Arch Linux and LaTeX on the Nexus 10

By John Lenz. March 11, 2013.

I recently got a Nexus 10 and wanted to install Vim and LaTeX and related software on my tablet. Looking around at the various options, I decided to install Arch Linux in a chroot. The first step was rooting the tablet. Now that we have root access, we can install Arch. This guide is written assuming knowledge of the linux command line. I mostly followed this guide, although there are some changes since newer versions of Android changed some things around. This guide is for Android 4.2, future Android versions might require changes.

Terminal Environment

First, we need a working terminal environment. By far the best is a combination of

• Terminal Emulator
• Busybox
• Hacker's Keyboard

especially as they are all open source. Install these three apps. Also, I have a bluetooth keyboard which I use for heavy terminal work: the hacker's onscreen keyboard works well though and I actually used the hacker's onscreen keyboard for my entire install of Arch since I didn't have my bluetooth keyboard yet. Another option is to install a ssh server on the tablet.

Busybox will request superuser access and have some stuff about two ways of installing: simple and smart install. What the busybox android app does is switch to root, temporarily remount the /system filesystem read-write, copy the busybox binary, create some symlinks, then remount read-only. The busybox "smart install" lets you control exactly which symlinks get created and if you want to actually replace any of the existing android tools with a symlink to busybox. I did not use smart install and instead just pressed the install button. This creates symlinks to all tools that don't already exist and does not replace any of Android's tools. The built in android tools are pretty crappy and don't always support all the command line options (which is why you might want to replace them), but when that happens I just run "busybox <tool> <options>" instead of using it through the symlink.

Background

There are several android filesystems of interest and there were several changes in Android 4 for tablets (so if you look at other older guides, they will not match). There are four filesystems that are mounted from partitions on internal storage.

• /system: mounted read-only but the only filesystem mounted without the nosuid option
• /cache: supposedly used as a cache for applications and Dalvik, although my tablet currently has nothing in this entire filesystem besides the lost-and-found directory automatically created by ext4. Dalvik cache seems to be at /data/dalvik-cache.
• /data: mounted rw, where applications are installed. We will install Arch here. This partition is also the majority of the space on the tablet.
• /factory: small partition (19MiB) used to store some tablet info like wifi mac address, the keys for verifying signed packages. I guess this is separate from /system because /system gets overwritten during an upgrade.

Older versions of Android would have another partition mounted at /sdcard which I suppose at some point was an actual sdcard. This folder is where applications store user data, and I guess for backwards compatibility modern versions of Android must still put something at this location. Just one of the many strange things about Android, having a folder called /sdcard backed by internal storage; on my phone the actual SD card is mounted somewhere else. On the Nexus 10, to support multiple users, there is a FUSE mounted filesystem monuted at /storage with subdirectories for each user. The FUSE filesystem is backed by the /data partition. There is then a symlink from /sdcard to /storage/<id>/legacy. The existence of the FUSE filesystem is weird, why not just symlink /sdcard to somewhere in the /data directory? Most likely the answer is how Android (ab)uses user ids so the FUSE filesystem recreates a permission access scheme because file uids can't be used.

Extract Arch

The Nexus 10 has a dual core Cortex A15 which supports the ARMv7 architecture. Download one of the ARMv7 tarballs from the Arch Linux download page. The tarballs differ by their kernel which since we are running in a chroot we don't care about the kernel, so any of the ARMv7 tarballs will work. As root, create a directory at /data/local/archlinux and extract the tarball in that directory.

