Waydroid
https://docs.waydro.id
Waydroid exemplifies a container-based approach to executing a complete Android system on a standard GNU/Linux operating systems. Waydroid utilizes Linux namespaces (user, pid, uts, net, mount, ipc) to operate a comprehensive Android system within a container and to facilitate the availability of Android applications on any GNU/Linux-based platform. Conversely, the Android system within the container has direct access to the necessary hardware components. The Android runtime environment is distributed with a minimal, customized Android system image based on the LineageOS.
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:jimed-rand:waydroid/waydroid && cd $_ - Create Badge
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| _service | 0000000312 312 Bytes | |
| dev-binderfs.mount | 0000000097 97 Bytes | |
| mount-secontext.patch | 0000000483 483 Bytes | |
| setup-firewalld.patch | 0000000565 565 Bytes | |
| waydroid.conf | 0000000192 192 Bytes | |
| waydroid.fc | 0000000520 520 Bytes | |
| waydroid.rpmlintrc | 0000000217 217 Bytes | |
| waydroid.spec | 0000006476 6.32 KB | |
| waydroid.te | 0000005633 5.5 KB |
Comments 3
Hi, I cannot get it to work with selinux in enforcing mode. I need to disable it with
setenforce 0in order to download the image.The troubleshooter recommends me to execute
setsebool -P domain_kernel_load_modules 1If I try to download the image with enforcing mode enabled I get the following error:
Binder node "vndbinder" for waydroid not foundAVC log:
type=AVC msg=audit(1764655206.460:238): avc: denied { module_request } for pid=8927 comm="python3" kmod="tcp-ulp-tls" scontext=system_u:system_r:waydroid_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 Hash: python3,waydroid_t,kernel_t,system,module_requestMaybe this can help to fix the selinux policy:
require { type unconfined_t; type unconfined_service_t; type binder_device_t; type binderfs_t; type abrt_t; type bin_t; type var_lib_t; type proc_t; type mount_exec_t; type mount_t; type uhid_device_t; type tun_tap_device_t; type tmp_t; type http_cache_port_t; type rpm_script_t; role rpm_script_roles; type iptables_t; type systemd_systemctl_exec_t; type kernel_t; # ADD class system module_request; # ADD } ... # Waydroid init from the container daemon dev_read_sysfs(waydroid_t) storage_getattr_fuse_dev(waydroid_t) getattr_chr_files_pattern(waydroid_t, device_t, { uhid_device_t tun_tap_device_t }) fs_search_cgroup_dirs(waydroid_t) allow waydroid_t tmp_t:dir read; allow waydroid_t self:process setfscreate; allow waydroid_t self:tcp_socket create_socket_perms; allow waydroid_t http_cache_port_t:tcp_socket name_connect; # Allow kernel module requests (for tcp-ulp-tls and similar modules) allow waydroid_t kernel_t:system module_request; sysnet_dns_name_resolve(waydroid_t) corenet_sendrecv_http_client_packets(waydroid_t) corenet_tcp_connect_http_port(waydroid_t)Thanks for your response. Currently, binderfs in openSUSE isn't enabled by default, and I am currently in discussion with the kernel maintainer to enable the configuration for binder modules.
https://github.com/openSUSE/kernel-source/pull/21