aussiebro
commented
9 months ago I think you had written the update wrong. I added the text to my post fs data file and zipped the module and reflashed and it didn't work. I looked through postfs data and changes the directory lines from
Clone directory into tmpfs
mkdir -p /data/local/tmp-ca-copy
mount -t tmpfs tmpfs /data/local/tmp/tmp-ca-copy
cp -f /apex/com.android.conscrypt/cacerts/* /data/local/tmp/tmp-ca-copyTo
Clone directory into tmpfs
mkdir -p /data/local/tmp/tmp-ca-copy/
mount -t tmpfs tmpfs /data/local/tmp/tmp-ca-copy/
cp -f /apex/com.android.conscrypt/cacerts/* /data/local/tmp/tmp-ca-copy/Use must have miss written it. The module now works for me on a14 newest beta.
I found out from the log file it said the folder wasn't found tmp copy ca
sfionov
Problem and solution
Android 14 changed the place of system certificates from
/system/etc/security/cacertsto/apex/com.android.conscrypt/cacerts. The benefit is that APEX may be installed independently from system.But there is a problem - Magisk does not inject module files into /apex directory.
So we do not rely to Magisk file injection and instead use our own tmpfs clone.
Thanks to blog of "HTTP Toolkit" for some ideas, even though our solution is slightly different.
Why module copying and other magic should be done in
post-fs-databoot phase?In last Android releases, there are mount namespaces, that are cloned for every process, so it is difficult to setup bind mounts after system boot. So any interventions should be done before boot phase (on post-fs-data phase).
Resolves #32