-
Notifications
You must be signed in to change notification settings - Fork 61
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f3a132a
commit cf0da45
Showing
3 changed files
with
94 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
--- | ||
page_ref: "@ARK_PROJECT__VARIANT@/termux/termux-exec-package/releases/2/v2.0.0.html" | ||
--- | ||
|
||
# termux-exec-package v2.0.0 - 2024-12-16 | ||
|
||
## Changelog | ||
|
||
|
||
**Commit history:** [`v1.0...v2.0.0`](https://github.com/termux/termux-exec/compare/v1.0...v2.0.0) | ||
|
||
| ||
|
||
|
||
|
||
### Added | ||
|
||
- Add support to execute ELF files by passing them to `/system/bin/linker*` to bypass android app data file exec restriction if using `targetSdkVersion` `>= 28` on Android `>= 10`. Check [technical](https://github.com/termux/termux-exec/blob/master/site/pages/en/projects/docs/technical/index.md) and [system linker exec](https://github.com/agnostic-apollo/Android-Docs/blob/master/site/pages/en/projects/docs/apps/processes/app-data-file-execute-restrictions.md#system-linker-exec) docs for info on how `system_linker_exec` works and why it is needed. ([`f261b26d`](https://github.com/termux/termux-exec/commit/f261b26d)) | ||
- Since when executing with linker, the `/proc/self/exe` will be set to linker path, export `TERMUX_EXEC__PROC_SELF_EXE` environment variable with actual path to executable being executed so that packages can be patched to read it instead. Additional hocking will need to be done for programs that read `/proc/<pid>/exe`. ([`f261b26d`](https://github.com/termux/termux-exec/commit/f261b26d)) | ||
- Hook the entire `exec()` family of functions, which is required for Android `14`. Closes termux/termux-packages#18537, termux/termux-app#3758 ([`f261b26d`](https://github.com/termux/termux-exec/commit/f261b26d)) | ||
|
||
- Added the `bool` environment variable `TERMUX_EXEC__INTERCEPT_EXECVE` for whether `execve` would be hooked for shebang fix or `system_linker_exec`. The default value is `true`. The other wrapper functions in the `exec()` family of functions declared in `unistd.h` are always intercepted to solve some other issues on older Android versions, check [`libc/bionic/exec.cpp`](https://cs.android.com/android/platform/superproject/+/android-14.0.0_r1:bionic/libc/bionic/exec.cpp) git history. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Added the `string` `TERMUX_EXEC__SYSTEM_LINKER_EXEC` environment variable for whether to use `system_linker_exec` if `TERMUX_EXEC__INTERCEPT_EXECVE` is enabled. If set to `disable`, `system_linker_exec` will be disabled. If set to `enable`, then `system_linker_exec` will be enabled but only if required. If set to `force`, then `system_linker_exec` will be force enabled even if not required and is supported. The default value is `enable`. Check `should_system_linker_exec()` in `exec.h` and `exec.h` for more info and how its handled. Docs will be added in a later commit. The `system_linker_exec` will now engage for executable or interpreter paths that are under `TERMUX_APP__DATA_DIR` or `TERMUX_APP__LEGACY_DATA_DIR` instead of `TERMUX__ROOTFS` (`TERMUX_BASE_DIR`). ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Read `ANDROID__BUILD_VERSION_SDK` environment variable exported by Termux app to get Android build version sdk, and if its not set, then from the `android_get_device_api_level()` call provided by `<android/api-level.h>`, which gets it from the system properties, which should be slower. | ||
|
||
- Added logger framework with multiple log levels with log entries for all the important variable states to track logic. The singular `TERMUX_EXEC_DEBUG` environment variable has been removed. The `int` `TERMUX_EXEC__LOG_LEVEL` environment variable controls the log level based on `(OFF=0, NORMAL=1, DEBUG=2, VERBOSE=3, VVERBOSE=4 and VVVERBOSE=5)`. The default value is `1`. Normally, `termux-exec` does not log anything at default log level `1` (`NORMAL`) for hooks even and will require setting log level to `>= 2` (`DEBUG`) to see log messages. To enable `VVERBOSE` logging for a command, you can run something like `TERMUX_EXEC__LOG_LEVEL=4 id -u`. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Added `TERMUX_EXEC_PKG__VERSION` `Makefile` parameter that gets logged on hook for `termux-exec` package version currently installed. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Added testing framework via `tests/termux-exec-tests.in` that calls `tests/unit-tests.c` to run unit tests, and `runtime-binary-tests.c` and `tests/runtime-script-tests.in` for runtime tests. Old tests files in random places have been removed. The testing is done for `termux-exec` and other termux internal packages including `termux-core`, `termux-tools`, `termux-am`, `termux-api`, `tudo` and `sudo` to ensure a fully working termux environment. The entire `exec()` family of functions is also tested by `runtime-binary-tests.c`. Currently, `termux-api` will not work in secondary users due to abstact namespace sockets being used. In future, tests can be moved to each package's own repo and a separate "tests caller" package can be added that runs tests for all packages that are installed. Tests can be run with `TERMUX_EXEC__LOG_LEVEL=1 "${TERMUX__PREFIX:-$PREFIX}/libexec/installed-tests/termux-exec/termux-exec-tests -vv all"`. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
|
||
--- | ||
|
||
## | ||
|
||
| ||
|
||
|
||
|
||
### Changed | ||
|
||
- Use `TERMUX__PREFIX` environment variable to generate Termux bin path to replace `/bin` and `/usr/bin` path in shebang of scripts instead of using hardcoded `TERMUX_BASE_DIR` build variable. If environment variable is not set or is invalid as per `TERMUX__ROOTFS_DIR_MAX_LEN`, then we use the default Termux prefix for which package was compiled for as long as its executable and readable to ensure termux-exec was not compiled for a different package. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Increase buffer size for executable file shebang header from `256` to `340` defined by `FILE_HEADER__BUFFER_LEN` as per termux path limits, check comment in `exec.h` file and [Termux File Path Limits](https://github.com/termux/termux-packages/wiki/Termux-file-system-layout#file-path-limits) docs. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Decrease max length of valid `TERMUX__ROOTFS` from `200` to `86` defined by `TERMUX__ROOTFS_DIR_MAX_LEN`, check `termux_files.h` file and [Termux File Path Limits](https://github.com/termux/termux-packages/wiki/Termux-file-system-layout#file-path-limits) docs. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Move `termux-exec` Apache 2.0 license file content from `LICENSE` to `licenses/termux__termux-exec__Apache-2.0.md` file and use `debian/copyright` format in `LICENSE` file. ([`5b482253`](https://github.com/termux/termux-exec/commit/5b482253)) | ||
|
||
## | ||
|
||
| ||
|
||
|
||
|
||
### Fixed | ||
|
||
- Fix relative paths for interpreter path by absolutizing it. Previously, only prefix was being replaced. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Fix `argv[0]` for executing shell scripts where it should be set to the original interpreter set in the file as is instead of the `argv[0]` to `execve()` being hooked for the executable. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Fix `fexecve()` where executable path would be `/proc/self/fd/<n>` and checking if its under Termux app data directory directory would give wrong results. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Fix checking if executable is under Termux directories. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Fix hardcoded `com.termux` values being used, all constants are replaced during building including the root scope of environment variables that are read and as per `TERMUX_ENV__S_ROOT` defined in `properties.sh` of `termux-pacakges` as `TERMUX_`. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- Fix issues where `errno` may already be set when `execve` is entered, check comment in `init()` function of `termux-exec.c` where it is set to `0`. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- The `termux-exec-package.json` will now have correct version and be consistent with `build.sh`, and also include tests files, which wasn't being done before. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
- The `termux-exec-package.json` previously had hardcoded `aarch64` as architecture, now we find and replace it for the compiler based on which predefined architecture macro is defined. ([`0281129f`](https://github.com/termux/termux-exec/commit/0281129f)) | ||
|
||
## | ||
|
||
| ||
|
||
|
||
|
||
### Removed | ||
|
||
- Removed the singular `TERMUX_EXEC_OPTOUT` environment variable. Opt outs should be confined to specific hooks and logics. | ||
- The singular `TERMUX_EXEC_DEBUG` environment variable has been removed. | ||
|
||
--- | ||
|
||
| ||
|
||
|
||
|
||
|
||
|
||
## Notes | ||
|
||
- Usage docs are available [here](https://github.com/termux/termux-exec/blob/master/site/pages/en/projects/docs/usage/index.md). You can run commands with `TERMUX_EXEC__LOG_LEVEL=4 id -u` after installing package for debugging. To run on normal termux with `targetSdkVersion` `<= 28`, run `TERMUX_EXEC__SYSTEM_LINKER_EXEC=force TERMUX_EXEC__LOG_LEVEL=4 id -u` instead. **Check [`TERMUX_EXEC__LOG_LEVEL`](https://github.com/termux/termux-exec/blob/master/site/pages/en/projects/docs/usage/index.md#termux_exec__log_level), [`TERMUX_EXEC__INTERCEPT_EXECVE`](https://github.com/termux/termux-exec/blob/master/site/pages/en/projects/docs/usage/index.md#termux_exec__intercept_execve), [`TERMUX_EXEC__SYSTEM_LINKER_EXEC`](https://github.com/termux/termux-exec/blob/master/site/pages/en/projects/docs/usage/index.md#termux_exec__system_linker_exec) variable docs for more info on how to control behaviour of `termux-exec`.** | ||
- Testing docs are available [here](https://github.com/termux/termux-exec/blob/master/site/pages/en/projects/docs/developer/test/index.md). Run tests with `TERMUX_EXEC__LOG_LEVEL=1 TERMUX_API_APP__APP_VERSION_NAME=0.50.1 TERMUX_ROOTFS__PACKAGE_MANAGER=apt "${TERMUX__PREFIX:-$PREFIX}/libexec/installed-tests/termux-exec/termux-exec-tests" -vv all`. Exporting `TERMUX_API_APP__APP_VERSION_NAME` and `TERMUX_ROOTFS__PACKAGE_MANAGER` variables is necessary for running tests on older Termux app versions without scoped environment variable changes for package manager and Termux:API app tests to run. | ||
- Build docs are available [here](https://github.com/termux/termux-exec/blob/master/site/pages/en/projects/docs/developer/build/index.md). | ||
|
||
--- | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters