NOTICE: This content was originally posted to Google+, then imported here. Some formatting may be lost, links may be dead, and images may be missing.
This is a relatively minor update. Support for the patching ChromeOS-wrapped Android boot images has been added (Pixel C), some logcat and fsck issues were fixed in the SELinux policy, and some flags have been added to the ZIP installer.
Some recent devices do not get a signal - for reasons yet unknown - unless /data is encrypted. The SuperSU ZIP installer by default removes the forceencrypt flag from fstab, so you can run your device unencrypted if you want to. In some cases this may cause you to run unencrypted while you want to be running encrypted, such as on these recent devices. That is what the KEEPFORCEENCRYPT flag is for.
I am open to debate (in the BETA thread on XDA) as to whether the situation should be switched around, keeping the forceencrypt flag enabled by default, and have removing it be the case that requires extra action. It seems to me like those who want to run decrypted may be the more advanced users as well as the minority.
To clarify: the situation right now is still the same as in 2.71, there is now just the option to change the behavior. The point of discussion is whether that option should become the default in the future.
Not a day goes by since the release of 2.69 - sometimes not even an hour, or a full page in the thread - that somebody doesn't complain or ask about ES File Explorer or Secure Settings or whatever root app not getting root.
I want to emphasize again that these are bad apps that are hardcoding the path to the su binary. This has always been a bad idea and I have been warning against it since 2012.
In the early days of systemless root a compatibility mode hack was enabled by default, but this has been disabled since 2.69. It will not come back, because it's a bit of a dirty hack, and I'm not going to keep forcing millions upon millions of users running that hack just for a handful of outdated apps to work.
You can manually re-enable that compatibility mode by setting the BINDSYSTEMXBIN flag before re-flashing SuperSU, see http://forum.xda-developers.com/showpost.php?p=66140836&postcount=5493
I suggest writing the authors of these apps to inform them that their apps will no longer work with SuperSU on Marshmallow by default, and ask them to fix their code. Said fix is generally one line or less, so there really isn't much of an excuse to not just fix it.
SuperSU BETA thread on XDA: http://forum.xda-developers.com/apps/supersu/2014-09-02-supersu-v2-05-t2868133
SuperSU subforum on XDA: http://forum.xda-developers.com/apps/supersu
Add support for ChromeOS boot images (Pixel C)
supolicy: Fix logging to logcat for some processes on some firmwares
supolicy: Fix fsck of /data/su.img being denied on some firmwares
ZIP: Add LESSLOGGING flag
ZIP: Add KEEPVERITY flag
ZIP: Add KEEPFORCEENCRYPT flag
ZIP: Also read flags from /cache/.supersu (aside from /data/.supersu and /system/.supersu)
How to update if your on system less 2.71? Just flash the zip?
Well for the force encrypt part, i don't understand
If your device is encrypted. You flash SuperSU it will not decrypt it so were was the problem. HTC 10 is the only reason for that?
Also if you're unencrypted you flash SuperSU v2.72 that's mean now it will force encryption and you'll loose your data cause it will messed up? Wow that's a big warning for people that don't flash kernel with force encrypt disable right after SuperSU
That's mean also that custom kernel have to be flashed after SuperSU now?
+Masta DeYuS Nothing has changed operationally between 2.71 and 2.72. You get the option only. You will not suddenly lose data flashing 2.72. The kernel flashing order does not change from 2.71.
You are right, flashing SuperSU itself does not decrypt data. However, if you have SuperSU flashed with forceencrypt disabled (default), followed by using any of:
fastboot format userdata
fastboot erase userdata
TWRP format /data
TWRP wipe /data (if your TWRP version does not understand your device's encryption, as is the case with the current HTC10 TWRP releases)
... then you will end up with unencrypted /data.
The HTC10 bootloader unlock / root / S-OFF process as described in the forums does one (or more) of these, so you end up running unencrypted.
Your work is legendary +Chainfire. Thank you for your efforts.
+Chainfire good to know, thanks :)
Btw, does the SuperSU installer flash modified boot images for that purpose ?
I think that users who run unencrypted are the advanced/minority users and should be treated as such. They/I will figure it out.
+Christopher Cote Why would the people who run unencrypted be the advanced ones? :o
+Total Security this post is about SuperSU, not about anything else. Post in the correct place.
Better keep forceencrypt by default, and allow removing for device that have problems (no compatible recovery, etc.)
