Phone not rebooting or shutting down

[capstab]

Hi,

I changed my encryption passwd successfully on my Cyanogen OS 13.1.2 Thank you very much for that awesome app.

But one Problem I have. The phone neither shutsdown or reboots after putting 3 times wrong my Lockscreen PIN. SnooperStopper has root access (SuperSU) and I enabled device admin.

Don't know what is wrong.

Thx and regards Capstabs

[capstab]

I don't understand. Yesterday I played abit arround with lovksceen trusted agent settings and it was working for some reasson after that. After 3 times wrong pin the phone shutdown. Today again I can try as much as possible to unlock the screen without a shutdown. Any Ideas what I must do that it works reliable?

[xmikos]

@capstab Sorry, I have never seen behavior like this. SnooperStopper is simply calling reboot -p command with superuser permissions, this should work everywhere. Maybe CyanogenMod broke something?

Try to look at adb logcat after too many failed unlock attempts. You should see this line in debug log:

TOO MANY FAILED UNLOCK ATTEMPTS!!! SHUTTING DOWN!

If you don't see it, then device admin is broken. If you see it but phone still doesn't shutdown, then reboot -p command and/or superuser permissions are broken.

[capstab]

Thank you very much for your help. I have still the Problem but im not sure if you can help me with that. But just to give a feedback. I installed a new beta version of supersu but that doesn't helped either.

I activated in developer options the local terminal. Did a "su" in the terminal (on phone) to give me root permission and executed reboot -p. That worked so the reboot command shouldn't be broken. Probably its like you said a Problem with the device admin in CM13 (13.1.2 -ZNH2KAS3PO).

I looked at adb logcat and it doesn't appear the line TOO MANY FAILED UNLOCK ATTEMPTS!!! SHUTTING DOWN!.
But when I activate the device admin for SnooperStopper logcat gives me

09-02 09:14:01.592 14916 14916 D SnooperStopperDeviceAdminReceiver: onEnabled 09-02 09:14:01.591 6136 6136 W Binder_3: type=1400 audit(0.0:1061): avc: denied { ioctl } for path="socket:[241264]" dev="sockfs" ino=241264 ioctlcmd=7704 scontext=u:r:system_server:s0 tcontext=u:r:system_server:s0 tclass=unix_stream_socket permissive=0 09-02 09:14:01.591 6136 6136 W Binder_3: type=1400 audit(0.0:1062): avc: denied { ioctl } for path="socket:[241264]" dev="sockfs" ino=241264 ioctlcmd=7704 scontext=u:r:system_server:s0 tcontext=u:r:system_server:s0 tclass=unix_stream_socket permissive=0 09-02 09:14:01.681 7059 7059 W Binder_9: type=1400 audit(0.0:1063): avc: denied { ioctl } for path="socket:[179195]" dev="sockfs" ino=179195 ioctlcmd=7704 scontext=u:r:system_server:s0 tcontext=u:r:system_server:s0 tclass=unix_stream_socket permissive=0 09-02 09:14:01.681 7059 7059 W Binder_9: type=1400 audit(0.0:1064): avc: denied { ioctl } for path="socket:[179195]" dev="sockfs" ino=179195 ioctlcmd=7704 scontext=u:r:system_server:s0 tcontext=u:r:system_server:s0 tclass=unix_stream_socket permissive=0 09-02 09:14:01.726 15758 15775 D OpenGLRenderer: endAllStagingAnimators on 0x9b361e80 (RippleDrawable) with handle 0x9b363410

I don't know if that avc: denied has anything to do with it.

[xmikos]

It looks like problem with SELinux rules. It could be caused by both CyanogenMod or SuperSU (SuperSU changes SELinux policy). But I don't know if this error is really related to your problem :-(

Anyway why are you using SuperSU on CyanogenMod? CyanogenMod should have native root access. Are you aware that SuperSU is closed source proprietary app? Using proprietary app with root privileges is _really bad idea_. If security is important for you, you should never use device where SuperSU is installed, it could have backdoor in it.

If you want root access in ROM which doesn't allow it natively, use seSuperuser (modern and secure SELinux-aware fork of original Superuser app). Never install SuperSU.

[capstab]

Awesome fast reply :)

At the Moment I'm using Cyanogen OS 13 (for OnePlus One) not the CyanogenMod. It doesn't have the included root feature. Maybe I should really consider to flash CyanogenMod. Thank you for the seSuperuser tip, closed source i really try to avoid.

I will try seSuperuser now

[xmikos]

@capstab Oh, I have somehow overlooked that you are using Cyanogen OS, not CyanogenMod. I have never tested SnooperStopper on Cyanogen OS. So it is probable that some changes in Cyanogen OS are to blame. But I couldn't be sure...

[capstab]

Im pretty sure its that (Cyanogen OS). I removed SuperSU, unrooted, rerooted and installed seSuperuser. Pretty happy too be rid of SuperSU. But with SnooperStopper still exactly the same behavior. I think I will change to cyanogenmod at the weekend.

The only thing that bothers me is that it was working like I mentioned in my first post for a while.

[capstab]

Now I'm really disappointed (not by your app, I guess its cyanogenmod).

I wiped the encrypted oneplus one. After that phone is still encrypted. Installed the newest cm-13.0-20160901-NIGHTLY-bacon.zip.

Activated build-in-root in Developer Settings. Installed "from F-Droid" SnooperStopper. Gave SnooperStopper root permissions. Enabled in SnooperStopper the device admin. (Its activated in Settings->Security->Device administrator)

And still I have as many tries to unlock my Screen with my PIN. Sadly no reboot. I will play a bit more around in the Settings. If I make it I will gibe a feedback.

[capstab]

So far I did't made any progress. One short question. Did you or someone use it with success on cm13?

[xmikos]

Yes, I have tested it successfully on Nexus 5 with CyanogenMod 13.0 (snapshot from 20160316). Maybe CyanogenMod broke it since then? But I can't test it with CM again right now (don't have spare phone) :-(

[capstab]

I had an old nexus 5 (hammerhead) here. Just flashed 13.0-20160316-SNAPSHOT-YNH0EAO1QC-hammerhead. Without gapps and without encryption. Just to test the reboot after 3 failed unlock attempts.

Installed SnooperStoppper. Gave root permissions (built in cm). Gave device admin (Device admin is checked in Security settings). And again. I can put endless the screen unlock PIN. No reboot. I'm already questioning my intelligence :). I can't imagine that I do something wrong. I mean there is not much to do wrong. ;)