If you're looking to buy a LineageOS-compatible phone and are unsure which model(s) to consider, I try to generate an automated buying recommendation (updated daily) from LineageOS's wiki data, available here: https://johannes.truschnigg.info/tmp/lineageos_device_toplis...
The ranking is an expression of my personal preference - with a recently-released phone, it's more likely to receive firmware- and driver-level fixes in proprietary bits that make the phone tick. The number of devs (hopefully) translates into continued support by the project even in the face of single developers abandoning a particular device they maintain.
> ohmagoditfinallyhappened - LineageOS now has an awesome new camera app called Aperture! It is based on Google’s (mostly) awesome CameraX library and provides a much closer “to stock” camera app experience on many devices. Massive kudos to developers SebaUbuntu, LuK1337, and luca020400 who developed this initially, designer Vazguard, and to the entire team for working to integrate it into LineageOS and adapt it to our massive array of supported devices!
somebody tested the camera app already? photo quality was definitely a severe weak spot of LOS so far.
> photo quality was definitely a severe weak spot of LOS so far.
This is because of the proprietary closed-source blobs needed to make many newer cameras work. Lineage can't redistribute that code or they would get into legal shit.
It has begun to seem like an unnecessary risk, with the appearance of Android policies necessitating VPN Hotspot make manipulations to nftables, (https://play.google.com/store/apps/details?id=be.mygod.vpnho...), trusting Magisk, going without Clockwork Mod on many platforms, eschewing security updates.
What benefits are you guys reaping from taking root, these days?
Can it stop Google Play Protect from removing permissions on apps you haven't used in a while (while still leaving scanning intact)?
Unlike most people, I pay attention to and carefully configure permissions for my apps when I install them. Only to have Google tear down all that hard work a few months later :-S.
Yeah, I know your pain. What's worse, there is/was bug in some roms/GP versions which reset this setting upon reboot. Ugh.
I don't know how to turn this misfeature off. Lineage just has a generic slider on a per-app basis, but it still requires revisiting each apps' settings page.
It should be possible with lsposed, but I haven't found such a module.
Neo Backup and Swift Backup are my go-tos. First is free and open source, second is closed source and some features are locked behind paying but it's pretty cheap and feels more polished (only supports keeping one backup at a time though, unfortunately, and you can't browse backup files because they're forcefully encrypted).
This is a weirdly arrogant authoritarian attitude you have against other's using their devices.
By using that unrooted custom ROM, it's not like root doesn't exist anymore, you just don't have it. The people who built the ROM have root, not you. They own your phone. It's their phone, not yours.
Having access to a root shell isn't bad, or dangerous, or a security risk. Not having means not having ownership of the device.
TitaniumBackup still working fine for you? Last time I tried to restore apps on Lineage 18.1 recently in the last year most restored apps crashed until I wiped their data/cache in the settings. This basically makes Titanium a glorified app installer, mostly defeats the purpose.
The only problem I've encountered is when rolling back updates for some apps - they'd crash after restoring them from TB, so I have to uninstall them first and only then restore. But I have a fairly conservative set of apps.
Privacy and autonomy. If I don't have root then someone else owns it, and by extension, me.
Have zero cloud dependence. Nobody has my data but me. I pay nothing and give up nothing.
My phone is a linux box. I can ssh to it any time I want to get a shell. It has a permanent reverse ssh shell and OpenVPN connection out to my other systems. And no, this has almost no impact on power usage (if done correctly).
Real filesystem access without restrictions. This allows for full rsync backups and restores of any app and any data on the phone. I built a script that lets me easily backup and restore individual apps and even move/copy apps between Android devices. I also sync a variety of files on a regular basis (music, pictures, ebooks,...)
tcpdump to capture packets. I actually do this every couple of weeks/months, but it's not something I do regularly.
Call recording that actually works is impossible without root. skvalex is the best.
Adblocking, Bouncer, real screenshots in any app, real firewalling, disabling Doze and other stupid power savings that breaks shit, and a lot more.
I'm rooting to get access to my own data (typically in sqlite databases in protected /data/data partition). Then I feed it into HPI (Human Programming Interface) [1], and from that it gets into my plaintext search system [2] or promnesia [3]
> What benefits are you guys reaping from taking root, these days?
On stock Android 12+ (LineageOS 19+), superuser access is necessary even to customize the default color scheme. (Except on Google Pixel devices, which have the UI for this built-in: but that's proprietary, not part of AOSP.)
The most common use cases would be easily installing and updating apps from third-party stores (such as F-Droid through their Privileged Extension) [1] and ad blocking.
