CalyxOS (is coming to) is here for FP4!

Hasn’t this always been the case in FOSS, I mean look at Stallman.

I just like to let the purists do their thing and if they produce something I like, I’ll use it. Otherwise I’m not getting involved in their infighting. There are only so many hours in a day, I have better (happier) things to do than argue over whose project is really true (to use metal :metal: terminology :smirk: ).

7 Likes

question to the ones, using calyxOS:

Is the Dature Firewall a VPN based one, like netguard, TrackerControl, etc…? Or a system app, that another VPN is in parallel usable?

The screenshots suggest a VPN running…

grafik

As the promise that you can use a VPN, I guess it is not VPN-based.


Additionally, have a look here:
https://calyxos.org/docs/tech/datura-details/

1 Like

On devices with Linux kernel versions higher than 4.9, the bandwidth restrictions make use of eBPF

Nice, so it’s a proper (modern) system-level firewall :metal::smiley:

1 Like

@AlphaElwedritsch

re: gps

$ host supl.vodafone.com
supl.vodafone.com is an alias for supl.google.com.
supl.google.com has address 64.233.177.192
supl.google.com has IPv6 address 2607:f8b0:4002:c02::c0

iodeOS only included the no IMEI to SUPL patch after I prodded them in 2020/11:

Also related:

https://gitlab.com/CalyxOS/calyxos/-/issues/618
https://github.com/GrapheneOS/platform_frameworks_base/pull/111

And no ROM besides DivestOS has yet to disable A-GPS MSA afaik.

https://en.wikipedia.org/wiki/A-GPS#Modes_of_operation
https://gitlab.com/divested-mobile/divestos-build/-/blob/master/Scripts/Common/Functions.sh#L453-454

re: dialer
That is a Lineage feature afair and it is default disabled since 2018.

https://review.lineageos.org/q/gdpr

re: ntp
The proper endpoint should be 2.android.pool.ntp.org, as it supports IPv6 and has the correct vendor prefix.
Per their site:

Do not use the standard pool.ntp.org names as a default configuration in your system.

re: captive portal
So instead of blending in with every single other Android device for captive portal checks, you both disclose your IP to a third party (granted a reputable one) and also disclose to any adversary on your local network that you are not running “normal” software.
DivestOS instead leaves the default, but adds an option in Settings app to disable.

2 Likes

First test build…based in A12L

4 Likes

Yes, seen it and jumped out of bed just to remember that I have no time to test it over the weekend.

2 Likes

I, for my self, have decided not to test it for the time being. i am more than satisfied with my iodé

I’ll wait and see :wink:
There are still too many bugs in the A12 and the optics of A12 is also not mine

However, I’ll download it and analyze their installation process.
In the test builds, the installation must be done manually. The installer is not available yet.
The bootloader has to be locked manually with fastboot.
I’m curious to see how many will use it to brick their FP4…
But will also show new findings whether the Re-Lock problem on the FP4 also shows with calyxOS further. As with the other custom ROMs

  • Installation went fine, nothing to report there
  • No immediate problems, will have to check all my apps first
  • The A12 UI is ginormous, but I kinda like it, setting a grey background will tone the whole UI to a nice monochrome color scheme :+1:
  • Didn’t lock the bootloader, obviously :smirk:

I’m liking the experience so far :smiley:

7 Likes

Interesting that it works without locking the bootloader.

Have you had a look into the flashing script? After about 50 posts scattered over 12 threads regarding FP4 not booting anymore, I lost track. But it seems to me that you have understood it. Is the script doing the correct things to not do any harm to the phone?

A script can AFAIK never lock your bootloader (it can just trigger it). You imho always have to agree on the screen of the FP4.

4 Likes

None of the available custom ROMs (or the factory images for that matter) have code in their install scripts to lock the bootloader. They could, but you’d always have to press a button on the device to confirm it, as @Volker said.
You wouldn’t want that functionality in your script anyway, way to many possibilities for things to go sideways… (as we all have witnessed :see_no_evil:)

Locking the bootloader isn’t a requirement to run Calyx, it’s an additional feature.

I’m going to install Magisk next, so I have no intention of locking my bootloader.
My reasoning for running Calyx is easy access to microG preinstalled, a nice built in firewall (haven’t played with it much), almost no preinstalled apps (compared to /e/) and access to the newest Android release (I like my distributions rolling :smirk:).

2 Likes

Interesting, I thought for CalyxOS it was a requirement. If I were going to install it and if I wanted to relock, what would be the steps to not brick the device?

The installation instructions say

Re-lock the bootloader using fastboot flashing lock

Is that correct for the FP4? Would I have to lock critical, unlock critical before or do some other magic?

The install instructions don’t mention fastboot flashing unlock_critical, but I had them unlocked already, so I can’t say.

That is correct. Those commands are the same for every ROM.

I can’t tell you. Maybe fastboot flash avb_custom_key avb_custom_key.img as iode and Calyx have started using makes this less likely.
I for one am waiting for Fairphone to investigate all the bricked devices with vanilla FPOS first, not gonna touch locking the bootloader before there is some clarification.

Edit: From what I can tell, compared to the factory install script, Calyx are flashing some of the partitions through sideloading in fastbootd maybe that makes unlocking critical partitions not necessary.
But someone else will have to try, I already installed Calyx several times (to look for errors) and I’m not going to touch fastboot flashing lock_critical either, any command involving fastboot and “lock” doesn’t feel right :smirk:

3 Likes

Looks like this by default:

with all default apps installed. But I quite like the initial dialogue where you can select or unselect the installed default apps…

4 Likes

@Volker have you re-locked your bootloader?

No, currently not daring it (although CalyxOS itself again reminds to lock it on starting the OS)… :grimacing:

2 Likes

I have an “old” Pix5 here. My old business phone.
I use this with original OS for my Banking 2FA apps.

I installed calyxOS on that for testing. And oops, some of the apps don’t work. I knew that…

But anyhow, I wanted to test calyxOS and so I did it.
Now, back to Stock because of my 2FA apps.

Result and lessons learned.
Nothing different as on original A12, and again I don’t like it :rofl:
Enough that I have to life with it on my stock Pix5. But i switch this one on only once a month or so…

The End
I will stay on iodé on my FP4. I LOVE it. I leave it. I don’t touch it :wink:

Pix5 keeps on stock with as many goolag apps deactivated and deinstalled as possible.
Just for 2FA

But fuck, this little road-trip this afternoon has meant that i have to set the whole thing up again
That takes longer than the little trip itself :rofl:

1 Like

@Volker and @hirnsushi did anyone of you test the cameras? Does wide angle and 48 MP work?

2 Likes

I follow your lead, Sir. Thanks for all the info on IodeOS here and thanks for making sure I am not sacrificing all the work I had to customize it to my demands just to check out CalyxOS. Highly appreciated!

1 Like