Installing a Debian chroot on Android

This is an account of installing vanilla full-fat Debian squeeze in a chroot on Android.

This was tested on a Vodafone 845 ( a re-branded HuaWei u8120 / Joy / Ascend).

Then, on a workstation ( any architecture), insert the µSD card, and:

  sudo debootstrap --arch=armel --variant=minbase --foreign  squeeze  /media/PHONE\ CARD/debian  http://http.debian.net/debian

You might want to consider using --arch=armhf if your phone supports ARMv7. Note that then you also need to change squeeze to at least wheezy if not sid.

If you have a local mirror, replace the URL above with your local mirror.

Then remove the µSD card and replace it in the phone, start SSHDroid (which provides chroot command). Then SSH to the phone, then:

  export SDCARD=/mnt/sdcard
  export ROOT=$SDCARD/debian
  export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH
  mount -o remount,exec,dev,suid $SDCARD
  chroot $ROOT /bin/bash -l
  debootstrap/debootstrap --second-stage

Then build up the Debian system as you normally would a minimal installation.

Many thanks to all the people whose hard work made it so trivial for me to install the environment I know and love on my phone.

If you need to run binaries from inside the chroot outside the chroot, you can use ld.so:

export SDCARD=/mnt/sdcard
export ROOT=$SDCARD/debian
export LD_LIBRARY_PATH=$ROOT/lib:$ROOT/lib/arm-linux-gnueabi:$ROOT/lib/arm-linux-gnueabihf:$ROOT/usr/lib:$ROOT/usr/lib/arm-linux-gnueabi:$ROOT/usr/lib/arm-linux-gnueabihf
cd $ROOT
./lib/ld-linux-*.so* bin/ls

Available memory

Android pre-loads applications ( in some case that the user has never started) when there is free memory. This reduces the memory available to applications in a chroot.

It looks like the *_MEM properties in /init.rc along with the /sys/module/lowmemorykiller/parameters/minfree could help.

Zygote starts ?SystemServer and ?SystemServer restarts zygote, so simply killing one of them won't work. Instead, "mask" zygote from the system and then kill it:

Go to the Android root ( start telnetd -l /system/xbin/bash from Android if you wish to telnet localhost from your chrooted SSH), then:

mkdir /dev/bin
cp -a /system/bin/* /dev/bin/
cd /dev/bin/
mv app_process app_process.orig
ln -s sleep-forever app_process # have to compile sleep-forever first
mount -o bind /dev/bin /system/bin
killall zygote # actually killed the pid because I don't have killall yet

If you wish to save some RAM them use symlinks instead.

The display is now blank and ready for SDL. The input devices only partly work with SDL on the 8120 ( write your own code to read /dev/input/event*) but graphics work well.

AF_INET privelages

On android, you will need to add at least one group 3003 aid_inet for those processes which require access to creating sockets (other security guarded systems particular to Android may need addressing for other applications, search for 3003 aid_inet on the web for more detail).

exim4 and mailman chroot on Android

As well as altering inet access, the Debian-exim user will have to be added to group 3003. Further, if you experience trouble in the exim mainlog for creating sockets during DNS, try dropping privelages by adding "deliver_drop_privilege=true" to the exim4.conf.template file. For mailman, the standard setup is required, as per the README.Debian file in /usr/share/doc. However the user list must also be added to the group 3003 to allow it to send mail.