Being "rooted" can mean different things, so I'm answering in the broadest sense.
You're right of course. You don't need actual superuser access to the live system to make it work (only through recovery). And, as is the case with LineageOS for MicroG, it can already be integrated into the custom OS.
Thing is, when you start doing such things, the next step is often "rooting" the device anyway, so that you can hide what is considered being "rooted" (which can be as little as running any custom OS) from APKs with "root detection" that otherwise refuse to run.
What do you mean by "need root"? To flash? A few comments above people were mentioning how grapheneos was explicitly against rooting, so not giving users root during runtime is definitely a thing.
Root access and unlocked bootloader are very different things. Many apps need root access to work, and having an unlocked bootloader won't help. On the other hand, installing another ROM requires an unlocked bootloader, but having root access won't help with it.
you can't have root access without unlocked bootloader, simple as that
I can access everything as root from recovery with unlocked bootloader without having actual root in system, root just make it more convenient after proper boot
> you can't have root access without unlocked bootloader, simple as that
Various EoP exploits for the kernel begs to differ. That said, even though your statement is broadly true, conflating unlocked bootloader and root access in the OS under an umbrella term of "root" is still sloppy terminology. The terms are related, but don't mean the same thing. For instance, many x86 PCs essentially have locked bootloaders by default (secure boot), but you can still get root access on them because the operating system explicitly allows it.
I use root to force a 44.1 kHz sample rate for the audio to avoid resampling of my lossless music, which is all in 44.1 kHz. The difference is noticeable even over Bluetooth with aptx(HD).
I root my phone for a few reasons (in no particular order):
* Reverse engineering, mostly to satisfy my own curiosity, but also to verify that the few third party apps I install don't do scummy things behind my back. I mostly use frida [1] for this and if I want to change the behavior of something permanently, I make a module for LSPosed [2].
* Get rid of Android's awful app links feature [3]. I despise Android >=12's behavior of always opening deep links in "official" apps (eg. Youtube) by default. To open those links in third party apps by default, the user has to go into Android's settings for the app and manually whitelist domains. This module forces Android to treat every domain as "unverified", which restores the old behavior of prompting the user which app to use when opening a link.
* Call recording [4]. (Or playing audio into a phone call to rickroll friends... [5])
* Raw access to app data, mostly for extracting information from apps with no export functionality.
That said, I don't like increasing the attack surface of my devices, so I do a few things to mitigate that a little bit. I wrote some scripts to sign the Android OTA update images, apply the Magisk boot image patches, and sign the images with a custom key [6]. This way, I can keep the benefits of Android's verified boot with a locked bootloader while rooted. I also don't allow any third party apps root access. My (hacky) local fork of Magisk only allows executing `su` if the app is signed by my own key or with a password if executing via `adb`. My LSPosed build only allows modules signed by my own key as well.
I wish a solution like [6] were more widely accessible to those without a deep understanding of Android boot system internals. I'd love to be the holder of my own master keys, and the ADB password override feature sounds convenient.
You don't have to root your LineageOS install, I personally run a LOS device without root. I think some adblocking solutions need root so it might be a valid use case for some people.
> What benefits are you guys reaping from taking root, these days?
Actually owning the device I paid for, for one. Most people nowadays are glad to pay for a device only to be told how they can and can't use it, but not all of us.
I don't think it's been mentioned, but automation tools like Automagic[1] are invaluable, and need root.
[1] https://automagic4android.com/ Just noticed it's no longer maintained. One can use the more popular Tasker. Shame, though - Automagic could do everything Tasker did and was much easier to use.
I'm a long time user of AM4A. Yes, unfortunately the developer has ceased further updates, but it still works great. It is rock solid / bug free as the developer was meticulous at ensuring his releases were extremely well tested. I have also been a tasker user since the early release, but find its UI painful to use and some features are buggy/unreliable.
I think the AM4A developer just decided to give up fighting with Google's constant locking down features and functionality.
To extend its life and usefulness I've began integrating B4A (b4x.com) with AM4A. I can call one from the other and xfer data between them using intents.
Unsure if Android's sandboxing would prevent this or not - I've never tested. It's theretically possible if sandboxing doesn't interfere or can be bypassed.
If you want to control it yourself maybe consider a pi-hole or similar?
Funny. But I have to root in order to pass safetynet on my device since it doesn't pass with the official lineage build on my device last time I checked (I squarely blame Google on this not lineage devs!).
Since am rooted anyways, it is my preferred method of installing Revanced Youtube [0], forcing auto-updates [1][2] for apps the way Google Playstore does it plus other miscellaneous fixes. It's also how I install microG[3].
