A. Help note:

For all the tasks, build the OTA package (a zip package) on your regular VM, and then copy the package to your Android VM. On your Android VM, unpack the zip package, and run the update-binary. Reboot the machine to verify if your goal is achieved.

To run the update-binary script on your Andriod VM (assuming you have the script correctly located in the following directory), type:

# sudo sh META-INF/com/google/android/update-binary

update-binary script for task 1 is given (assuming you have your dummy.sh located at the top level directory of your OTA package):

$ cat update-binary
cp dummy.sh /android/system/xbin
chmod a+x /android/system/xbin/dummy.sh
sed -i "/return 0/i /system/xbin/dummy.sh" /android/system/etc/init.sh

students are required to construct the update-binary script by themselves for task 2 and task 3.

hints: 
for task2, update-binary should include no more than 4 simple commands; examine the lab description (the C code) carefully to figure out where the app_process64 file is located, rename it, DO NOT delete it.
for task3, update-binary should include no more than 5 simple commands (or 4 is also possible); mysu should be put in /system/xbin/, as this directory is a part of the PATH environment variable. Also, you don't need to write the C code for the server/client communications, they (C code as well as the Makefiles) are provided here: http://cs.boisestate.edu/~jxiao/cs332/labs/Android_rooting/SimpleSU.zip. After compilation, a root daemon called mydaemon will be generated, and a client program called mysu is also generated. Make sure to include both at the top level directory of your OTA package.

B. Criteria for completion:

task 1: after rebooting your Android VM, you should have a file called "dummy" inside the system, under /system. The content is "hello".

task 2: after rebooting your Android VM, you should have a file called "dummy2" inside the system, under /system. Notify the instructor as soon as you finish both step 1 and step 2.

Completion of both task 1 and task 2, would be considered as finishing 0.5 lab.

task 3: after rebooting your Android VM, go to setting->developer options->disable root access. Now, on a terminal, if you type mysu, you should get a root prompt. Run the following commands to verify so:

1. run "id", it should you your id is 0. (both uid and gid)
2. run "ps", to find out the process id of the client program (named mysu) and the child process of the mydaemon (named /system/bin/sh, owned by root). For both of these two processes, run "ls -l /proc/PID/fd", and their fd 0,1,2 should point to the same thing. (replace PID with the actual PID).
3. open a different terminal window, type ps and find out the pid of the current shell, (named /system/bin/sh, not owned by root). Run "ls -l /proc/PID/fd", this time the fd 0,1,2 should point to something different compared to the above step. This shows different processes have different file descriptors, but in the above step, the two processes have the same fd 0,1,2, it's because of the redirection.

Notify the instructor as soon as you finish step 3.

Completion of task 1, 2, and 3, would be considered as finishing 1 entire lab.