
Termux and Android 10 - cft
https://github.com/termux/termux-packages/wiki/Termux-and-Android-10
======
sxp
I really hope they figure out a good solution for this problem. One way I
distinguish between a "real" computer and a toy or appliance is whether you
can use the device to write software for it. With Termux, you can write Linux-
style programs on the Android device itself or even build full Android apks.

One of the other awesome things about Termux is that you can use it to setup a
pretty complete ARM Linux environment on an Android device in a few steps:
[https://wiki.termux.com/wiki/PRoot](https://wiki.termux.com/wiki/PRoot)

You can even get a GUI running if you have an XServer:
[https://wiki.termux.com/wiki/Graphical_Environment](https://wiki.termux.com/wiki/Graphical_Environment)
& [https://github.com/adi1090x/termux-
desktop](https://github.com/adi1090x/termux-desktop)

I've used this in the past to get a pseudo-Linux dev environment running on an
Oculus Quest:
[https://www.reddit.com/r/cyberDeck/comments/fc5sfr/oculus_qu...](https://www.reddit.com/r/cyberDeck/comments/fc5sfr/oculus_quest_termux_selfcontained_hmd_cyberdeck/)

~~~
AsyncAwait
The only "real" solution is to get an actual Linux phone, such as the
PinePhone[1] or Librem 5[2].

1 - [https://www.pine64.org/pinephone](https://www.pine64.org/pinephone)

2 - [https://puri.sm/products/librem-5](https://puri.sm/products/librem-5)

~~~
Sebb767
But you pay 750$ for a 3GB quad core phone; I've got these specs on a 300€
OnePlus One five (six?) years ago.

Sure, replaceable battery and open hardware are a _very_ good thing, but the
value/$ of these phones are horrendous. That's not to defend OnePlus or any
other manufacturer, but when I can get a high end Samsung or Xiaomi device
with 4 times the specs at every corner for the same price or less and simply
install Lineage on it.

I definitely support the effort and I love that they finally got the design
modern, but those prices are hard to swallow, even for someone pretty privacy-
focused.

~~~
AsyncAwait
These phones are primarily about user-freedom, privacy and my ability to do
whatever I want with a device that I've purchased, without restrictions
imposed by the OEM.

Also, honest question; What do you actually 'use' the latest specs for? These
Android/iOS phones are basically all about media consumption, something that
has been sufficiently performant for years. You have great hardware, but no
software to take real advantage of it.

On the other hand, the Linux phones can do so much more on the software side
that if they do become successful enough for a second/third... generation with
more powerful hardware, it would be much more noticeable than a paper spec
bump.

~~~
pmontra
Basically I'm using Firefox, K9 for email, WhatsApp and Telegram to chat with
friends, OSMAnd to plan and record bicycle tracks. Phone and camera. Plus
mandatory banking apps or I won't be able to do home banking.

If I buy a Linux phone I'd have to keep using my Android phone probably as my
primary device. And I've been using Ubuntu laptops as my only working devices
since 2009 so I'd love to use an Ubuntu phone. Unfortunately it lacks at least
half of the apps I need.

~~~
michaelmrose
Does your bank have a web interface?

~~~
pmontra
I have more than one bank. Work and personal and separation of risk. Of course
they have a web interface but almost all of them also need their app for two
factor authentication and authorization. The EU directive of about one year
ago.

Only one of them lets me still use a hardware key but they won't replace it
when it will run out of battery.

------
pathartl
I'm really starting to despise most OS's for having such an overbearing
security policy. I think it's really why I've stuck with Windows for so long.
For sure Windows is not as user-stupid as something like macOS, iOS, Android,
etc... but for me as a power user it's just about as powerful as I need to be.

I'm not even considering *nix distros here because honestly the market for
every day users for something like Ubuntu or Mint is really small, and those
are possibly the most end-user friendly.

I hate that macOS is starting to go the iOS route of only letting me run
applications that are Apple certified. No, I do not want to open system
preferences every time I want to launch something. I am a power user. Put it
behind some shell command or something... but have it easily documented and
marketed towards people like me.

At least we can still sideload with Android. Some changes to the API like this
those are just so annoying. Yeah there's going to be some apps that just need
pretty much unlimited access to my device. But that's OK. I've accepted that.

~~~
larrik
As someone who has been on Linux a long time, but still has to support family
members using Windows, here's my perspective:

1) Linux is usually easier in the "happy case", where everything works as it
should, and it supports everything that the user needs.

2) Linux is way way way less likely to just change something and break the
whole system while the user is sleeping. (This was REAL fun with my
grandparents-in-law when their Dell All-in-One PC decided to upgrade itself
from Windows 8.1 to Win10 despite Dell not having drivers for Win10 on their
fancy custom monitor. I have to fix it for them every 6 months now.)

3) Searching the web for Windows solutions to your issues without being a
computer expert feels like it has a >80% of infecting your computer with
malware or getting you on the phone with a scammer. As a computer expert it's
like 20% (not even zero!).

4) Fixing a Linux problem can be _painful_ , but is often "copy and paste
these config lines into this config". Arcane.

5) Fixing a Windows problem can involve having to go into the registry, which
can't be copy/pasted and is extremely difficult AND dangerous. (There probably
IS a way to copy/paste it, but I don't know it).

6) That said, it's easier to fall off the "happy path" and into real trouble
in Linux. Fixing the issue by randomly clicking stuff is more likely to work
in Windows than Linux.

7) It's way easier to find someone you know to help you on Windows than Linux,
for now.

8) Gaming is still so much better on Windows, unfortunately, but the gap is
closing.

9) The few times I've gotten family members to try Linux, they called me LESS
often for support. Even on laptops!

10) Windows is becoming increasingly user hostile in every way. Ads, forced
updates, forced settings changes, privacy issues, etc.

~~~
Andrew_nenakhov
> _9) The few times I 've gotten family members to try Linux, they called me
> LESS often for support. Even on laptops!_

This is so true.

All my family members are on Ubuntu, and it just works without any support.
For many many years. Sometimes when I visit them I click on update to the next
LTS. By the time I have to leave it is updated and runs again for 2 more
years.

~~~
CoolGuySteve
Where supporting Ubuntu falls over is when I try and support "power users".

There's like an uncanny valley of competence, between completely naive users
who just let things run and experienced users who know where the red lines are
when using sudo.

So far I've seen the following breakages:

\- completely fuck up apt somehow such that it refuses to update or fix itself

\- overwrite packages with their own compiled versions

\- mess with the system installed scripting environments

\- try and install a new kernel or graphics drivers (usually not even to get
something working but because it's "new") and consequently break the boot
somehow.

~~~
Andrew_nenakhov
yes, true. But what alternative do we have? If such a power user breaks
windows registry in a _really_ bad way, the fastest solution, by far, is to
just reinstall anything. And, again, if you are smart about having your /home
folders on a separate partition, reinstalling Ubuntu is way faster. So even in
this worst case scenario Windows loses.

~~~
wazzaps
Pop!_OS has a recovery partition with a "reset installation", which keeps the
home directory (I believe) but reinstalls everything else

------
geofft
This title is misleading for a few reasons:

\- Android 10 is not killing anything. Targeting API level 29, the native API
level of Android 10, prevents the mechanism Termux uses, but you can target a
lower API level and run just fine on Android 10, and in fact Termux _does_ run
just fine on Android 10.

\- API level 29 blocks a specific mechanism that Termux happens to use to run
arbitrary code. There are other ways to do anywhere from most to all of what
Termux wants to do, with some tradeoffs. It's not as good as the old way, but
it's hardly "killing".

~~~
agluszak
Right now apps on Google Play are required to target at least API level 28.
This will most probably be raised to level 29 in the near future, essentially
blocking distribution of Termux, at least in its current form.

~~~
zozbot234
You will always be able to download Termux from outside Play. I actually have
no idea how Termux could even work within Play policy seeing as it's
essentially a 3rd-party repo not unlike F-Droid. You wouldn't expect to find
F-Droid on the Play store, surely? You have to sideload it, and then it just
works.

~~~
Spivak
But that doesn’t mean much when the SELinux hammer drops and no app can exec
no matter where it’s installed from.

------
freedomben
As a heavy Termux user and one who describes Termux as "the killer app for
Android" this makes me sad and angry. I was very irritated when they broke
ability to send SMS from the termux CLI (in fact I forked and currently build
my own version with that patch reverted).

If I wanted a paternalistic platform I would be an iOS user (I don't mean that
as a slam, iOS obviously has its place, but it's not for me).

~~~
haecceity
Why would you want to send sms from cli? Using the on screen keyboard with
quotes and escaping special characters and all?

~~~
freedomben
Thanks for asking. My use case is programmatic. I wrote a couple of ruby and
bash scripts that automate a few different things. One is a poor-mans SMS
scheduler that allows me to have it fire off at a set time. Another parses
incoming messages and alert me differently based on content (matches against a
set of regexes), and in some cases will auto-reply. Another, I had a case
where I need to individually send out the same SMS to a couple dozen people.
With termux (and ruby) it was trivial for me to script it up.

The possibilities are (or were) endless, which is what I love about a
platform. I've always hated the UX of SMS, but people insist on using it
anyway. At least this way I use it on my own terms.

~~~
freedomben
It looks like the comment requesting a link to the fork was deleted.

I haven't kept the fork up to date with the latest patches as I haven't need
anything yet, but it's here: [https://github.com/FreedomBen/termux-
api](https://github.com/FreedomBen/termux-api)

You have to both `termux` the app and `termux-api` to get SMS functionality. I
build both at the same version so there aren't any compatibility issues. Then
make sure you don't have automatic updates turned on otherwise the Play store
will "update" you to a non-sideloaded one that does not have the SMS ability.

~~~
haecceity
I was going to say there must be apps that do this but it looks like Play
store would ban those as well because they don't want apps doing that?

I think Google should subject power user apps to more scrutiny than banning
them outright. If Android doesn't support things like these then it's no
better than iphones.

------
esotericn
I ordered a PinePhone the other day and I'm going to do as much as I can to
try and make it my daily driver.

I really can't be arsed with this stuff any more.

Why are the developers at Google acting in such boneheaded ways? Is it
literally just "I get paid loads of money, lol"? Do people not grow out of
that eventually when they have enough?

Like, you're literally a developer. Why would you make something you wouldn't
want to use? Is the company just wholly made up of people who actually don't
care about computing?

~~~
mjg59
> Why are the developers at Google acting in such boneheaded ways?

(I'm a developer at Google, but I'm not on the Android team and am definitely
not providing any sort of official response here - this is personal opinion
and may be inaccurate)

If apps can download arbitrary code and then execute it, they can bypass the
validation that's done as part of the Play Protect program. My understanding
is that there's plenty of evidence of malware in the wild that presents as a
harmless app and then downloads the actual payload after being installed on
the user's device.

~~~
mixedCase
Okay, can I just get a big popup on the Play Store saying "this app requires
the following functionality that could harm your device:

\- Run and use other applications without your consent

Unless you know precisely that this behavior is necessary for this
application's main functionality, we recommend you do not proceed". And use
some design pattern to make "Cancel" the "go-to" action for the user.

Or even more palatable for whoever's behind Play Protect: Forbid these apps
from the Play Store, and force it be done through a 3rd party store or
manually, and this can be combined with the big popup.

We know it's important to protect grandma from malware, but it's also
important to give the advanced user the _option_ to ignore this, specially for
a platform like Android that has gained the favor of many technical users
through providing some reasonable degree of control over their phones.

~~~
lonelappde
It's also important to protect non Grandma from malware.

Rugged Individualists can run TempleOS

------
altfredd
Impact of Android 10 on Termux usability is already old news.

What worries me more is behaviour of Termux developers. They make dubious
claims and effectively sabotage their own application (more on that below).

The solution to Android 10 problems — a software wrapper called "proot" [1] —
has already been found. That solution would allow to keep all of Termux
functionality and preserve existing package managers (such as apt). Proot
allows Android user to compile C code in Termux (which they currently can do)
and does not require major changes to Termux itself.

Termux developers refused to adopt proot as solution and even removed it's
mention from their wiki on Github. Instead they are insisting that all Termux
packages should be distributed in Android apk files, published on Google Play.
That "solution" has major usability issues, does not scale (it uses shoddy
Android PackageManager to track all Termux packages) and would prevent users
from using Gcc and other compilers in Termux. The only claimed upside of using
apk files is that it would better comply with Google's policies.

Termux developers justify their actions by following arguments:

1\. Termux packages require a lot of bandwidth to host, and Termux does not
have money to pay for their mirrors; hosting packages in Google Play would be
preferable. That statement is nonsense — even fringe Linux distributions like
Artix can find FREE mirrors, willing to host their packages. This is usually
done by contacting curators of existing servers, that host Linux packages, and
asking them for support. Termux is more popular than some of Linux
distributions, but it does not look like Termux devs even TRY to do that —
they apparently just sit on their hands, occasionally begging their sole
mirror provider (JFrog) for more bandwidth.

2\. Termux currently does not comply with Google's policy and it's developers
are afraid, that this will result in removal from Google Play. They are
technically right, but they are making mistake by downgrading experience of
their app in attempt to pacify Google Play censors. They are making even
bigger mistake by displaying guilt about that — Termux does nothing wrong, and
the display of guilt is a better excuse to punish them than their actions.

1: despite it's name, proot does not require root access

