An observation about UIDs under Android, and what that means for running Linux under Android.

In this earlier posting I had written, that I had installed Linux on my Android tablet, that being the Samsung Galaxy Tab S, First Generation, and that I had done so without rooting the tablet, and without using any kind of image-file that can act as a virtual drive, via a kernel loop-mount.

Simply using this arrangement makes something obvious to me, which I have already known.

Under Android, the userids which the kernel keeps for file-ownership are one userid per app. Hence, when we run Linux on it, all the processes really have the same userid, that being the userid of the app ‘GNURoot’ in my case. The ‘chown’ and ‘chmod’ commands have no effect. This is what a regular ‘ls -al’ command reveals:

 


total 100
drwxrwx---.  2 root 9997  4096 Sep 27 17:03 .
drwxrwx---. 25 root 9997  4096 Sep 26 15:27 ..
-rw-rw----.  1 root 9997     0 Sep 27 17:03 dir_listing.txt
-rw-rw----.  1 root 9997     8 Sep 26 03:07 test_1.aux
-rw-rw----.  1 root 9997  5625 Sep 26 08:28 test_1.fdb_latexmk
-rw-rw----.  1 root 9997  5473 Sep 26 03:07 test_1.fls
-rw-rw----.  1 root 9997 18213 Sep 26 03:07 test_1.log
-rw-rw----.  1 root 9997 38253 Sep 26 03:07 test_1.pdf
-rw-rw----.  1 root 9997  1467 Sep 26 03:07 test_1.synctex.gz
-rw-rw----.  1 root 9997   734 Sep 26 08:28 test_1.tex
-rw-rw----.  1 root 9997   734 Sep 26 03:07 test_1.tex~


 

(Edit 10/08/2017 :

Here, the Android O/S itself and its (Dalvik) bytecode interpreter / flash-compiler, run as root. )

I can use the ‘adduser’ command to create a userid, which only my fake-rooted Linux system sees, and doing so assigns a useless password, but aside from that, only helps Linux organize personal data into a defined home-folder. Even if I was to proceed to launch my desktop manager as (fake) user ‘root’, as the Android kernel sees things, all the resulting processes would run as belonging to the same userid, as when I run the desktop manager as my created userid, that real userid still belonging to the one app ‘GNURoot’.

One effect this does have, is that if I use ‘GVim’ to edit a file and save the changes, I get a warning, that my userid does not have write-permissions for that file. Yet afterward, the new version of the file has been saved. Also, data which that Linux system’s applications store, does get stored. This appears to result, because GVim only looks at the UID before displaying that message, while the GID would suggest I have write-permission.

But it can become a little bit more interesting, if I use some other, non-Linux app, to store a file in one of my Linux-subfolders, and then want to alter those files from within Linux. That other, Android, file-management app has its own userid. And then there is one reason why each Android app can read the data of the other:

Each userid belongs to one group-id as well as numerous others, determined by the Android host system, that was granted because we gave both apps the permission to read and write files personally belonging to the Android user.

But, we cannot change the permission bits ourselves, nor the ownership, because we don’t really have root.

(Updated 09/29/2017 : )

Continue reading An observation about UIDs under Android, and what that means for running Linux under Android.