Note that N also supports file-based encryption, which allows you to write stuff to /data, but not read the encrypted files (unless the recovery setups up the kernel keychain). Optional now, but may become the default on new devices (Cf. direct boot)
BTW, SuperSU modified boot.img currently doesn't boot if FBE is one, not sure why.
once again +Chainfire thanks for the hard work. though I agree with +Nikolay Elenkov that Forceencrypt is probably the wave of the future as far as /data is concerned, based on the intelligence wars between os vendors and the governments of the world. only older hardware that can't handle decryption on the fly or at all will likely forgo it.
+Total Security Since your comment was about Recently, perhaps the XDA thread for Recently, that is linked from the app's description?
+Nikolay Elenkov accept my hangouts for the boot.img thing...
May I ask if there are more flags for /data/.supersu, for instance disabling systemless installation? I've been looking around and couldn't find anything about it.
Hello everyone I do have some issues
If I do flash my HTC m7 recovery from 220.127.116.11 to 2.7 , 2.8 & 3.0 recovery wouldn't not open pls help
When I recovery I get this error message root permission May be lost ( fix root permission
3 I will like to flash my custom Rom please advise me thanks
Great work, as always, ChainFire.
Im need using it
Works on pixel C even on Android N preview 2 ! Thanks a lot !
Works on any devie , flash it with cwm
Thank you very much sincerely and may the good Lord bless what ever your hand finds to do. Thank you for your dedication, and patience, and commitment all this time. Your work has truly inspired me and I hate to see you move on with the super su deal. I have a lot of catching up to do but am hoping maybe one day to be able to broaden my coding and development skills and maybe be able to contribute like yourself have done. Just felt the need to share since you're truly an inspiration.?
He doesn't work
SuperSu autualiza applications.
Congratulations on your application being at first had difficulty installing the binary now can't install without problems without changing cell phone originidade leaving it as official.
I can't uppdate my binary! Why?
Update it with normal update
Stupid question, how do you tell if you're using systemless root? I have the latest beta installed, and the install SuperSU into /system option is greyed out.
With last samsung security update Samsung has blocked root!!
(("updates security policies". In galaxy s6 plus, is in "settings/lockscreen and security/other security settings/update security polices) )
The reflash of cf autoroot not work. To restore root i have make an hard reset+ reflash stock rom+ flash cf autoroot. At reboot don't connect to wifi, because security update automatically in wifi. Damned samsung +Chainfire
+Flo webRadio This maybe explains some difficulies that I had. THX
Now maybe I have to go for another round. Damned Samsung
+Rain Master For "Security update" i do not mean the monthly security patch, but the "updates security policies". In galaxy s6 plus, is in "settings/lockscreen and security/other security settings/update security polices
+Flo webRadio Your description covers my problem. After the unecpected message "System update installed" my root is gone.
First I will try to reflash supersu with not too much hope.
Second reflash all.
Poor me. One day of setup apps lost.
+Rain Master probabily is not necessary to reflash all. Maybe only hard reset to refresh "old security policy"
I will release an update to fix that security update thing within a few days.
You are the best chainfire :v
yes, thx for your good work ;)
how to hide su? thanks
+Chainfire, how can I unroot my huawei mate 8 if the unrooting option within the pro superSU app does not work?, thanks!
Is there anyway to root sprint Samsung Galaxy S7? +Chainfire
There no such binary installed error how to fix it
How to repair null imei. I have lost my umei
i like ur post
What devices are compatible?
vxczooizawwermnvczx aenmweriolase eyukvthkmpqudhhjxebcznkjukoyiyooi??❤??
Please cf autoroot s5 g900h androit 6.0.1
Please Update CF AUTOROOT FOR GALAXI S5 G900H ANDROID 6.0.1...... G900H
I need to come back to this. Thanks
Please let me know if you have any way to get root for my device Galaxy not 4 SM-N910V 5.1.1 version
Hello chain fire,how can replace KingRoot app with SuperSU now that they have programmed this app in such a way that any attempt to replace it with SuperSU deletes it and ends up loosing root
Please help me to root my sc-03e please runnning on JSS15J.SC03EOMUBOG5
+saeed alhussini i have a note 4 N910C, i upgraded to marshmallow and now im trying to root it, at least, try firts to upgrade your OS.
Is it possible in the near future to have a root possibility for Samsung Galaxy xcover 3 value edition SM-G389F with Android 6.0.1 ? I'd gladly pay for it, thank you.