Android 8.0+ Changes Make Certain Resources Under /proc not accessible

[corbinlc]

Describe the bug:

When Android 8.0 was introduced various security "improvements" were added. One of these was to block access to anything under /proc not essential for a normal Android app. This effects a variety of things.

This effects various commands and often exhibits itself by giving messages like this: Cannot open /proc/stat: Permission denied

This effects programs like top, htop, pidof and many others.

See issues: #62 , #59 , #92 , #87

Device Information:

Device: Various Android Version: 8.0+ UserLAnd Version: Any

[Root-voidX]

I will definitely be following this thread!

I have a question regarding using the exectstack command on arm64, if this flag tells the system to not launch anything that requires shared resources (due to selinux issues) does that cause massive errors down the road?

[corbinlc]

That is a different issue/question. Can you add this to one of the issues related to execstack issues or create a new one?

[Root-voidX]

Yeah no problem! I swear it was discussed on one of the previous issues you closed, might of been something else..my bad!

[ibrado]

@AdamMatthewLTM FYI toybox-aarch64 (Android 8.1) ps, top, and netstat all working well. #87 #59

[Root-voidX]

@ibrado not a fix, toybox doesnt display proper values for snapdragon 845 chipset.

[corbinlc]

With the latest set of asset changes htop works in general and ps -a gives something reasonable. Need to debug later why simply ps gives nothing and why top gives nothing (top gives an error, but that error is non-fatal. It exits happily but doesn't print anything.) Next time you launch it should auto update the necessary assets.

[corbinlc]

I am sorry this one took a while to get to. It was low down the priority list. I have just spent a couple of hours on it today to get it moving. I will probably go back to looking at some more critical issues, but at least this is started now.

[schoec1]

I can confirm that ps -a is working, but I still get permission denied errors with htop with app version 0.3.4 and the latest assets (they were downloaded when starting the service) on a Samsung S8 running Android 8.0.0 using a debian file system

[corbinlc]

regular old ps without options should now work too.

[corbinlc]

@schoec1 what device do you have?

[schoec1]

My device is Samsung S8 (SM-G950F) running Android 8.0.0 using a debian file system. ps is also working, however, ps -ef delivers the usual error: user@localhost:~$ ps -ef UID PID PPID C STIME TTY TIME CMD Error: /proc must be mounted To mount /proc at boot you need an /etc/fstab line like: proc /proc proc defaults In the meantime, run "mount proc /proc -t proc" user 4564 15203 0user@localhost:~$ as well as htop: user@localhost:~$ htop Cannot open /proc/stat: Permission denied user@localhost:~$

[mscion]

Hi Corbinic. Thanks for all your efforts.

I'm confused about root in regards to mount /proc Is root required for the phone or is it with respect to the debian img you're using? Thanks again!

[franckrasolo]

Hi @corbinlc,

Starting from about the last 2-3 recent versions of UserLAnd, there appear to be further regressions possibly related to /proc on my Samsung Galaxy Tab S3 (SM-T820) with Android 8.0:

• GC Warning: Couldn't read /proc/stat
• Directory not empty when removing directories

Thanks for looking into this.

[corbinlc]

What directory are you trying to remove?

[franckrasolo]

Directories under:

• /tmp: typically during the installation of packages with Nix
• $HOME/.xdg/config/vim/plugged: when uninstalling Vim plugins git-cloned by vim-plug

[franckrasolo]

The following script should help reproduce the errors I mentioned earlier:

#!/usr/bin/env bash

XDG_DIR=$HOME/.xdg
XDG_LOCAL_DIR=$XDG_DIR/local

export  XDG_CACHE_HOME=$XDG_DIR/cache
export XDG_CONFIG_HOME=$XDG_DIR/config
export   XDG_DATA_HOME=$XDG_LOCAL_DIR/share

# create the XDG directory tree
mkdir -m 0755 -pv $XDG_CACHE_HOME/{vim/{backup,swap,undo},} \
                  $XDG_CONFIG_HOME/{gnupg,nixpkgs,task} \
                  $XDG_DATA_HOME/{home-manager,task,zsh} \
                  $XDG_LOCAL_DIR/{bin,}

# install single-user Nix
sudo mkdir -m 0755 -pv /nix
sudo chown -hRv ${USER}:$(groups ${USER} | cut -d ' ' -f 3) /nix
curl https://nixos.org/nix/install | sh || exit

source $HOME/.nix-profile/etc/profile.d/nix.sh

# bootstrap home-manager
HM_PATH=https://github.com/rycee/home-manager/archive/master.tar.gz
cat > $XDG_CONFIG_HOME/nixpkgs/home.nix << EOF
{
  programs.home-manager = { enable = true; path = $HM_PATH; };
}
EOF
nix-shell $HM_PATH -A install

Last month, the above used to work reliably, despite known/reported /proc issues.