~~~
AshamedCaptain
There are _already_ several "Linux-like environments" on Android that use
proot. GNUroot, UserLAnd, Linux Deploy, AnLinux, Androlinux, etc.

Some of them _literally_ just package existing Linux distros such as Debian
(e.g. GNUroot) in a way thatis much more compatible and easier to mantain than
something ad-hoc such as Termux.

Termux became popular _precisely_ because _they did NOT use proot_. Proot is
great in theory -- using ptrace and hooks in order to simulate a more Linux-
like environment, ala Cygwin. In practice, it is just goddamn slow, and ptrace
just introduce MORE compatibility issues than the native Android does.

Termux had a shitton of disadvantages compared to the proot-based
distributions, such as for example the fact that every package had to be
patched in order to use the non-standard Android directory structure, making
compatibility with native Linux binaries utright difficult (not even ld is
where it should be) and reusing Linux distro scripts impossible. But _still_
it became the most popular because proot is just worse.

No wonder they completely ignore all requests to use proot.

If you want to use proot, _there is no point at all for Termux to exist_ (or
at least, for Termux the distro; the terminal emulator itself may still be
interesting, your mileage may vary). There's little point remaining for
patching packages for Termux; you can use Debian packages, so just go and use
Debian.

And to to top it off, what if a future Android breaks proot, which looks
likely?

------
ufmace
I installed Termux on my Chromebook a few years ago to try and create a local
development environment per this article[0]. It seemed to work okay, but I
never liked how janky and unsupported the whole thing felt. I couldn't bring
myself to try and build a workflow around it long-term.

And here I guess that's vindicated. Whether now or in a few years, the whole
concept of Termux is not long for this world. I guess these types of
restrictions are essentially required to keep insecure and abusive apps off of
the majority of users' devices.

[https://blog.lessonslearned.org/building-a-more-secure-
devel...](https://blog.lessonslearned.org/building-a-more-secure-development-
chromebook/)

~~~
cft
When we need to quickly diagnose and fix some sudden server issue from
anywhere, Termux is indispensable. I even bought a tiny Bluetooth USB keyboard
because of it.

~~~
blacksmith_tb
Agreed, I had been using JuiceSSH[1] but then it seemed to no longer be
supported (though I see it just got an update) so I then switched to Termux to
be able to ssh from my phone (which is running Android 10, I guess I haven't
run into these problems since I don't generally do much with the local
filesystem).

1:
[https://play.google.com/store/apps/details?id=com.sonelli.ju...](https://play.google.com/store/apps/details?id=com.sonelli.juicessh)

~~~
cft
I migrated from JuiceSSH to Termux because it allows you to run remote
diagnostic locally, ping, traceroute, schedule crons and even vibrate your
phone and display notifications to alert you. It also allows you to port
forward ssh, whereas in JuiceSSH you have to pay for that.

------
qchris
As part of my work, I occasionally need to deal with a wireless comms setup
that moves data from a roof-mounted RF antenna down into the network. Instead
of having to carry my laptop up to the roof with me (sounds simple, but oddly
enough dealing with the laptop up there is actually kind of a pain) or call
someone downstairs to run the ping to make sure the network configs line up
right, I use Termux with a scripted command to do that myself right from my
phone. It's been a major boon to my workflow, and it's going to be frustrating
to lose it.

Like a few others on this thread, I've got a PinePhone on order, and now I'm
even more stoked to have access to a terminal through it now that Termux isn't
going to be an option on my Android.

------
biggestdecision
I mean it's sad that this change will affect Termux, but at the same time I
can see why Google wants to enforce W^X on apps home dirs.

This is currently a big backdoor for apps to sneak unvetted code in at
runtime, bypasses Google's review policy. Sure Termux was using this for good,
but I guarantee that Google has examples of apps doing this to sneak hostile
code onto user devices.

Development tools often need higher security permissions on Desktop, maybe
Android just needs a "development" class of app that is more privileged?
They'd just need to enforce the limitation to development focused apps really
strongly in the review process.

