--unshare-ipc error when running on an Android kernel

[Jacobw1oo]

I am on android chroot ubuntu 24.04 (no SNAP), been working thought issues: Fixes so far sudo chmod 4755 /usr/bin/bwrap sudo mount --bind $ROOTFSPATH $ROOTFSPATH

currently works bwrap --unshare-net --unshare-user-try --bind / / echo hi

causes error bwrap --unshare-ipc --bind / / echo hi results bwrap: creating new namespace failed: invalid argument.

[smcv]

If the Android kernel doesn't support IPC namespaces, then neither can bubblewrap. Bubblewrap can only do things that your OS kernel will allow it to do.

[Jacobw1oo]

i am digging into it. I should have access (root) to mount anything needed. New testing command that fails unshare --user --pid --map-root-user --mount-proc --fork bash At android root level unshare is having issues. unshare -U -p -r --fork bash fails.

[Jacobw1oo]

After my digging, your right the unshare command from my android is bugged, more than half the commands do not work.

[smcv]

unshare and bubblewrap are primarily designed to run on ordinary desktop/server Linux, which is not really the same as Android: Android often uses very old or feature-limited kernels.

I suspect that if you looked into it, you'd find that the unshare command and bubblewrap are both working fine (they make the intended syscalls into the kernel), but the kernel doesn't support or doesn't allow everything that you are trying to do. If that's the case, then there is likely to be nothing that bubblewrap can do to solve this: if the kernel doesn't accept the syscalls we need to use, then that's a kernel limitation that can only be fixed in your Android device's kernel.

For example, the most likely reason for bwrap --unshare-ipc to fail is if your kernel wasn't configured with CONFIG_IPC_NS=y when it was compiled. If that's the case, then the kernel feature is just missing, and there is nothing that bubblewrap can do to magic it into existence.