# [Root] ZTE z990g aka ZTE Merit



## jcase

Root for ZTE z990g aka ZTE Merit
by jcase - [email protected] - http://twitter.com/TeamAndIRC
June 16 2012 - Copyright 2012 CunningLogic
Do Not Distribute or republish without permission. (Sad that this is needed, but people/blogs like to profit off the work of others without credit)

Want to support my work? Donations are always appreciated, but never required:

https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=LZ62YFU3XCEK8
Amazon Giftcards: [email protected]

Required files:
http://dl.dropbox.com/u/8699733/chainsdd-su.zip

Unzip chaindsdd-su.zip and then get a shell with adb



> adb shell


Set up the dirs, so shell owns them prior to logging. If shell does not own them then we can not control them. If the logs dir already exists, you may have to do a factory reset to remove them. They should not exist unless someone attempted this previously.



> mkdir /data/local/logs
> mkdir /data/local/logs/kernel


Open emode's logset activity. First button should be for enabling log set, enable it. Do not exit the activity, but if you do just repeat the below command.



> am start -a android.intent.action.MAIN -n com.zte.emode/.logset


Confirm the log_kernel.txt file exists, if it does not wait a minute and check again.



> ls -l /data/local/logs/kernel/log_kernel.txt


If it exists, delete it and immediately symlink it to /data/local.prop, logset may recreate it, if it does delete and try symlinking again.



> rm /data/local/logs/kernel/log_kernel.txt
> ln -s /data/local.prop /data/local/logs/kernel/log_kernel.txt


Now we want to wait for /data/local.prop to be created, it may take a minute or two. Keep checking until it exists.



> ls -l /data/local.prop


Now once /data/local.prop exists, go back to the logset activity and disable logset. If you don't disable it, it will slowly eat away at all the disk space, and possibly overwrite the local.prop before you get root. Now lets set qemu=1 then reboot.

echo 'ro.kernel.qemu=1' > /data/local.prop


> exit
> adb reboot


Once you have rebooted, remount, install su.



> adb remount
> adb push su /system/xbin/su
> adb shell chown 0.0 /system/xbin/su
> adb shell chmod 06755 /system/xbin/su


Clean up your mess!



> adb shell rm /data/local.prop
> adb shell rm -r /data/local/logs


Reboot, install the Superuser app from the market and enjoy



> adb reboot


----------



## TheRealBeesley

Thanks man. Gonna hook up dad up with this since the merit was the only android option he had on straight talk. Much appreciated.


----------



## TheRealBeesley

Anybody gonna make an OC Kernel?







I'll be donating to jcase for root, and to whoever can overclock this thing!


----------



## jcase

TheRealBeesley said:


> Anybody gonna make an OC Kernel?
> 
> 
> 
> 
> 
> 
> 
> I'll be donating to jcase for root, and to whoever can overclock this thing!


check gtalk


----------



## TheRealBeesley

jcase said:


> check gtalk


I got back at ya buddy, but I'm in the middle of the woods, signal is spotty. I'll try ya later.


----------



## bitshifter52

I have gone through this process three times to root my ZTE Merit Z990G from Straight Talk. Every step works as described but as soon as I start an app that uses SU it says the phone is not rooted. The app Root Check Basic says, "Sorry, this device does not have proper root access."

There may be some step not outlined in the procedure that I did not perform, but I cannot figure out what it would be. Any suggestions will be very appreciated. Once I know I have rooted this phone, I will make a cash contribution.


----------



## jcase

run adb shell ls -l /system/xbin/su and past the output here.



bitshifter52 said:


> I have gone through this process three times to root my ZTE Merit Z990G from Straight Talk. Every step works as described but as soon as I start an app that uses SU it says the phone is not rooted. The app Root Check Basic says, "Sorry, this device does not have proper root access."
> 
> There may be some step not outlined in the procedure that I did not perform, but I cannot figure out what it would be. Any suggestions will be very appreciated. Once I know I have rooted this phone, I will make a cash contribution.