~~~
dTal
If they were actually vetting the code, they could tell that an application
contained a suspicious "download and execute".

In actual fact the Play Store is full of perfectly "vetted" malware, as it
stands. What this _actually_ does is prevent the _user_ from coding on the
device.

------
mschuster91
I get why Android is doing this, even if they're not openly writing it: they
want to get in control of malvertising which downloads untrusted binary code
that is not in the APK and thus scannable for the Play Store security
scanners.

What I don't get: why aren't they creating a separate entitlement for runtime
code execution that requires manual approval in the Play Store?

~~~
zozbot234
Hopefully that entitlement would require manual _user_ approval, too. I might
not want any old free-to-play game from the Play Store to be enabled to run
unapproved code on-device, but I definitely want it for Termux.

------
burfog
There are a couple solutions, with tradeoffs of course. It's important to
remember that this isn't merely a technical problem. Some choices can be
judged by human reviewers to be violating policy.

The obvious solution is to use isolatedProcess, the isolated_app SELinux
domain, just as web browsers do. The restriction on executable code "does not
apply to code that runs in a virtual machine and has limited access to Android
APIs". Of course everything depends on what "limited access" means. Filtering
out paths that start with "/../this-is-a-limitation/../" probably isn't
enough.

Another solution is to ship all of the executable bytes. Turn an entire Linux
distribution into something like busybox. It would be possible to exclude the
non-executable pages of memory, shipping those separately as code-free ELF
files. Installing programs would work the normal way, except that the .text
sections would be empty holes in the files. As long as the mremap system call
works, a loader should be easy to implement.

------
kragen
I'm having a hard time already in Android 6. I used to be able to do things
like use Termux to move videos I'd downloaded in NewPipe into subdirectories
and delete them; apparently with Android 6 I can't do that any more.

What alternatives to Android are people using? I'm already not using the Play
Store, just F-Droid and a couple of third-party apks.

~~~
zozbot234
If you're not using Play, why not root your device? You could ultimately
bypass all of these restrictions.

~~~
kragen
Well, I don't know how to tell a safe root from a malware root (or find one
that will work for my device), and I'm ignorant enough about Android to wonder
if rooting the device means I'm running everything as root and consequently
have no protection at all from malware? I mean, it's embarrassing, but that's
the truth.

~~~
commoner
The most popular root solution for Android is Magisk. It's FOSS and doesn't
affect the device's system partition.

[https://topjohnwu.github.io/Magisk/](https://topjohnwu.github.io/Magisk/)

[https://github.com/topjohnwu/Magisk](https://github.com/topjohnwu/Magisk)

[https://forum.xda-developers.com/apps/magisk/official-
magisk...](https://forum.xda-developers.com/apps/magisk/official-
magisk-v7-universal-systemless-t3473445)

~~~
kragen
Thank you!

------
Causality1
It also kills the entire Wardriving community as well as amateur network
coverage work by putting a continually-increasing delay on how often an app
can scan for wifi signals.

------
anderspitman
Disclaimer: I'm not really an Android developer. I was considering
implementing a service I'm working on for Android and after many hours of
research determined it's not a suitable operating system for my purposes.

Personally I no longer consider Android a viable computing platform. As a
developer you simply don't have the tools available to give your users control
over their data and experience. With the changes to storage security the last
couple years, they've essentially dumbed it down to the level of a web
browser, and in the process pretty much deprecated running native (C, C++,
Rust, Golang, etc) applications.

I'm not opposed to improving security, but when you can't even run software
like syncthing or a file explorer without getting special Play store approval,
something is wrong.

I've been meaning to write a blog post summarizing what I learned.

This official video is actually a pretty good summary of some the changes made
and what the goal is:

[https://youtu.be/UnJ3amzJM94](https://youtu.be/UnJ3amzJM94)

------
app4soft
Android 5/6 support dropped by Termux devs this year.

Android 10 is killing Termux terminal app.

Hope, Termux devs would now drop back support for Android 5/6.

~~~
pmlnr
That part hurt me. One of the points of things like Termux is to make use of
old devices, so killing support really isn't helping.

------
modeless
The linked page on Android.com does not contain the quoted text about exec(),
or the linked section header. Was it removed?

Edit: seems to have moved here:
[https://developer.android.com/about/versions/10/behavior-
cha...](https://developer.android.com/about/versions/10/behavior-changes-10)

------
pjmlp
Yeah, apparently many still haven't got the message that Linux on Android is
only implementation detail and the NDK's main purpose is for writing Java and
Kotlin native methods.

The way forward is to create Termux like apps in Java/Kotlin.

POSIX is anyway not part of official stable APIs.

------
axegon_
Well that's annoying... I'm not a heavy termux user, but it's been extremely
useful in some situations - ssh proxy over abd in very restricted networks
mainly.

------
grawprog
>Issues

>Android 10 does not allow free access to /sdcard (at least file system
based).

Yeah that is kind of an issue, with plenty more apps than termux I'm guessing.

~~~
codethief
Yup. For me it's particularly painful that Syncthing will stop working[0, 1].
Though it seems there might be hope in Android 11[2]?

[2] [https://github.com/syncthing/syncthing-
android/issues/29](https://github.com/syncthing/syncthing-android/issues/29)

[1] [https://github.com/Catfriend1/syncthing-
android/issues/457](https://github.com/Catfriend1/syncthing-
android/issues/457)

[2] [https://forum.syncthing.net/t/android-11-all-files-access-
fo...](https://forum.syncthing.net/t/android-11-all-files-access-for-the-
syncthing-app/14651/13)

------
KenoFischer
What's the actual restriction? If it's literally just exec on apps outside the
app directory, why not shim the dynamic linker and rewrite calls to exec to
use that instead? Are there additional W^X protections that prevent mapping
executables outside the app directory PROT_EXEC? (Note I have no idea how
Android works so I may be missing something very basic).

~~~
zozbot234
Part of the problem is precisely that no one knows how these restrictions
might evolve in the future. There's no such thing as forward compatibility
when it comes to Android API levels.

~~~
lucb1e
Sure, but this is about API level 29, not 30+. We can speculate that API 30
will disallow non-Google-written code by default but that's not the discussion
at hand.

------
ipnon
Time to order my Pinephone.

------
noisy_boy
I turned-off automatic downloading of upgrades on my Oneplus once I found this
out. Termux is very important for me since it allows me to install the typical
tools like SSH/Nginx etc that help me connect to my phone, view my wiki
(synced between my PC and phone using Syncthing) among other things. It is a
very useful piece of software.

------
julienchastang
I depend heavily on Termux when travelling without my laptop (i.e., vacation).
With my smartphone, a bluetooth keyboard, Termux, an impressively full-fledged
emacs, a well-crafted ssh config, and my 2FA card, I can solve most or all
emergency work-related problems remotely. Hopefully there will be a solution
here.

------
dirtnugget
Just the ability to run TOR along with a node server made this incredibly
useful. This way it was possible to register an onion domain and set up e.g a
chat server with just a phone.

------
timwaagh
android 10 has been pretty bad for rooting etc. i think they would do well to
release something that us techies can tinker with though. Call it android 10
unsafe edition :) , i gotta say im pretty happy that its still possible to
disable annoying bloatware like 'settings' and 'play store' via the android
debug shell. the moment that changes im going to have to drop android
altogether, because i still dont believe in using a phone like a computer.

------
nromiun
Termux is the only reason I use Android. If it doesn't work in the future I
will most likely switch to IOS. Long term software support is much better
anyway.

------
vkaku
I love Termux. They must introduce a mode where a user can whitelist certain
applications for this, get the permission policy inside the application.

------
on_and_off
pretty annoying to read that issue thread ( [https://github.com/termux/termux-
app/issues/1072](https://github.com/termux/termux-app/issues/1072) ) and read
that instead of changing their app behavior, they just want to drop out of the
play store :/

They had 2 years to react to this.

~~~
zozbot234
Dropping out of Play is arguably the best solution because the whole point of
Termux is to run code that's been obtained from outside Play, and that kind of
thing has been contrary to Play policy for a long time. It's a custom
repository of sorts, much like F-Droid. That goes besides this whole W^X
issue, it's more general than that.