Launch Script

I use the following script to chroot into archlinux. It can be downloaded at start.sh. Copy this to /data/local/archlinux/start.sh and edit the username. Note that this is a username inside Arch which is not yet created so that option won't work yet.

cd /data/local/archlinux

select x in "Android" "ArchLinux - root" "ArchLinux - wuzzeb"; do
    case $x in
        "Android")
            exec sh
            ;;
        "ArchLinux - root")
            h=/root
            u=root
            break
            ;;
        "ArchLinux - wuzzeb")
            h=/home/wuzzeb
            u=wuzzeb
            break
            ;;
    esac
done

if ! mountpoint -q dev; then
  mount -o bind /dev dev
  mount -t proc proc proc
  mount -t sysfs sysfs sys
  mount -o bind /dev/pts dev/pts
  ln -s /proc/self/fd dev/fd
fi

exec chroot . /bin/bash -c "source /etc/profile; export HOME=$h; export TERM=xterm-256color; exec su - $u"

Inside the Terminal Emulator preferences, set the initial command to be

exec su -c "sh /data/local/archlinux/start.sh"

Now whenever you create a tab in Terminal Emulator it will prompt you for creating an Android shell, an Arch root shell, or an Arch user shell.

Setup Arch

Create a new tab in Terminal Emulator and select "ArchLinux - root". Next, we want to configure the Arch install. The first is to set up a nameserver. 8.8.8.8 is Google's nameserver.

echo "nameserver 8.8.8.8" > /etc/resolv.conf

Next check you can connect to the outside world by pinging something: note you might need to go into the Terminal Emulator menu and select the "Take Wifi Lock" option, since the wifi might go into a powersave mode. Next we want to follow the configuring a new Arch install guide: set the locale, run locale-gen, set the timezone, set a hostname.

Next, we want to remove all the packages we don't need anymore, or at least the ones that take a lot of space. I suggest running "pacman -Qi" and looking for the Installed Size line. Definitely remove the linux kernel package, maybe a few of the other large ones. Now update to the latest by

pacman -Syu

Finally, create a non-root user by running "adduser" and update the start.sh script to match the username. For the user to be able to access the network, the user must be a member of the inet group (before Android 4, this was the aid_inet group). So run

groupadd -g 3003 aid_inet
groupadd -g 3004 inet
usermod -a -G aid_inet,inet <username>

You should now be able to create a new tab within Terminal Emulator and select ArchLinux - <username>.

Install Software

Even though Arch Linux ARM and Arch Linux are separate projects, Arch Linux ARM is almost identical in terms of documentation so you can use the excellent Arch Linux Wiki, in particular the post install guide might be of interest. I installed all my favorite command line software, including vim, mercurial, openssh, rubber, texlive-core and texlive-latexextra (see this page). I also installed the base-devel package which pulls in GCC and other build tools, to be able to build packages from the AUR. I use cower although yarout is probably the most popular. I like to know what is going on which is why I use cower. I then cloned my academic mercurial repositories, one of which contains my vim plugins and vim configuration.

At the moment, I use exclusively command line programs. I haven't set it up, but you could run graphical programs by using vncserver from within the Arch chroot and using an Android vnc viewer app to connect to localhost. The instructions on the vncserver wiki page should work unmodified, except starting the vncserver should be added to start.sh.

sudo nor any other suid programs work, since the Android /data partition is mounted with nosuid. One option is to remount the /data partition without the nosuid parameter, which can be done inside start.sh. I decided not to do this for security reasons, instead as you can see in my start.sh I have the option to open an Arch terminal as root or my user.

Final Thoughts

• The Linux kernel has recently gained support for user namespaces. Hopefully this comes to Android kernels, because then we could get Arch Linux running without rooting the tablet (by installing it in a subdirectory of the directory of /data assigned to the Terminal Emulator), and using a program to create a new user namespace for Arch.
• Support in systemd for lightweight containers via nspawn has been recently added: at some point the manual mount code in start.sh might be replaced by using systemd to startup the container.
• No audio support at the moment: this might be possible by using pulseaudio inside Arch and using pulseaudio's streaming support to stream sound locally to an Android app.
• Currently I use APV PDF Viewer to view/preview PDFs after I compile them, but the APV does not refresh the pdf after it has changed so I have to exit and reopen the app. Also, I lose the forward/backward search that I have on the desktop (this is the ability to automatically open the PDF viewer to the page corresponding to the text currently in Vim). I might look at using vnc and running evince, or I might try updating the APV source. Maybe using the Android intent system I can cause APV to refresh and change to a specific page by running commands from Arch.