----------



## Joey78

Please help I have went through all the steps but i get stuck on the reboot and adb remount. it remounts successfully but when i enter any of the next 3 commands i get cannot stat su no such file or directory. how do i continue past this? When i do remount and get an adb shell I have the pound sign instead of the dollar sign which i believe means i am root but the phone is not rooted. any help will be much appreciated thank you


----------



## logikal

I have the Straight Talk ZTE Merit Z990G, and have set up the device drivers properly using the drivers provided on the phone itself. I went to settings, application settings, development, and have checked all 3 boxes (USB debugging, Stay awake, and Allow mock locations). I have installed ADB in the location: C:\ADB. I opened CMD with administrative rights, and followed the instructions from top to bottom, in order. I have even attempted to copy and paste. The only line I changed was, "adb push su /system/xbin/su", to "adb push c:\su /system/xbin/su" because the su file was located directly on my C:\. My questions are: did I do the correct thing changing that line? Do I need to keep the su file in a folder called su, and move the folder with the file inside? Also, for "am start -a android.intent.action.MAIN -n com.zte.emode/.logset", what should dload and f3 logging be set to? I am new to rooting, and have tried doing this process literally over 30 times with no success. Any suggestions on what I am doing wrong? If you need more info, please ask, and I will provide if possible. Thank you in advance!

Edit: I figured it out tonight. I had a brainstorm that maybe, because I originally had it in a folder called su, it was stored in the /system/xbin/su as a folder instead. I "cd /system/xbin/", and did a "ls". sure enough, there was a "su" folder. inside the "su" folder was a "su" file. I did a "rm /system/xbin/su/su", and then a "rmdir /system/xbin/su", and then adb reboot. I started from the beginning of the instructions, and voila, I got root. Thanks for the instructions!


----------



## ztemerit88

In trying to download the file using my merit and it keeps telling Mr download unsuccessful is there anyone who might know why


----------



## pbishop2010

Ok i need major help. I get to the step where i put this in the command prompt
ls -l /data/local/logs/kernel/log_kernel.txt

and the file exists but when i try the rm command it says permission
denied, and ive tried everything i can from starting over to starting the
adb shell in su to using the sudo command, nothing


----------



## killer zte mearit

hello im not shure is this thread is still open but i get stuck at adb push su /system/xbin/su it says no such file directory o.o what am i doing wrong to root my zte merit i punch in all the commands but never get passed the command adb push su /system/xbin/su * i have use winzip and put the file on my desktop but it still cant find it aney1 help plz would realy like to get this rooted O.O to get the crapware off and move avg to my sd card o.o and a few outher system apps or delete them complety aka facebook twiter googlebooks docs to go orkut well u get the point plz help hear if u reed this plz comment the prob i might be haveing ty


----------



## clubwin7

I am an IT person, but this does not make any sense to me. Get a shell??? Where, HOW? I am good at what I do, but this is Klingon to me.


----------



## yarly

clubwin7 said:


> I am an IT person, but this does not make any sense to me. Get a shell??? Where, HOW? I am good at what I do, but this is Klingon to me.


Must be a Windows IT person (one that never used powershell). Shell to a Linux user is cmd.exe to a Windows user.


----------



## killer zte mearit

jcase said:


> Root for ZTE z990g aka ZTE Merit
> by jcase - [email protected] - http://twitter.com/TeamAndIRC
> June 16 2012 - Copyright 2012 CunningLogic
> Do Not Distribute or republish without permission. (Sad that this is needed, but people/blogs like to profit off the work of others without credit)
> 
> Want to support my work? Donations are always appreciated, but never required:
> 
> Paypal: https://www.paypal.c...d=LZ62YFU3XCEK8
> Amazon Giftcards: [email protected]
> 
> Required files:
> http://dl.dropbox.co...chainsdd-su.zip
> 
> Unzip chaindsdd-su.zip and then get a shell with adb
> 
> 
> 
> Code:
> 
> 
> adb shell
> 
> Set up the dirs, so shell owns them prior to logging. If shell does not own them then we can not control them. If the logs dir already exists, you may have to do a factory reset to remove them. They should not exist unless someone attempted this previously.
> 
> 
> 
> Code:
> 
> 
> <br />
> mkdir /data/local/logs<br />
> mkdir /data/local/logs/kernel
> 
> Open emode's logset activity. First button should be for enabling log set, enable it. Do not exit the activity, but if you do just repeat the below command.
> 
> 
> 
> Code:
> 
> 
> am start -a android.intent.action.MAIN -n com.zte.emode/.logset
> 
> Confirm the log_kernel.txt file exists, if it does not wait a minute and check again.
> 
> 
> 
> Code:
> 
> 
> ls -l /data/local/logs/kernel/log_kernel.txt
> 
> If it exists, delete it and immediately symlink it to /data/local.prop, logset may recreate it, if it does delete and try symlinking again.
> 
> 
> 
> Code:
> 
> 
> <br />
> rm /data/local/logs/kernel/log_kernel.txt<br />
> ln -s /data/local.prop /data/local/logs/kernel/log_kernel.txt
> 
> Now we want to wait for /data/local.prop to be created, it may take a minute or two. Keep checking until it exists.
> 
> 
> 
> Code:
> 
> 
> ls -l /data/local.prop
> 
> Now once /data/local.prop exists, go back to the logset activity and disable logset. If you don't disable it, it will slowly eat away at all the disk space, and possibly overwrite the local.prop before you get root. Now lets set qemu=1 then reboot.
> 
> 
> 
> Code:
> 
> 
> <br />
> echo 'ro.kernel.qemu=1' > /data/local.prop<br />
> exit<br />
> adb reboot
> 
> Once you have rebooted, remount, install su.
> 
> 
> 
> Code:
> 
> 
> <br />
> adb remount<br />
> adb push su /system/xbin/su<br />
> adb shell chown 0.0 /system/xbin/su<br />
> adb shell chmod 06755 /system/xbin/su
> 
> Clean up your mess!
> 
> 
> 
> Code:
> 
> 
> <br />
> adb shell rm /data/local.prop<br />
> adb shell rm -r /data/local/logs
> 
> Reboot, install the Superuser app from the market and enjoy
> 
> 
> 
> Code:
> 
> 
> <br />
> adb reboot<br />


 4 windows users if u get stuck on adb push su /system/xbin/su put the su file on the main part of your hard drive so go to start go to computer and just drag and drop the su file into you c drive and type in this [background=rgb(245, 245, 245)]adb push c:\su /system/xbin/su then finsh up with thease last few commands [/background]
adb shell chown 0.0 /system/xbin/su 
adb shell chmod 06755 /system/xbin/su

[background=rgb(245, 245, 245)]Clean up your mess![/background]

adb shell rm /data/local.prop
adb shell rm -r /data/local/logs

[background=rgb(245, 245, 245)]Reboot, install the Superuser app from the market and enjoy[/background]

adb reboot

i just finshed and did root my zte merit happ as funk hope this helps ppl just rember to do all the steps be4 hand this is only if u get stuck on the adb push su /system/xbin/su command good luck and happy rooting


----------



## clubwin7

No, I figured it was like the DOS shell, still do not know how to start it.


----------



## yarly

clubwin7 said:


> No, I figured it was like the DOS shell, still do not know how to start it.


He tells you how, using adb, which is a part of the android sdk.


> Unzip chaindsdd-su.zip and then get a shell with adb
> 
> 
> 
> Code:
> 
> 
> adb shell


----------



## killer zte mearit

clubwin7 do u mean the program to use the codes ? if so its Command Prompt and u would have to unmount the sd chip and enable usb debugging be4 even doing aneything im guessing u run wins 7 command prompt can be found ez click the start butten and the bottem left corner in the box that pops up type in command and it should pop right up as command pormpt its on the pc no need to download


----------



## exoflux

After I get to here
am start -a android.intent.action.MAIN -n com.zte.emode/.logset

it comes up on my phone, I enable it then go into using the rest of the commands and it just echo's the command I wrote, the line doesn't have the shell $ either do I type the $ myself or restart adb shell or anything like that?

strike this, it worked just had to use the adb that comes with the sdk, the one i downloaded from the link seems damages, works like a charm though, nice work ty.


----------



## Mizagorn

jcase, just wanted to say thanks a whole bunch for having this post. I went through the root procedure, which took about 4 hours (I was also using posts from androidforums). I mistakenly deleted Play, and couldn't find any way to restore it. Did a factory reset, everything fine, then redid superuser in 5 minutes.

I've learned a lot from your work. Thanks again very much for being so helpful.


----------



## brandosauce

Hi i was wondering, I have restored my phone and everything, but i still don't have sufficient permissions to even do the first step adb shell... that's what my terminal is telling me.... please help!!! I want so badly to root my phone!!!


----------



## JBirdVegas

brandosauce said:


> Hi i was wondering, I have restored my phone and everything, but i still don't have sufficient permissions to even do the first step adb shell... that's what my terminal is telling me.... please help!!! I want so badly to root my phone!!!


In Linux I would say check that udev has an android config. Google udev android there are lots of topics on this subject.


----------



## jkubichek

hello, i am trying to root my zte z990g as well and i cannot get past the local.prop. it says permission denied. any help


----------



## mrdreamers

is there a videos on how to do this?


----------



## mrdreamers

im totally lost can someone show me the first step of doing this plz?
then maybe i can get the gears in motion!! ty


----------



## mrdreamers

logikal said:


> I have the Straight Talk ZTE Merit Z990G, and have set up the device drivers properly using the drivers provided on the phone itself. I went to settings, application settings, development, and have checked all 3 boxes (USB debugging, Stay awake, and Allow mock locations). I have installed ADB in the location: C:\ADB. I opened CMD with administrative rights, and followed the instructions from top to bottom, in order. I have even attempted to copy and paste. The only line I changed was, "adb push su /system/xbin/su", to "adb push c:\su /system/xbin/su" because the su file was located directly on my C:\. My questions are: did I do the correct thing changing that line? Do I need to keep the su file in a folder called su, and move the folder with the file inside? Also, for "am start -a android.intent.action.MAIN -n com.zte.emode/.logset", what should dload and f3 logging be set to? I am new to rooting, and have tried doing this process literally over 30 times with no success. Any suggestions on what I am doing wrong? If you need more info, please ask, and I will provide if possible. Thank you in advance!
> 
> Edit: I figured it out tonight. I had a brainstorm that maybe, because I originally had it in a folder called su, it was stored in the /system/xbin/su as a folder instead. I "cd /system/xbin/", and did a "ls". sure enough, there was a "su" folder. inside the "su" folder was a "su" file. I did a "rm /system/xbin/su/su", and then a "rmdir /system/xbin/su", and then adb reboot. I started from the beginning of the instructions, and voila, I got root. Thanks for the instructions!


 im stuck where you changed the line and did what you did copy and paste what you did but it says it still cant find the file or directory can you help or anyone?


----------



## mrdreamers

jcase said:


> Root for ZTE z990g aka ZTE Merit
> by jcase - [email protected] - http://twitter.com/TeamAndIRC
> June 16 2012 - Copyright 2012 CunningLogic
> Do Not Distribute or republish without permission. (Sad that this is needed, but people/blogs like to profit off the work of others without credit)
> 
> Want to support my work? Donations are always appreciated, but never required:
> 
> Paypal: https://www.paypal.c...d=LZ62YFU3XCEK8
> Amazon Giftcards: [email protected]
> 
> Required files:
> http://dl.dropbox.co...chainsdd-su.zip
> 
> Unzip chaindsdd-su.zip and then get a shell with adb
> 
> 
> 
> Code:
> 
> 
> adb shell
> 
> Set up the dirs, so shell owns them prior to logging. If shell does not own them then we can not control them. If the logs dir already exists, you may have to do a factory reset to remove them. They should not exist unless someone attempted this previously.
> 
> 
> 
> Code:
> 
> 
> <br />
> mkdir /data/local/logs<br />
> mkdir /data/local/logs/kernel
> 
> Open emode's logset activity. First button should be for enabling log set, enable it. Do not exit the activity, but if you do just repeat the below command.
> 
> 
> 
> Code:
> 
> 
> am start -a android.intent.action.MAIN -n com.zte.emode/.logset
> 
> Confirm the log_kernel.txt file exists, if it does not wait a minute and check again.
> 
> 
> 
> Code:
> 
> 
> ls -l /data/local/logs/kernel/log_kernel.txt
> 
> If it exists, delete it and immediately symlink it to /data/local.prop, logset may recreate it, if it does delete and try symlinking again.
> 
> 
> 
> Code:
> 
> 
> <br />
> rm /data/local/logs/kernel/log_kernel.txt<br />
> ln -s /data/local.prop /data/local/logs/kernel/log_kernel.txt
> 
> Now we want to wait for /data/local.prop to be created, it may take a minute or two. Keep checking until it exists.
> 
> 
> 
> Code:
> 
> 
> ls -l /data/local.prop
> 
> Now once /data/local.prop exists, go back to the logset activity and disable logset. If you don't disable it, it will slowly eat away at all the disk space, and possibly overwrite the local.prop before you get root. Now lets set qemu=1 then reboot.
> 
> 
> 
> Code:
> 
> 
> <br />
> echo 'ro.kernel.qemu=1' > /data/local.prop<br />
> exit<br />
> adb reboot
> 
> Once you have rebooted, remount, install su.
> 
> 
> 
> Code:
> 
> 
> <br />
> adb remount<br />
> adb push su /system/xbin/su<br />
> adb shell chown 0.0 /system/xbin/su<br />
> adb shell chmod 06755 /system/xbin/su
> 
> Clean up your mess!
> 
> 
> 
> Code:
> 
> 
> <br />
> adb shell rm /data/local.prop<br />
> adb shell rm -r /data/local/logs
> 
> Reboot, install the Superuser app from the market and enjoy
> 
> 
> 
> Code:
> 
> 
> <br />
> adb reboot<br />


im stuck on "adb push su /system/xbin/su" what can i do?


----------



## CrossOver30

jcase said:


> Root for ZTE z990g aka ZTE Merit
> by jcase - [email protected] - http://twitter.com/TeamAndIRC
> June 16 2012 - Copyright 2012 CunningLogic
> Do Not Distribute or republish without permission. (Sad that this is needed, but people/blogs like to profit off the work of others without credit)
> 
> Want to support my work? Donations are always appreciated, but never required:
> 
> https://www.paypal.c...d=LZ62YFU3XCEK8
> Amazon Giftcards: [email protected]
> 
> Required files:
> http://dl.dropbox.co...chainsdd-su.zip
> 
> Unzip chaindsdd-su.zip and then get a shell with adb
> 
> Set up the dirs, so shell owns them prior to logging. If shell does not own them then we can not control them. If the logs dir already exists, you may have to do a factory reset to remove them. They should not exist unless someone attempted this previously.
> 
> Open emode's logset activity. First button should be for enabling log set, enable it. Do not exit the activity, but if you do just repeat the below command.
> 
> Confirm the log_kernel.txt file exists, if it does not wait a minute and check again.
> 
> If it exists, delete it and immediately symlink it to /data/local.prop, logset may recreate it, if it does delete and try symlinking again.
> 
> Now we want to wait for /data/local.prop to be created, it may take a minute or two. Keep checking until it exists.
> 
> Now once /data/local.prop exists, go back to the logset activity and disable logset. If you don't disable it, it will slowly eat away at all the disk space, and possibly overwrite the local.prop before you get root. Now lets set qemu=1 then reboot.
> 
> echo 'ro.kernel.qemu=1' > /data/local.prop
> 
> Once you have rebooted, remount, install su.
> 
> Clean up your mess!
> 
> Reboot, install the Superuser app from the market and enjoy


dont know if you can make it simplier to understand but do I unzip it to my computer or to my phone. Also do I type in all the command on the c drive or the drive which my phone is on which is this instance is the G:/ need some major help. tried to do it numerous times but keep coming up empty handed


----------



## mrdreamers

i got another phone awhile ago sam gs2 and i rooted it but now my old phone lost its root i guess which was this one and i used this method but i totally i mean TOTALLY FORGOT how to do it, i need to know what i need again and what is the very first step before i start copy in and pastin, all i can remember is getting sdk development and the su file and pluging in my phone on debug but when i run the command prompt and paste the first line, "[background=rgb(248, 248, 248)]adb shell"[/background] i get a error device not found please help again ty


----------



## Xeorty

A shell with adb? WDF?


----------

