show the live wallpapers, and
Wallpapers by Googlewas needed. On Android-10 (LOS-17.1) the stock app does show live wallpapers.
total, card total is 32Gb. I copied the authorized_keys file and host keys from the SD card. And it worked the first time!
The app launcher (Trebuchet) has an unlimited number of pages. It wants
to open on the leftmost of them, whereas formerly I used the middle of three
home page. For launcher settings, long press in the background and
a menu will open with items for settings, widgets and wallpapers. I haven't
found a setting to tamper with the
home page. Here are my settings;
* indicates other than the default.
Sleepingor add a new rule, then turn it on and set Days (all), Start time 23:00, End time 07:00, alarm can override end time (turn on).
Notification Dotsin the containing menu.
My icon layout. Many apps are reached only from the app drawer. I'm going to duplicate what's on the old phone (Samsung Galaxy S5) as much as possible but exchanging pages 0 and -1.
|— Dock (using 3 of 5 slots) —|
|— Page 0 (Home) —|
|Amazon Kindle||Barcode Scanner||Tasks||Xabber|
|Smart Time Sync||RealCalc||Calendar||Messaging|
|Kitchen Timer||Jog Tracker||Contacts|
|DigiClock||Jota Editor||Maps||Bible App|
|— Page 1 (Technical and Games) —|
|StrongSwan||OpenVPN And.||DNS Forwarder||H.E. Net Tools|
|— Page 2 (Misc) —|
|Voicemail||Whole Foods||MyChart||Google Pay|
|Sky Map||Earth||DaFit||Play Store|
Miscellaneous settings: Sounds. In LOS-17.1 based on Android-10
Quiche, they have a ton of new sounds. When you set a sound you
complete action using Sounds (i.e. the new sounds) or Media Storage
(the old sounds). Find the settings in Settings - Sound - Advanced - Phone
ringtone, with the notification and alarm sounds just after. You can also
set the ringtone from the phone app (Settings in dotdotdot menu).
Ringtone. Default is Orion which is not too bad. There are 111 to choose from. The one I used before is (presently) called Draco; the names and choices seem to change per Android version. I chose Draco again, with Sheep and Canis Major as 2nd choices.
Notification. I changed to CyanDoink, which is annoying but aggressive enough to not be missed.
Alarm. The default is Hassium, which is horrible and has none of
the cachet of Nuclear Launch. Among the provided sounds, Platinum is
the best of a bad lot. I would really like to use
Walk_in_the_forest.mp3 (in ~jimc), which you could add by
Add Ringtone, once it's been restored from backups. Confirmed
that Huge Digital Clock (digiclock) can find and play this file when
the alarm goes off.
How to disable battery optimization: This is needed by apps that run in the background and have time sensitive activities, specifically Kitchen Timer and Shake Alert LA, To set: Settings - Apps & Notifications - Advanced - Special App Access - Battery Optimization - (change from Not Optimized to All Apps) - select app - Don't Optimize.
On this phone I would very much like to use Google Pay, a digital payment app which has different security exposures than the traditional use of a physical credit card with a static and stealable account number. (Apple Pay pioneered getting merchants to install the software and a NFC reader, but Google Pay and possibly others can use the same protocol even if the reader is Apple branded.) The digital payment protocol uses a one-time code so the thief cannot steal the transaction record off the wire and use it for a nefarious transaction, a notorious vulnerability, but the credit card's number resides in the phone, where malware could steal it if able to subvert very difficult security involving SELinux. Obviously a rooted phone is a serious threat to this security model, and Google Pay will clam up if it detects root capability. The system service that handles root checking is called SafetyNet.
Therefore if you want root, it has to be stealthy. Of course the easiest solution is to not root your phone. So what do I use root for?
ClockSync by Sergey Baranov. It requires root to sync the time automatically. It does have a mode for manual syncing on a non-rooted phone, but you have to watch the display and hit a button at the optimal moment. The Android Developer site shows a class called TimeManager which can set the current time, set the timezone, set 12 vs 24 hour time, and turn NTP sync on and off. That suggests that a recent AOSP image should have these items in Settings. But I find no trace of them anywhere.
StrongSwan is supposed to provide the server pushed DNS server addresses to the VPN API, but this doesn't seem to be happening. The DNS Forwarder app requires root to establish the DNS server manually by cowboy programming. Not having DNS for the VPN is kind of a showstopper.
Running roughshod over file permissions, particularly storage permissions. This is for ad-hoc tasks like copying crypto keys onto the device in the required locations.
I use Total Commander for such file operations, which uses root if available.
Backups are done with user permissions. This means they aren't very complete. I could do better with root permission.
I think my conclusion is, if I can deal with the clock sync issue, it would be fine if I could manually turn root on and off, and have Google Pay work when it's unrooted.
Magisk is the currently popular rooting app/framework, by topjohnwu. Version as this is written (2020-02-20): v20.3; you should also have Magisk Manager v7.5.1. Magisk Release and Announcement Thread on XDA Developers; distributed from Magisk Github site.
Note, it's a cat and mouse game; Google
and the developer
improves Magisk to get around it. Do not
update Google Pay (both the front and back end) until Magisk is
How to Use Google Pay on Rooted Android Phones by Rohail Khan (2018-07-18). Use Magisk root. Configure Magisk to use BusyBox, Magisk Hide, and Systemless Host. Enable Magisk Core Only (and reboot). Look for the SafetyNet lack-of-root report. It should pass, and both Google Pay and rooted apps should work. Jimc's note: I think turning on Core Only would preclude spoofing the OS type, if that's needed to pass the ctsProfile check.
Google Pay no longer worked, OP henban89 (2019-03-03). It turns out that an updated version of Google Pay was aware of Magisk. A respondent gives instructions to revert to a back version and prevent it from being updated.
Google Play Certification: What it is, and how it affects you by JavelinAndArt (2018-04-09). This is what SafetyNet checks. You need to register your Google Services Framework. If you aren't passing SafetyNet, you will be prevented from downloading some apps, and others like Google Pay will not work at all. See also SafetyNet: What it is, and how it affects you by JavelinAndArt (2017-06-05).
adb: unable to connect for root: device unauthorized. This adb server's $ADB_VENDOR_KEYS is not set.
Do Not Disturbmode on. Turned off. Now
adbd cannot run as root in production builds. adbd cannot run as root in production builds #425, OP peyer (2018-07-29): didgeridoohan responds, probably caused by MagiskHide changing ro.debuggable to 0. It needs to be set to 1 for adb root to work. Turn off MagiskHide (and reboot)…
root access is disabled by system setting - enable in Settings -> System -> Developer options. This setting (Root Access) was not available previously.
Working: Magisk with Google Pay as of gms 17.1.22 on Pie OP BostonDan (2019-05-14). He gives a credible looking procedure for getting around the security check.
Before I try to make Google Pay work, I need to install Magisk Manager, try the SafetyNet check, and get it so it passes SafetyNet. (And don't forget to obfuscate the name of the MagiskManager app, which some programs check for explicitly.) On the first installation attempt, I ended up with a failure in ctsProfile, a server-side test; basicIntegrity (client side) passed. Forum posts about troubleshooting this invariably say, wipe your phone, reinstall the OS, and step by step, check if you're passing SafetyNet. The point at which it starts failing gives a clue what intervention may fix it.
Repeating installation up to the point of activating Magisk.
adb reboot bootloaderor from the option on the power menu (long-press power button).
yes- swipe to wipe. (Back 3 times)
Incompatible device detected… please download the correct version for your device: arm. Error code 64.. Tried twice, same result. Instead,
adb reboot bootloader, which works on TWRP). Start up sideload same as before. (Don't wipe anything of course.)
Can't load Android system. Your data may be corrupt. You may need to do factory data reset…That's right, hit that line. It reboots, and this time we get the LOS boot animation. Slow! Takes about 120sec until setup gets going.
select and patch a filein MagiskManager does not mean to select the downloaded zip file and sic MagiskManager on it. You need to do an arcane procedure to unpack the LOS zip, merge it (how?) with the Magisk zip, repack, and select the result. There are reports of one or two people accomplishing this, but the usual way is to start TWRP and sideload Magisk-v20.3.zip. This worked once for me and I'm going to try it again. The installer script actually does the repacking and patching operation for you.
Hide Magisk Manager. And download whatever additional stuff for the
Fullversion. Still fails ctsProfile. Leaving Core Mode off.
Now to see if Google Pay will actually function. Since there's an
unconfigured instance of Google Pay in my backup, I'll restore state first.
Backup Your Mobile By Artur Jaszczyk. Re-installing this
app. There's also an active instance of Magisk Manager. The current instance
is called MgkMgr; the backed-up one is …
It restored 0 application data, 1 Wi-Fi password, 48 system settings, and
the app list.
Please restart device. It should have restored
application data; I don't know why it didn't. Play Store did not seem to
know which apps it was supposed to reinstall. Neither did it restore the
icon load of my home screen. In Settings - Apps - See All Apps -
(name of app) - Permissions - turn them all on; in the dotdotdot menu there's
one item for
all permissions. Restore again. This time it went much
faster probably because the target data didn't need to be changed.
Not much improvement. I think this has failed. Next time around I'll try
Installing Google Pay. With Magisk core only mode on or off, and with
the Google Services Framework ID registered, it passes SafetyNet. But Google
Pay still says
This phone can't be used to pay in stores. This may be
because it is rooted… Turned on Google Pay in the Magisk Hide list,
joining Google Play Services. Didn't help (but I left it on). Turned on
Google Play Services. And rebooted. Didn't help (but I left it on).
Google Pay Magisk Discussion Thread, moderated by Didgeridoohan, response #5 by JarlPenguin (2019-03-03). Discussing similar symptoms seen last year, an update to Google Play Services caused it. Wait for a version of Magisk that it can't resist. Temperorarily revert to the previous version by using the procedure shown.
How to get GPay to work on rooted Xiaomi Mi9 by smohanv (2019-09-24).
He links to a Magisk module and lists the operations that it does if you want
to do it by hand. Basically, lie about whether (something) has been attested,
and change the mode to 440 so your
fix can't be reverted. See response
#11 by 73sydney and follow the links there, if downloading the module.
Conclusion: I need to just be patient. The procedure for reverting to a prior version requires a prior version to revert to, which I don't have. Once I have a working version (of Magisk, Google Play Services, and Google Pay), I'll save them so I can revert if needed.