Android - Systemless Root

Main Answer:

Systemless root is a rooting method/procedure developed by Chainfire (the developer of the popular root management app SuperSU) which involves a modified boot ramdisk image. The superuser su binary becomes a kernel inclusion instead of existing under /system/xbin/, like in normal system-based root.

Ancillary Answers:

  1. Preference of systemless root over traditional root:

    It was initially suggested by Chainfire to be useful for Nexus devices from Marshmallow onwards to prevent rooted users from having to reflash the entire stock system, boot and recovery partitions before undertaking even a minor OTA update, which has since become more important as Google has introduced the policy of pushing out monthly security updates through OTAs, and flashing the entire device every month is tedious at best.

    Systemless root eliminates the heavyweight system partition from the flashing equation, allowing the devices with systemless root to be updated just after reflashing stock recovery and boot.

  2. Pros of systemless root over traditional root:

    • Utility when OTA updating devices as mentioned above.
    • The modified boot image gets rid of the "Tampered" screen on Android bootup from Marshmallow onwards, if the device has a non-stock partition, most commonly recovery.
    • No exploits required. Systemless SuperSU can technically be flashed as a boot image through fastboot, although it is normally done by flashing a zip in a custom recovery, which automatically patches the on-device boot image to make the necessary modifications to support systemless root.
    • It works with an SELinux Enforcing security condition, while traditional root needs SELinux Permissive on Android 5.0 and up.
    • It unintentionally circumvents Android Pay and Android for Work root restrictions, which work with traditional root.

  3. Cons of systemless root over traditional root:

    • Quite buggy and is still in BETA stage, although it is being actively developed and is definitely usable (from personal experience). Edit: No longer buggy and the default rooting method on Android 6.0.1 and up when using SuperSU.
    • Some custom kernels like LeanKernel refuse to work with systemless root as they need traditional root for functioning properly. Edit: Most custom kernels now recommend systemless root, a well-known such kernel being ElementalX.
    • Some root apps may not work with systemless root as they hard-code the path-to-su in their code, which is only applicable for traditional root.
    • Not sure if this is actually a con, but systemless root is the only recommended rooting method that will work on Android 6.0.1 and up.

Sources:

  1. XDA-Developers
  2. Nexus 6P Reddit thread (not sure if it's very reliable)

Systemless root, developed mainly by Chainfire, is an alternate method to root your phone without altering files in your system. It makes changes in the boot image instead of the system files like init, etc, and hence makes rooting and unrooting theoretically easier. It is an experiment, so I don't think it works perfectly. It also could circumvent Android Pay root restrictions, but Chainfire did not expect that, and says that Android Pay would be patched to push out any such root users too.

For more information about it, check the xda article. The dev also has a forum here.

Tags:

Applications

Rooting

Root Access

Systemless Root

Recent Posts