diff --git a/Dockerfile b/Dockerfile index 58f1a96..4334aa4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -93,7 +93,7 @@ RUN apt-get update && \ # WM fvwm xterm \ # debug utilities - busybox file strace less && \ + busybox figlet file strace less && \ # ... useradd --create-home --home-dir /home/user --uid 1000 -G systemd-journal user && \ curl -L -o /docker-entrypoint.sh https://raw.githubusercontent.com/AkihiroSuda/containerized-systemd/6ced78a9df65c13399ef1ce41c0bedc194d7cff6/docker-entrypoint.sh && \ @@ -104,10 +104,14 @@ COPY --from=anbox /anbox/build/src/anbox /usr/local/bin/anbox COPY --from=anbox /anbox/scripts/anbox-bridge.sh /usr/local/share/anbox/anbox-bridge.sh COPY --from=anbox /anbox/data/ui /usr/local/share/anbox/ui RUN ldconfig -ADD anbox-container-manager.service /lib/systemd/system/anbox-container-manager.service +ADD src/anbox-container-manager.service /lib/systemd/system/anbox-container-manager.service RUN systemctl enable anbox-container-manager -ADD unsudo /usr/local/bin -ADD docker-2ndboot.sh /home/user +ADD src/unsudo /usr/local/bin +ADD src/docker-2ndboot.sh /home/user +# apk-pre.d is for pre-installed apks, /apk.d for the mountpoint for user-specific apks +RUN mkdir -p /apk-pre.d /apk.d +ADD https://f-droid.org/FDroid.apk /apk-pre.d +RUN chmod 444 /apk-pre.d/* VOLUME /var/lib/anbox ENTRYPOINT ["/docker-entrypoint.sh", "unsudo"] EXPOSE 5900 diff --git a/README.md b/README.md index 72ee68b..97446f5 100644 --- a/README.md +++ b/README.md @@ -60,18 +60,18 @@ docker run -td --name aind --privileged -p 5900:5900 -v /lib/modules:/lib/module > NOTE: `--privileged` is required for nesting an Anbox (LXC) inside Docker. But you don't need to worry too much because Anbox launches "unprivileged" LXC using user namespaces. You can confirm that all Android process are running as non-root users, by executing `docker exec aind ps -ef`. -Connect to `5900` via `vncviewer`. +Wait for 10-20 seconds until Android processes are shown up in `docker exec aind ps -ef`, and then connect to `5900` via `vncviewer`. -Future version will support connection from Web browsers without VNC. +If the application manager doesn't shown up on the VNC screen, try `docker run ...` several times (FIXME). Also make sure to check `docker logs aind`. + +Future version will support connection from Web browsers (of phones and tablets) without VNC. ### Installing apk packages -Use `adb install` (To be documented). +APK files mounted as `/apk.d/*.apk` are automatically installed on start up. You can also use [F-Droid](https://f-droid.org/). - -F-Droid will be installed by default soon. - +To use F-Droid, enable "Settings" -> "Security" -> "Allow installation of apps from unknown sources". ## TODOs * Map different UID range per containers diff --git a/docker-2ndboot.sh b/docker-2ndboot.sh deleted file mode 100755 index feabff7..0000000 --- a/docker-2ndboot.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -# docker-2ndboot.sh is executed as a non-root user via `unsudo`. - -cd $(realpath $(dirname $0)/..) -set -eux -Xvfb & -export DISPLAY=:0 - -: FIXME -sleep 5 -x11vnc & - -: FIXME -sleep 5 -fvwm & -anbox session-manager & - -: FIXME -sleep 5 -anbox launch --package=org.anbox.appmgr --component=org.anbox.appmgr.AppViewActivity - -sleep infinity diff --git a/docs/screenshot.png b/docs/screenshot.png index c9b6298..8ef5b19 100644 Binary files a/docs/screenshot.png and b/docs/screenshot.png differ diff --git a/anbox-container-manager.service b/src/anbox-container-manager.service similarity index 72% rename from anbox-container-manager.service rename to src/anbox-container-manager.service index d6accdd..0506ab4 100644 --- a/anbox-container-manager.service +++ b/src/anbox-container-manager.service @@ -6,8 +6,8 @@ Wants=network.target [Service] ExecStartPre=/sbin/modprobe ashmem_linux ExecStartPre=/sbin/modprobe binder_linux -ExecStartPre=mkdir -p /dev/binderfs -ExecStartPre=mount -t binder none /dev/binderfs +# newer kernel uses /dev/binderfs directory instead of /dev/binder file +ExecStartPre=sh -exc "[ -f /dev/binder ] || (mkdir -p /dev/binderfs && mount -t binder none /dev/binderfs)" ExecStartPre=/usr/local/share/anbox/anbox-bridge.sh start ExecStart=/usr/local/bin/anbox container-manager --daemon --data-path=/var/lib/anbox --android-image=/android.img --use-rootfs-overlay ExecStopPost=/usr/local/share/anbox/anbox-bridge.sh stop diff --git a/src/docker-2ndboot.sh b/src/docker-2ndboot.sh new file mode 100755 index 0000000..e876725 --- /dev/null +++ b/src/docker-2ndboot.sh @@ -0,0 +1,43 @@ +#!/bin/bash +# docker-2ndboot.sh is executed as a non-root user via `unsudo`. + +function finish { + figlet ERROR + echo "ERROR: failed!" + : FIXME: the container should shutdown automatically here +} +trap finish EXIT + +cd $(realpath $(dirname $0)/..) +set -eux +Xvfb & +export DISPLAY=:0 + +until [ -e /tmp/.X11-unix/X0 ]; do sleep 1; done +: FIXME: remove this sleep +sleep 1 +x11vnc & +: FIXME: remove this sleep +sleep 1 +fvwm & +systemctl is-system-running --wait +systemctl status anbox-container-manager --no-pager + +anbox session-manager & +until anbox wait-ready; do sleep 1; done +anbox launch --package=org.anbox.appmgr --component=org.anbox.appmgr.AppViewActivity + +adb wait-for-device + +# install apk (pre-installed apps such as F-Droid) +for f in /apk-pre.d/*.apk; do adb install $f; done + +# install apk +if ls /apk.d/*.apk; then + for f in /apk.d/*.apk; do adb install $f; done +fi + +# done +figlet "Ready" +ps -ef +exec sleep infinity diff --git a/unsudo b/src/unsudo similarity index 100% rename from unsudo rename to src/unsudo