-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Android 14 support #45
Conversation
I think you had written the update wrong. I added the text to my post fs data file and zipped the module and reflashed and it didn't work. I looked through postfs data and changes the directory lines from Clone directory into tmpfs
To Clone directory into tmpfs
Use must have miss written it. The module now works for me on a14 newest beta. I found out from the log file it said the folder wasn't found tmp copy ca |
@aussiebro Thanks! It worked for me because /data/local/tmp/tmp-ca-copy was already existed |
here is the updated zip for any one that doesnt know how to update the module not sure if its aloud. i can remove though if asked though. edit i see your updated script removed the old folder cool i didnt think of that my upload doesnt include that line i am actually abit of a noob to magisk scripts. i just manually deleted that folder with a root explorer. |
Problem and solution
Android 14 changed the place of system certificates from
/system/etc/security/cacerts
to/apex/com.android.conscrypt/cacerts
. The benefit is that APEX may be installed independently from system.But there is a problem - Magisk does not inject module files into /apex directory.
So we do not rely to Magisk file injection and instead use our own tmpfs clone.
Thanks to blog of "HTTP Toolkit" for some ideas, even though our solution is slightly different.
Why module copying and other magic should be done in
post-fs-data
boot phase?In last Android releases, there are mount namespaces, that are cloned for every process, so it is difficult to setup bind mounts after system boot. So any interventions should be done before boot phase (on post-fs-data phase).
Resolves #32