search

nix-community / nix-on-droid

Nix-enabled environment for your Android device. [maintainers=@t184256,@Gerschtli]
https://nix-on-droid.unboiled.info
MIT License
1.16k stars 65 forks source link

Entering from adb shell #248

Open hacker1024 opened 1 year ago

hacker1024 commented 1 year ago

Is there a way to enter the proot environment with Nix from adb shell? If so, this would be good to add to the README.

t184256 commented 1 year ago

/data/data/com.termux.nix/files/usr/bin/login

hacker1024 commented 1 year ago

Thanks. I get warnings and errors that don't show up in the app when doing this, though (running as root in case that matters, the login binary is not accessible otherwise)

warning: the group 'nixbld' specified in 'build-users-group' does not exist
error: the group 'nixbld' specified in 'build-users-group' does not exist
Gerschtli commented 1 year ago

That's strange, can you show the output of nix show-config? Maybe nix detects that you are root and tries to init daemon config. Or can you try to su into the nix-on-droid user before?

hacker1024 commented 11 months ago 
$ su nix-on-droid
-bash: /system/xbin/su: cannot execute: required file not found

$ nix-shell -p su
warning: $HOME ('/data/data/com.termux.nix/files/home') is not owned by you, falling back to the one defined in the 'passwd' file ('/data/data/com.termux.nix/files/usr/root')
warning: the group 'nixbld' specified in 'build-users-group' does not exist

# su nix-on-droid
su: pam_start: error 26

When using su to switch to the app-specific user assigned by Android before running login, it logs in as nix-on-droid, but I get a different error when trying to use nix-shell:

error: creating directory '/data/local/tmp/nix-shell-25481-0': Permission denied

$ nix show-config

warning: $HOME ('/data/data/com.termux.nix/files/home') is not owned by you, falling back to the one defined in the 'passwd' file ('/data/data/com.termux.nix/files/usr/root')
accept-flake-config = false
access-tokens = 
allow-dirty = true
allow-import-from-derivation = true
allow-new-privileges = false
allow-symlinked-store = false
allow-unsafe-native-code-during-evaluation = false
allowed-impure-host-deps = 
allowed-uris = 
allowed-users = *
auto-allocate-uids = false
auto-optimise-store = false
bash-prompt = 
bash-prompt-prefix = 
bash-prompt-suffix = 
build-hook = /nix/store/yvp7frlsjwr7c4s8z886k2w4231f9wvr-nix-2.13.3/bin/nix __build-remote
build-poll-interval = 5
build-users-group = nixbld
builders = @/etc/nix/machines
builders-use-substitutes = false
commit-lockfile-summary = 
compress-build-log = true
connect-timeout = 0
cores = 8
diff-hook = 
download-attempts = 5
download-speed = 0
eval-cache = true
experimental-features = nix-command
extra-platforms = 
fallback = false
filter-syscalls = true
flake-registry = https://channels.nixos.org/flake-registry.json
fsync-metadata = true
gc-reserved-space = 8388608
hashed-mirrors = 
http-connections = 25
http2 = true
id-count = 8388608
ignore-try = false
ignored-acls = security.csm security.selinux system.nfs4_acl
impersonate-linux-26 = false
keep-build-log = true
keep-derivations = true
keep-env-derivations = false
keep-failed = false
keep-going = false
keep-outputs = false
log-lines = 10
max-build-log-size = 0
max-free = 18446744073709551615
max-jobs = 1
max-silent-time = 0
min-free = 0
min-free-check-interval = 5
nar-buffer-size = 33554432
narinfo-cache-negative-ttl = 3600
narinfo-cache-positive-ttl = 2592000
netrc-file = /etc/nix/netrc
nix-path = nixpkgs=/data/data/com.termux.nix/files/home/.nix-defexpr/channels/nixpkgs/ /data/data/com.termux.nix/files/home/.nix-defexpr/channels
plugin-files = 
post-build-hook = 
pre-build-hook = 
preallocate-contents = false
print-missing = true
pure-eval = true
require-sigs = true
restrict-eval = false
run-diff-hook = false
sandbox = false
sandbox-build-dir = /build
sandbox-dev-shm-size = 50%
sandbox-fallback = true
sandbox-paths = /bin/sh=/nix/store/qa3lxk2xbpsxp6sc74x6wfx4f262fhxj-busybox-static-aarch64-unknown-linux-musl-1.36.1/bin/busybox
secret-key-files = 
show-trace = false
stalled-download-timeout = 300
start-id = 872415232
store = auto
substitute = true
substituters = https://cache.nixos.org https://nix-on-droid.cachix.org
sync-before-registering = false
system = aarch64-linux
system-features = benchmark big-parallel nixos-test uid-range
tarball-ttl = 3600
timeout = 0
trace-function-calls = false
trace-verbose = false
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-on-droid.cachix.org-1:56snoMJTXmDRC1Ei24CmKoUqvHJ9XCp+nidK7qkMQrU=
trusted-substituters = 
trusted-users = root
use-case-hack = false
use-cgroups = false
use-registries = true
use-sqlite-wal = true
user-agent-suffix = 
warn-dirty = true
t184256 commented 11 months ago

For me it fails even earlier:

$ su - 10445
$ id
uid=10445(u0_a445) gid=10445(u0_a445) groups=10445(u0_a445) context=u:r:magisk:s0
$ ls -l /data/data/com.termux.nix/files/usr/bin/login
ls: /data/data/com.termux.nix/files/usr/bin/login: Permission denied

No, I don't know how to su better.

hacker1024 commented 11 months ago

I think it should be su u0_a445