@itsclarence made a new eOS-Q-build for the Samsung Galaxy S6 (zerofltexx).
Make a backup before flashing, and please share your experience with this build.
1 Like
Good morning,
do I understand correctly that a new build is available for zerofltexx that is actually functional?
Kind regards
Forumsnutzer
And it does work! At last a new build! Thank you so much! 
1 Like
Good morning,
these two security warnings were showing on my phone this morning.
Saying
- This build was signed with public keys.
- SELinux is not in “enforcing mode”, the security is undermined by that.
Is is a reason to be alarmed? Is there anything I can do to fix this?
Kind regards
Forumsnutzer
Hallo, let’s first define what public key and SELinux mean.
This build was signed with public keys
I found an answer online : Android uses a key to sign apps, but by default, that key is well-known and available in the ROM source tree. Since apps that are signed by those keys and that are installed as a system app can obtain special permissions, a warning was put in place if the default key is used.
SELinux is not in “enforcing mode”, the security is undermined by that.
Here is an explanation of what SELinux is
Kurzgesagt : As part of the Android security model, Android uses Security-Enhanced Linux (SELinux) to enforce mandatory access control (MAC) over all processes, even processes running with root/superuser privileges (Linux capabilities). Many companies and organizations have contributed to Android’s SELinux implementation. With SELinux, Android can better protect and confine system services, control access to application data and system logs, reduce the effects of malicious software, and protect users from potential flaws in code on mobile devices.
Is it a reason to be alarmed?
Yes, both are security flaws. I am however not knowledgeable enough to tell how seriously it impacts security.
Is there anything I can do to fix this?
Public key : When it comes to the public key part, I think that a way to fix this would be for the one who built it, @itsclarence to sign his build with his own key.
SELinux : Since what you mention also affects the Q build running on my S6 Edge, I tried to fix the SELinux part following this post. However, using the SELinuxModeChanger app did not work, I think therefore that it probably will not work on your S6 either. I tried various other methods, none of which worked, but feel free to try yourself. I suppose the only way to fix this would be in the building process. I do not know if it has to do with the sources used or something else, maybe people who build can comment to enlighten us.
1 Like
I happened to find that there is a new build available already, an official one even, which I just tried to install.
But when installing TWRP notified that the Zip signature verification failed.
Is there a solution to this?
@itsclarence, @Bryophytae,
do you know how I could fix the aforesaid problem?
Oh, and as of late I cannot retrieve new builds anymore from this link:
https://images.ecloud.global/dev/zerofltexx/
That was still possible at the time when I downloaded the build at the time of writing the above post.
Or was my above post from 13 days ago again flagged as spam?
What is going on with this forum?!?
The dev builds for the S6 have been taken offline as the device is not currently supported. I believe it is fair to say that it is presently unknown as to whether or not it will become supported officially again.
1 Like
As @mcmd said, the S6 and S6 Edge are no longer officially supported by /e/. The ex-official dev build that you downloaded is based on Android 7 “Nougat”, whereas itsclarence published Oreo (Android 8) and Q (Android 10) unofficial builds, which is a great way to keep this “old” device running and somewhat up to date.
If an unofficial build runs well and has a large enough user base, it could become official again. However, based on the few problems encountered (SELinux, phone call volume, bootloop caused by encryption, camera crash,etc.), I do not think it will be official again anytime soon.
Regarding your question about zip signature verification, I do not know. It could be because it is no longer supported. I usually verify the checksums provided next to the download link in order to make sure the file I downloaded matches the one /e/ made available, and consider it enough.
1 Like
Alright, thank you for letting me know.
Thank you @Bryophytae for giving some background knowledge.
Unfortunately I cannot retrieve the checksum any longer. But do I understand correctly that if I install the ex-official build that I downloaded (assuming that I was able to do so), it would downgrade my phone to Android 7, while itsclarence’s build, albeit not the newest, gives me access to a Android 10 (which it does on my phone)?
Yes, that is correct, your phone would be downgraded to Android Nougat. (The n in e-0.14-n-202101[…] stands for Nougat. For Oreo, it is O, P for Pie and so on) However, I do not know if the ex-official Nougat build you downloaded is stable. If you want to know, you should test it. I remember that, at least for the S6 Edge, many official builds did not run smoothly (e.g. random reboots), and the last stable build was in February 2020.
If it is stable, the pros and cons of the ex-official Nougat build are (As far as I can tell with my limited knowledge) :
Pros
- SELinux is enforced
- it is signed by /e/
- it should be possible to encrypt it without causing a bootloop
Cons
- No recent Android 10 features
- No Android 10 platform security patches
- No /e/OS updates
For both Android 7 and 10, vendor (i.e. Samsung) security patches are out of date, (see in Settings > Trust) so they are equally vulnerable in this regard, as are many phones supported by custom ROMs.
Android 10 platform security patch is up to date, which is a plus for security, but as mentionned in my previous comment, in the Q build SELinux is not enforced and it is signed with public keys, which is bad for security. It also cannot be encrypted. In a nutshell, none of those builds are perfect, you need to figure out which one best fits your criteria. For my limited minimalist phone usage, the Q build is per-fect, and I’m super happy it exists.
1 Like
Thank you once more for the detailed information!
From what you write, given my very limited understanding of the matter, the pros and cons seem to somewhat balance each other.
And I was not able to test the ex-official Nougat build anyway, as I could not get past the failed signature verification when trying to install it.
I as well am a rather minimalist user, so if that is fine for you, I guess it is fine for me as well!
There are new builds for zerofltexx/zeroltexx. Take a look at this repo. https://github.com/Exynos7420
Thank you, @nsherbina1999, for sharing. I had a look at it, but it’s all Greek to me.
Could you point to something in there that might be of use to me?
It is sources for the newest builds of LineageOS 17.1, which can be useful for /e/ devs. Hope they will see it.
1 Like
@itsclarence, perhaps the repo can be helpful in any future unofficial update. Thanks to @nsherbina1999 for this!
2 Likes
Who is willing to test a new build for the zerofltexx?
Be safe and backup first.
4 Likes
Probably me
It may take me a few days but I’ll do it and let you know how it goes. Thanks for doing the work!
EDIT UPDATE #1: Days turned into hours as I channeled my inner @SuzieQ Downloaded the OS zip without incident and transferred it to internal device storage via USB. Set the device to restart in recovery (Settings/Developer Options/Advanced Restart) which it then did From there I used TWRP to backup all partitions (except cache) and then installed the 0.15 UNOFFICIAL /e/OS Q build provided by @itsclarence without incident.
On first boot WiFi and SIM Card were immediately recognized- no device error messages. SELinux still is disabled (as expected), MicroG self-check was good and Android platform patches are up to date! Going to walk around with the new build for a few days and report back in. Thanks again @itsclarence 
and cheers! 
Now we need to figure out the process of getting him private keys to sign these builds so that SELinux can be enabled- Anyone have any insight on that? 
2 Likes
Great! I have also already installed it. 
I will not be able to give an as sophisticated test report, as I am not competent enough.
But so far everything works fine, no incidents yet.
Camera seems to work better than before, not as many hang-ups.
Delete pop-up windows in the menu can be seen again (in the previous build CANCEL and DELETE were pickable, but not visible).
This does still show up: