nix-on-droid
nix-on-droid copied to clipboard
ping setuid error
nix --extra-experimental-features nix-command --extra-experimental-features flakes shell nixpkgs#iputils -c ping google.com -c4
errors
ping: setuid: Function not implemented
ping requires root or a setuid binary.
And how do you install setuid? There are suggestion that you need to use the security wrapper
security.wrappers = {
ping = {
owner = "root";
group = "root";
capabilities = "cap_net_raw+p";
source = "${pkgs.iputils.out}/bin/ping";
};
};
But I am unsure where to put this in the flake install of nix on droid
This does not work in nix-on-droid. These are NixOS options. Also you need to root your device otherwise you are restricted to a unprivileged user.
But ping command in Termux is working well. It seems like ping command in Termux is just a wrapper of system's ping command.
~ $ cat /data/data/com.termux/files/usr/bin/ping
#!/data/data/com.termux/files/usr/bin/sh
unset LD_LIBRARY_PATH LD_PRELOAD
PATH=$PATH:/system/bin exec /system/bin/ping "$@"
But ping command in Termux is working well. It seems like ping command in Termux is just a wrapper of system's ping command.
~ $ cat /data/data/com.termux/files/usr/bin/ping #!/data/data/com.termux/files/usr/bin/sh unset LD_LIBRARY_PATH LD_PRELOAD PATH=$PATH:/system/bin exec /system/bin/ping "$@"
Trying to run /system/bin/ping google.com
returns no such file or directory
in Nix on Droid.
I got ping to work like this:
Modify /system/bin/login
by adding -b /system:/uppersystem
to the proot command line. Restart the app and run /uppersystem/bin/linker64 /uppersystem/bin/ping
. nix-on-droid seems to mask the /system/bin
and /android/system/bin
directories somehow, but I don't quite get the logic. Perhaps it could expose the real /system/bin
directory in a similar manner?
Nice, wonder if that could somehow be used towards https://github.com/t184256/nix-on-droid/issues/221
nix-on-droid seems to mask the /system/bin and /android/system/bin directories somehow, but I don't quite get the logic. Perhaps it could expose the real /system/bin directory in a similar manner?
It might be because of a proot-pseudomount to /bin, which we need for /bin/sh?
You might be interested in commits in bin-less
branch.
It might be because of a proot-pseudomount to /bin, which we need for /bin/sh?
Just to be sure, are you referring to this line?
But then why is /bin
a symlink to /system/bin
? And why doesn't /android/system/bin
contain the contents of the upper /system/bin
(due to -b /:/android
)?
I got ping to work like this: Modify
/system/bin/login
by adding-b /system:/uppersystem
to the proot command line. Restart the app and run/uppersystem/bin/linker64 /uppersystem/bin/ping
. nix-on-droid seems to mask the/system/bin
and/android/system/bin
directories somehow, but I don't quite get the logic. Perhaps it could expose the real/system/bin
directory in a similar manner?
Is there a way to declaratively modify the login script from a Nix config file?
Or maybe just add a initialization script on switch.
Is there a way to declaratively modify the login script from a Nix config file?
Or maybe just add a initialization script on switch.
I don't think there is a direct way. What you can do is build your own bootstrap zipball with this change per the instructions in the README. I suppose you could do it with awk/sed from an initialization script too.
It should be enough to fork, modify login.nix and point your channel/flake to your fork.
Though when I'm experimenting with it, I usually just edit the login script directly on a spare device =)
It might be because of a proot-pseudomount to /bin, which we need for /bin/sh?
Just to be sure, are you referring to this line? But then why is
/bin
a symlink to/system/bin
? And why doesn't/android/system/bin
contain the contents of the upper/system/bin
(due to-b /:/android
)?
My bad, /android/system/bin
seems to work too. So /android/system/bin/linker64 /android/system/bin/ping
It might be because of a proot-pseudomount to /bin, which we need for /bin/sh?
Just to be sure, are you referring to this line? But then why is
/bin
a symlink to/system/bin
? And why doesn't/android/system/bin
contain the contents of the upper/system/bin
(due to-b /:/android
)?My bad,
/android/system/bin
seems to work too. So/android/system/bin/linker64 /android/system/bin/ping
I have been using this workaround since some time but suddenly I got this error:
CANNOT LINK EXECUTABLE "/android/system/bin/ping": library "/nix/store/qbkpqssvc41v2pd9dda8s3cyxs7m0dbm-dnshack/lib/libdnshackbridge.so" needed or dlopened by "/system/bin/ping" is not accessible for the namespace "(default)"
Edit: this seems to be related to this dnshack I introduced in the past and forgot about. Without it, ping works fine.