Root has far too many other benefits to cover in one sitting but one of my favorites include being able to use an old app called DriveDroid to turn your Android into a bootable USB device capable of running live operating system ISOs.
I did for a year then I realized Termux existed and now I run Arch Linux on my Android phone. It might still work without root (I didn't follow up to see if it would work)
Oh wow, I'm not even sure now it's what you meant, but I had no idea before this thread that you could run wayland/x11 out of termux.
How's the access to hardware - does this mean I can essentially trial what 'daily driving' a Linux phone would be like without actually buying one/carrying two devices? E.g. can you designate Termux to handle phone calls/texts?
I like being able to back up all of the data on my phone, which isn't possible without root since Google decided to support the obnoxious <application android:allowBackup="false">. I also like being able to take screenshots of all of the apps on my phone, which isn't possible without root since Google decided to support the obnoxious LayoutParams.FLAG_SECURE.
Yes, I stopped when I switched from a OnePlus 3T to Pixel 5.
My provider (and employer) kicked the 3T off the wireless network because it was not "4G compatible", though it very much is. The Pixel 5 was discounted for purchase, so I got a new phone in a hurry and never rooted it.
I really miss the pure red night color mode that required root, and with Magisk it finally became reasonably easy to cloak from bank apps and such. Now my phone's configured and I'm just too lazy to root it and start over, and I'm also happy so far with Google's security updates.
I'm also aware of the intense monitoring and collection, especially as I see advertisement tied to verbal conversations that happened in proximity to the phone. I'm halfway through Surveillance Capitalism and it makes me want to get a flip phone and pull the battery when idle. I hate to admit it, but I just don't have the energy to keep up a pure Google-free Android any longer.
I'm pretty upset how they just don't allow a perfectly functional phone on the network anymore. My 3T is just sitting there collecting dust. I CALLED their support number with a phone that supposedly doesn't work on their network. I'm talking about Verizon.
I rooted because I needed an app that would physically prevent the battery from charging past a certain point. Had just replaced a puffed-up battery, and wanted to try to prevent problems from overcharging.
Adding to the list of things that you can do with root on Android:
- App Manager[1] has a powerful feature that lets you disable trackers in every single app on the device. (Menu > 1-Click Ops > Block/unblock trackers)
- Neo Backup[2] is the most comprehensive backup app on Android, with automatic scheduling. It lets you back up and restore anything you want, including app data that the developer labeled "no_backup".
- Install and upgrade apps from third-party app stores without needing to manually confirm each installation. Extremely useful for Aurora Store[3] and Neo Store.[4]
- Universal SafetyNet Fix,[5] combined with MagiskHide Props Config[6] and Magisk,[7] allows you to spoof SafetyNet on your device to improve compatibility with apps that check for it, including some banking apps, commerce apps, and games.
> trusting Magisk, going without Clockwork Mod on many platforms, eschewing security updates
I have no problem trusting Magisk[7] as a free and open source Android rooting solution.
ClockworkMod Recovery has been discontinued for years. The most advanced Android recovery is TWRP,[8] and TWRP is not needed to root the device with Magisk.
I don't know what you mean by "eschewing security updates" since rooting Android does not prevent you from receiving security updates.
> ClockworkMod Recovery has been discontinued for years. The most advanced Android recovery is TWRP,[8] and TWRP is not needed to root the device with Magisk.
Funny, since I read your post, I realize that I actually meant TWRP - I don't think I ever actually used Clockwork!
In any case, the simplicity of escaping any bootloops afforded using TWRP really necessitated its use - if you chose to risk your device's sanity with xposed/magisk scripts...
> - Universal SafetyNet Fix,[5] combined with MagiskHide Props Config[6] and Magisk,[7] allows you to spoof SafetyNet on your device to improve compatibility with apps that check for it, including some banking apps, commerce apps, and games.
This reason seems kind of silly, since your phone will already pass SafetyNet out of the box. You only need that to keep passing it after you root.
LineageOS in particular does not support relocking the bootloader after flashing, so it needs root access and this workaround to pass SafetyNet. The SafetyNet check fails if it detects an unlocked bootloader, unless the bootloader lock status is spoofed. (The other Android-based operating systems that do allow users to relock the bootloader don't support nearly as many devices as LineageOS does.)
> The other Android-based operating systems that do allow users to relock the bootloader
If you relock the bootloader with a third-party OS, won't you still fail SafetyNet since the signing key won't be the one that Google blessed for that phone?
Yes, you're right. To pass SafetyNet, not only does the bootloader need to present itself as locked (either through relocking or spoofing), the device fingerprint must also present itself as a Google-certified fingerprint (through spoofing).[1]
I know that CalyxOS spoofs the device signature to pass SafetyNet by default,[2] though it does not spoof the bootloader lock status. (It does support relocking, but only if the device is not rooted.) For LineageOS and all other Android-based OSes that I'm aware of, MagiskHide Props Config is the easiest way to spoof both the device signature and the bootloader lock status to pass SafetyNet.
I’d love to switch to a Linux based phone. But sadly most of the important Apps will probably never be ported on there. Like my banking or credit cards apps. And all these 2FA apps needed to use them.
I think the market is yet too small for forcing companies to bring out a version for a Linux phone.
Maybe I should consider just having an old iPhone at home, with apps for doing these authentication. And use a Linux phone as daily driver for non commercial stuff. I’m tired of being trapped in a Google/Apple 1984 world.
LineageOS is a fork of Android, not some separate thing. You can set it up to have all those apps work, same as you can after you root a stock Android install.
I’m under the impression (although, no first hand experience, so grain of salt), that some apps will only run if the OS has been signed by manufacturer keys. Or something along those lines?
> But sadly most of the important Apps will probably never be ported on there.
That's not the issue. There's already software like Anbox and Waydroid that lets you run most Android apps this way. The issue is that a lot of apps go out of their way to see if you're on an unmodified Android device that's been blessed by Google and refuse to run if you're not.
Is there a reason LineageOS doesn't support recent Pixel hardware? I was planning to buy a Pixel to run Lineage, but the newest supported Pixels (5/5a) only have a support window of 3 years instead of 5 years for Pixel 6/7. And Pixel 5 is already close to 3 years old. I don't want to switch now if in a year I'll get hit with EOL and have to buy new hardware and switch to another OS.
LineageOS will keep providing OS updates long after Google stops providing updates for those Pixel devices, so you wouldn't have to buy new hardware or switch to another OS in a year.
As a matter of fact, there have been unofficial builds [1], so it's not like the newer Pixel hardware isn't supported at all. Although being Exynos-based likely doesn't help.
Besides Graphene, there's also CalyxOS [2], which is basically like LineageOS with MicroG [3].
And for those who want GApps, they might like their Pixels on stock OS. In fact one of the more popular custom Android flavors these days is Pixel Experience, [4] trying to port these features to other devices.
I looked at GrapheneOS too, but the author is philosophically opposed to letting users root their device.[1] I understand the security argument, I really do, but root is too useful to give up, and I don't want to be locked out of my own hardware. I'm informed of the risks and willing to accept the power/responsibility tradeoff.
I think the same, that's why I settled on LineageOS+MicroG. No google spyware with near-perfect compatibility with the few non-Free apps I need to use. Slap an OS-wide content blocker for trackers and ads (AdAway) and a firewall in whitelist mode (AfWall+), and you're good to go! Great battery life and no spyware.
Magisk (root app) has options to hide itself to selected apps. I had one app complain abouy beinh rooted and I added it to the hidelist. It worked. After that, I just added all my apps that don't need root to the hidelist. There is also sanboxing that creates separate environments (personal/work). I've used Island and I'm now using Shelter sandboxing after reading privacyguides. I mainly used it to run two instances of a voip phone app so I can have 2 phone numbers.
There's probably an Xposed module that may or may not work. For my local cities bus app, I used to patch the APK manually because the Xposed module didn't work (but this was many moons ago).
Your best bet is to just search for how to setup Xposed on your phone+ROM then try the different modules to see if one works for. Ideally build it yourself from source since you don't want to trust random code being injected into your trusted apps.
Since it's compatible with so many devices, it should probably run on most others too as long they support the same Camera API.
As for downloading, I'm not sure if it's available separately, which of course would be the easiest way, but you can always get the APK for it from any LineageOS build. Just download the flashable ZIP image, extract payload.bin from inside the ZIP, extract the product partition with payload-dumper-go [1]:
payload-dumper-go -p product payload.bin
and then you have an EXT4 image you can simply mount under UN*X, or extract from using numerous tools for Windows. It'll be somewhere in the /app/ directory.
gcam doesn't work on all devices, so this could in theory work on non-SD devices
plus even on SD devices gcam can crash because of various reasons, so this could be easier to install, if just APK would work, though I doubt it will be that easy
also gcam options are really bare bone, can't even choose the resolution and other stuff, so in theory this could offer more options
i recently discovered that google continues to neuter the ability to change the default Gallery and Camera apps settings (Android 11+). does lineage bring this config back or do you still have to edit files and move stuff to /system/priv-app?
not sure if there was ever a way to change the default Contacts app through UI.
hoping this new lineage is available for Zenfone 9 soon, which just got Android 13 OTA this month.
