Looking to exhaust the capacity of our Android devices, sooner or later we are confronted with terms like „root“ and „modding“. With many a device we get close to despair trying to find a compatible „rooting method“. But for a while, in this context one hears of an universal tool that seems to work for all devices running Android 5 (Lollipop) or above: Magisk.
What is Magisk?
As already mentioned in the teaser, Magisk is putting a Magical Mask on top of the file system of the read-only mounted system partition. That means, no changes will be applied to the partition itself – it just looks like by the means of the mask (think of an overlay filesystem). Compared with other methods, Magisk has several advantages:
- The system partition remains untouched („systemless root“) – OTA updates will remain possible (how to deal with them is described in the documentation).
- A "Root-Hider" („Magisk Hide“) ships right along to hide the existence of root from certain apps. Even the SafetyNet check is fooled; things like Android Pay, Snapchat & Co. can still be used.
- Using additional modules you can extend the scope of functions provided.
- Magisk is 100% Open Source.
John Wu (@topjohnwu) of Taipei, Taiwan is the driving force behind the project. He provides Magisk as Open Source Software (using the GNU General Public License / GPL 3.0+). The name „Magisk“ has nothing to do with a mythical creature of the Harry-Potter-universe (that was a Basilisk): it´s rather a combination of the words „Magic Mask“ (see emphasis above). As that is exactly what Magisk does: it „masks“ accesses to the system partition – and reroutes them accordingly.
To perform its tasks without modification of the system partition, Magisks replaces the so called „Boot Image“1 – and thus inserts itself into the very beginning of the boot process. This way it gains control on the entire system. To apply the necessary modifications, the installation script will need elevated permissions. For this, it is run in the so called „Recovery Mode“2. As Android´s standard recovery doesn´t accept „foreign packages“, some preparations are required:
Unlocking the bootloader
With the standard recovery not fitting our needs, we need to install a custom recovery. To do that, we first need to unlock the bootloader – as a locked bootloader doesn´t allow us to install a custom recovery.
Locking the bootloader is a security measure. Manufacturers not only want to protect their devices from unwanted modifications (which might lead to additional service requests) – but also want to save the user from data thieves. With an unlocked bootloader, the latter could start (or even install) their own system or recovery images and with those access a device even if it´s locked with a password – meaning they could easily get hold of everything stored on the device. A locked bootloader prevents running such software. Unlocking the bootloader almost always implies performing a factory reset (i.e. deletion of all user data and configuration), to prevent the unauthorized this approach.
It´s not unusual that unlocking the bootloader includes some manufacturer or even device specific steps. You can find the corresponding guides in the internet; first place to look usually is the matching device section at XDA Developers. In general the steps resemble:
- Boot into bootloader/fastboot mode.
This can be done e.g. using
adb reboot bootloader– or with the device turned off, pressing „VolUp“ and „Power“ simultaneously (and keep them pressed for a while).
- Check the current state:
fastboot oem device-info
- Request a bootloader unlock:
fastboot oem unlock
The last command can be device specific (e.g.
fastboot -i 0x18d1 oem unlock-go or
fastboot oem unlock-go). Some devices allow everything with a single command, like
adb reboot oem-unlock. Again others make it more complicated, and you first need to request an unlock code from the manufacturer.
In any case you will need the ADB and Fastboot Utilities. Most Linux distributions provide them in a package named
android-tools, or split in two packages
android-tools-fastboot. For other systems you can find hints at Stack Exchange: Is there a minimal installation of ADB?
Install a Custom Recovery
As already mentioned on the topic of „recovery mode“, the standard recovery shipping with most devices doesn´t accept „foreign packages“ (i.e. not signed by the manufacturer himself). As a replacement, the recommendation is (if available for the device) TWRP. A list of officially supported devices can be found at their website – each with download and installation instructions. If your device isn´t listed there, you still can hope for one of the many „inofficial ports“ – which again are mostly found in the device specific sections at XDA Developers.
First you need to download the recent Magisk ZIP – which you can e.g. find in the recent thread of the Magisk Forums or also at https://magisk.me/zip/. Copy the ZIP to your devices SD card (don´t unpack, just copy it over). Now we can start:
- boot into recovery mode
- chose „Install“, then „Install from SD-Card“
- pick the Magisk ZIP you copied there and confirm the install („Flash“)
- after successful installation, restart the device („Boot System“)
That´s all. As soon as the device is started up again, you should find a new app in the drawer: Magisk Manager. Future Magisk updates are applied by this one.
Following the first start of Magisk Manager, you will want to adjust the settings to reflect your needs. For example, who should have root access: apps or ADB as well? The owner only – or even secondary users? Do you want to be notified whenever anything uses „root powers“?
Also recommended: activate „systemless hosts“. This way ad blockers like AdAway automatically profit from that. Further you can chose the apps to hide root from in the „Magisk Hide“ menu. In „Superuser“ you find the apps having asked for root access until now. For each of them you can specify whether root access should be granted, logged and notified. A history can be found under „Log“.
Extend Magisk: Modules
In analogy with Xposed (which I indroduced here two years ago) you can extend Magisk with modules, even with a „systemless Xposed“. Installed modules you will find in the „Modules“ menu – which of course initially is empty. Available modules are listed in „Downloads“, and can be installed directly from there. You should have an eye on compatibility, as even modules incompatible with your device or Android versions are listed: e.g. you find the Xposed module listed for SDK versions 22, 24, 25, 26 und 27 – while only one of them matches your system (in the screenshot: SDK 23).
When using Magisk and Xposed modules together avoid overlaps. You should e.g. not use Greenify4Magisk and the Greenify Xposed Modul simultaneously. If you do, you risk „unwanted/unexpected side effects“ which can be very nasty.
The initiale system is loaded from the
/bootpartition, and provides basic information. This includes e.g. device information (
/dev), but also the "RootFS" – the "root directory", under which the entire directory tree is built. Depending on the Android version, either initrd ("initial ram disk") or its successor initramfs (initial ram filesystem) is used. As soon as the device is fully booted up, the
/bootpartition itself is no longer mounted: its commands performed it has done its job and is no longer needed (at runtime). ↩︎
The Recovery Mode is is intended to apply system updates or revert your Droid to its factory settings. Android devices usually ship with a very restricted recovery mode (identified by the name
<3e>) which only accepts packages signed by the manufacturer itself. Custom Recoveries go beyond that. The most widespread are TWRP („Team Win Recovery Project“) and CWM („ClockWork Mod“). Only with a custom recovery, the name „Recovery“ is fully justified – as they offer additional functionalities such as a full backup/restore or even an integrated file manager („Aroma“).
To boot your device into recovery mode, you usually keep the „volume down“ button pressed together with the power button, for a few seconds. ↩︎