Alas when executed on version 1.0.0 with either Debian or Ubuntu filesystem, it produces:

me@localhost:~$ ./installer.sh
GC Warning: Couldn't read /proc/stat
unpacking 'https://github.com/rycee/home-manager/archive/master.tar.gz'...
these derivations will be built:
  /nix/store/6qxnfibcl0f8hmw43pz6jiax7kn19kcc-home-manager.drv
building '/nix/store/6qxnfibcl0f8hmw43pz6jiax7kn19kcc-home-manager.drv'...
install: creating directory '/nix/store/6h9qy56jbw803gjfv2gn6nh10sg9w01a-home-manager'
install: creating directory '/nix/store/6h9qy56jbw803gjfv2gn6nh10sg9w01a-home-manager/bin'
'/nix/store/3xk328vc17bgw041h5irf45z45w65zpy-home-manager' -> '/nix/store/6h9qy56jbw803gjfv2gn6nh10sg9w01a-home-manager/bin/home-manager'
Creating initial Home Manager generation...
GC Warning: Couldn't read /proc/stat
error (ignored): cannot unlink '/tmp/nix-build-news-all.txt.drv-0': Directory not empty
error: cannot unlink '/tmp/nix-build-news-all.txt.drv-0': Directory not empty
GC Warning: Couldn't read /proc/stat
...

Hope this helps somehow.

[planck2007]

Hi @corbinlc is there any prospect for solving the / proc issue? In particular if /proc/version could be made readable then Libreoffice would probably work. Now it doesn't even start because the first thing it does is trying to read /proc/version

Thanks for your effort

[planck2007]

Hi @corbinlc, I have noticed that with the last userland update (last night) the /proc/version is readable and Libreoffice works! This is great!

Thanks a lot, I really appreciated

[mscion]

Hi @planck Which version did you use? Debian or Ubuntu? Does the command "top" work now? It did not for ubuntu. I just downloaded it today. Thanks!

[planck2007]

Hi @mscion I use Debian, but "top" does not work for me as well

[Root-voidX]

I can confirm, on the latest build of Userland on Debian, I can read /proc. I can easily screen fetch without proc error, though TOP wont work as much.

[schoec1]

I also can confirm that Libreoffice is working now! Great! Thank you very much!

top and ps show the same issues as reported earlier by me - but obviously this is not importand for Libreoffice.

[fragtion]

If we can read /proc, then why is 'top' still failing with "top: failed tty set: Permission denied" ? Seems like these issues aren't quite related as first thought ? Pls note: I am using plain Ubuntu 18.10 chrooted (not UserLAnd) - but here is the only place discussing this issue with 'top' so far. Perhaps this bugreport would be better suited for the developers of 'procps'? Tnx

[lucamaggioni]

Hi

Problem also here in Ubuntu 18 over huawei p20.

Also there's no /dev/tty0 so lxde doesn't start.

Any suggestion or workarounds?

Thanks

Regards

[sangaman]

Running Ubuntu 18.04 through UserLAnd on a Motorola G5 Plus on Android 8.1, top results in the top: failed tty set: Permission denied error as described by others.

[sangaman]

Not sure if this should be a separate issue, but when I try to install screen I get debconf: (This frontend requires a controlling tty.):

$ sudo apt-get install screen
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Suggested packages:
  byobu | screenie | iselect ncurses-term
The following NEW packages will be installed:
  screen
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 547 kB of archives.
After this operation, 855 kB of additional disk space will be used.
Get:1 http://ports.ubuntu.com/ubuntu-ports bionic-updates/main armhf screen armhf 4.6.2-1ubuntu1 [547 kB]
Fetched 547 kB in 1s (520 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
E: Setting in Start via TCSAFLUSH for stdin failed! - tcsetattr (13: Permission denied)
Selecting previously unselected package screen.
(Reading database ... 38133 files and directories currently installed.)
Preparing to unpack .../screen_4.6.2-1ubuntu1_armhf.deb ...
Unpacking screen (4.6.2-1ubuntu1) ...
Setting up screen (4.6.2-1ubuntu1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype

Edit: screen still seems to be working so I guess I'll see how it goes.

[darktech2020]

whats the bypass here? i need a fix.

[rebroad]

given that the top command hasn't been working for over 2 years, it appears that this product is no longer being maintained....