------
the8472
Would it be possible to work around this issue by reading the executable file
into a memfd and then exec() on that instead?

------
pojntfx
Projects like these were doomed from the beginning. Buy a real Linux phone,
like the PinePhone or the Librem 5 + a backup phone (I’m on Apple for that)
for the proprietary nonsense. Simple, straight-forward and clean. It’s time to
stop hacking on existing non-free platforms and time to use libre hardware.
You have nothing to loose but your chains!

------
bitwize
Wellp... what has two thumbs and plans to get a Pinephone? This guy.

------
agumonkey
Honestly had my mouth gapped open for a few seconds. Sad news.

------
remexre
I almost wonder if WebAssembly might be sufficient here? I suppose that'd
break support for third-party binaries, but you don't need exec() to load a
wasm blob /shrug

~~~
zozbot234
WASM w/ WASI is still in its early stages and cannot even support existing
applications seamlessly, let alone a full operating environment. For now, it
would be better to run a riscv64 system VM, since that architecture will both
run with comparative efficiency under an interpreter or JIT, and be well-
supported at a system level.

------
anotheryou
Could this be forked out by LineageOS?

~~~
AshamedCaptain
This is one of the reasons that "open source" by itself is not enough for
"user liberation" as it is usually painted.

What point there is to forking a platform where the upstream is as big as a
mammoth as Google, changing millions of lines per release and actively
breaking API compatibility?

Your fork will stay stuck in an API version that in a couple years will have
almost no programs written for it. Who would use that?

Your only choice is to try to match the manpower from Google and try to keep
your "fork" up-to-date. But that is also guaranteed to eventually fail as
someday Google will change something that you literally _lack_ the manpower to
revert.

Which is why I can't recommend an "open source" _Android_ phone. I don't feel
promoting Android at all, even if open source, encourages my user freedom.

------
poteznykrolik
godammit i just actually found this this weekend.

------
tbodt
This seems fairly trivial to fix by writing an ELF loader.

------
hyperpallium
nvm

~~~
johnghanks
How is it evil?

------
bla3
Please refrain from using titles that are more alarmist than the original
title. If linking to something with an alarmist title (not the case here!),
use a more neutral headline for your submission.

~~~
asveikau
I don't think it's very alarmist or an overstatement though. An android 10 app
is no longer allowed to do what termux does.

I guess with more reading they are saying they need to declare themselves as
targeting android 9 or lower until they find a solution. At some point, I
imagine, that will not be an option.

To some degree it should also be on Google to ensure that tightening security
(or perceived tightening of security) doesn't break valid use cases.

edit: Ok, for some reason I can't reply, but I see the workaround is to write
to another directory.

~~~
dueF7un3
I'm confused, because I use termux on android-10 (on a pixel2) without any
problem.

I have a cron running on it that mails my notifications to me, a ssh server
which my laptop use to send my backups on my phone, a go http server running a
local app that I use in the mobile's browser, I'll often take screenshots on
the phone, then scp them on the laptop, etc.

Am I missing something?

EDIT: I won't reply to each of you to not be floody, thanks everyone for the
clarifications :)

~~~
ShamelessC
> I have a cron running on it that mails my notifications to me.

Off-topic, but that's awesome! How do you get access to your notifications
from Termux?

~~~
dueF7un3
Termux exposes an api as binaries, putting them in `$PATH`, so you can then
call them in a any script/program:
[https://wiki.termux.com/wiki/Termux:API](https://wiki.termux.com/wiki/Termux:API)

It basically give access to most permissions an app can get. The cool thing is
that you allow the permission for termux, and then all you scripts can use
them.

But yeah indeed, the notif2mail was quite a game changer, for me :) I had a
big problem of spam calls/sms at some point, and this allowed me to get my
notifications through my spam filter and remove the spam. I also use it to
trigger desktop notification when my phone battery is low or full.

EDIT: oh, actually, it's not termux itself, but the addon Termux:API (which is
a second app, from Play Store point of view). Also, the command to list
notifications is `termux-notification-list`, but it doesn't appear in this
documentation page, for some reason. All api executable start with `termux-`,
so it's quite easy to list them from the shell.

To start cron when booting the phone, I had also to use an other addon,
Termux:Boot :
[https://wiki.termux.com/wiki/Termux:Boot](https://wiki.termux.com/wiki/Termux:Boot)