> Additionally, similar targets can now be used to build GSI in mobile, Android TV configurations, and Android Automotive (we’ll talk more about this later)
Very interesting. You could propose mirroring the list of supported devices on the LineageOS wiki (which does list all devices that were supported by LineageOS in the past) and/or the pmOS wiki (the latter because older devices will likely never support current Android, but a barebones Linux install is more likely to be useful). Then people can look into reviving devices that they have access to or can buy second-hand. (A secondary goal would be listing relevant technical specs for them, so as to spot those that could be supported most easily, e.g. on a mainline kernel free of binary blobs.)
Apologies if this is somewhat of a thread hijack, but what's the current state of "Android apps on Linux?" and is anyone aware of a guide to make this easier? It's in the state of one of those things that ought to be really easy and is probably (I'm not sure) hard due to Google resistances (as in, you used to just be able to run them in Chrome?
My use case is "my kid has a Chromebook, and along with the stupid games, there are some art apps that I see are good for her style," but I'd love to have the best of both worlds, because it really seems like it should not be that hard.
I'm messing around with Waydroid now, but it's super fiddly?
You definitely can. The experience is a mixed bag: they aren't often optimized for no-touch devices, and they often need more resources than low end devices can provide. But they definitely run without much work to install. I thought i was smart getting my kids Chromebooks but the frustrations about how poorly they run supercedes the value in my opinion.
Right, I'm sorry if I wasn't clear --- when I said "run in Chrome" I meant "in the Chrome browser regardless of OS, e.g. in Linux"
I want the kiddo to have not a Chromebook, but real Linux, e.g. Ubuntu. While the Android apps work fine, other things we do (e.g. easily saving files, dealing with local network stuff like Java Minecraft play) do not.
There is Waydroid. It doesn't use Chrome but should work on any Linux distro. I have used it in the past with some success, but not for quite some time now.
I don't want to hijack this post but I wanted to let people know I am running a Fairphone 4 (5 year warranty, 5G ready, one of the most ethical and repairable phone that exists in the market) with CalyxOS (which is based on Android 13). The experience is pretty amazing, and with a combination of FOSS apps through F-droid and microG + Aurora Store, I have managed to have a fully functional phone without connecting my phone to a gmail address/account.
All my bank apps are working 100% surprisingly (I am in the UK and also have a French bank).
I am really grateful to open source developers spending time doing this, be it LineageOS, CalyxOS, microG, Aurora, F-droid or all the open source apps on F-Droid.
It's also interesting to see how Google is now departing from the native open source Android, making its own version optimized for the Pixel phones (and only releasing their flagship app like Camera for the Pixel) and locking you in with a Google account like Apple is doing!
Man, I would love to get a Fairphone, but they won't sell it to the US, and even if I spent an exorbitant amount having it imported, the modem inside isn't programmed for US frequencies so network compatibility will be flaky or non-existent. But it just seems like the perfect phone to me...
I've wasted the best part of the past hour trying to find a phone that's supported and under 200€ in the online page of a nearby shop. Not sure about the reason, there are older and newer phones in both, but never at the same time :-(
A little tip: follow the XDA blog label LineageOS in your RSS reader. I've found it the easiest way to know which devices have been ported officially. Devices get added all year long, but LineageOS only mention them in their blog in the roster section of the next version post.
Thank you, also to the others that suggested alternatives. I'm not much of new year resolutions, but this 2023 I'm promising myself to set some limits with our digital landlords.
Always a difficult relationship, but these last two or three years have been specially infuriating: useful features that disappear for no good reason and new useless impossible-to-disable annoyances.
But it won't receive even security updates going forward [0]. Whilst LineageOS might be able to patch any issues in Android itself, any vulnerabilities in a binary blob will not get fixed.
I’d like to know this, too. I use an android phone with an unofficial LineageOS rom for app development, but it’s getting very long in the tooth (OnePlus X), and I’m a couple versions of Android behind. I purchased that phone broken on ebay, then fixed it, so it was super cheap. I guess I’ll just browse XDA.
The ranking is an expression of my personal preference - with a recently-released phone, it's more likely to receive firmware- and driver-level fixes in proprietary bits that make the phone tick. The number of devs (hopefully) translates into continued support by the project even in the face of single developers abandoning a particular device they maintain.