Run Linux containers on Android, no root required
Comments
vimredo
gbil
My understanding is that the integrated linux terminal is not supported on all processors like snapdragon ones and also is not available on all manufactures like Samsung. Therefore this approach covers a much bigger audience.
microtonal
I think it was only available on Google Pixel until recently. As far as I understand, some Samsung Exynos devices support it (e.g. Z Flip 7, non-US S26 with Exynos), but not Snapdragon devices, which don't seem to support non-protected VMs yet:
Error code: java.lang.UnsupportedOperationException: Non-protected VMs are not supported on this device
gbil
I can find it on my S25fe with exynos android 16/oneui 8.0 if I search for it in the setting but is greyed out. I wait for 8.5 to see if it is enabled then and is the only time I'm happy to have an exynos device!
fg137
Can confirm -- seeing the same error on a Samsung Snapdragon device when attempting to use the Linux terminal
getpokedagain
It also behaves weirdly if you use a VPN.
m132
This. Also, for phones that don't support Android virtualization, there's a user-space hack, part of Termux upstream, that allows for root-less chroots via LD_PRELOAD: https://wiki.termux.com/wiki/PRoot.
systemd won't boot with this (needs to be PID 1), but a lot of software will work just fine and there's nearly zero emulation overhead.
yjftsjthsd-h
I don't think it uses LD_PRELOAD, it uses ptrace to intercept system calls (hence the name). Unfortunately this does have performance overhead, although I've never bothered to measure it. Actually that would be an interesting thing to benchmark.
m132
My bad, I must have confused it with something else. Yes, it uses ptrace; there definitely is some overhead around system calls, but that still should be better than running atop a full-scale CPU emulator. That being said, I haven't benchmarked it myself, just remember it being pretty snappy.
Thanks for your correction!
smetannik
Android's terminal app is really slow and takes some time to boot comparing to Termux.
Also, the Terminal app is essentially a webview (as I understand, the reason is architectural).
arend321
The Linux terminal app on Android reddits are full of reports of instability. It is far from being useful as far as I understand. I had so much hope for this being a good way to use my phone as a portal for development, but it's a dud. At least we have termux and proot.
dredmorbius
Termux itself is a red-headed step-child on Android, with current releases installable only from F-Droid, and quite possibly subject to further restrictions in future.
Mind: Termux is the only thing on Android which has not precisely sucked in my own 15+ years' experience with the platform. It remains both crippled and emperiled by the OS and Google.
<https://web.archive.org/web/20210103151837/https://wiki.term...>
There's ... some Google Play availability as of June 2024: <https://github.com/termux/termux-app/discussions/4000>.
F-Droid's own future viability is at risk given Google's recent Android directions:
<https://www.techdirt.com/2025/10/07/googles-requirement-for-...>.
My own interests lie more in the ability to run Android emulated under Linux, and switching from phone / tablet devices to a small form-factor laptop (Framework 12 or 13 most likely) for on-the-go computing.
nagaiaida
you seem to have articulated precisely the advantage that makes it serve a purpose for me: supporting the version of android on my phone. presumably i am far from unique in not having android 16
iraizo
The new app is truly awesome, was able to get a desktop environment running, and a minecraft server & client. Just a shame that you can't pass through USB.
acka
Not everyone owns one of the limited range of devices that Linux Terminal is available for. For example, no Snapdragon chips currently in use support the "non-protected" virtual machines required by the Android Virtualization Framework. Also, it doesn't jive with Samsung Knox, so the few Samsung devices that this might work on (mostly international models with Exynos chips) will likely not be supported.
thrance
Wow, didn't know this existed, thanks. But 761 Mo download?? That's insanely big for a terminal, what could possibly make this bundle so big?
petu
It's not giving you access to Android shell, but one inside VM. So OS image for VM.
prmoustache
It is a complete OS in a virtual machine.
fmajid
The Linux Terminal app is incredibly buggy in my experience, but that may be because I use GrapheneOS.
Saris
Isn't this super limited? It seems to only support the latest version of android which only recently released phones have.
jacek
I tried it on my Samsung phone. Keeps crashing, "recovery" just deletes everything and you start over from scratch. No session lasted more than 5 minutes.
realusername
Personally this toggle doesn't do anything (Android 16, Samsung) so I'm not sure when it's supposed to be ready
shrx
> The Linux terminal app on Android (check Developer settings if you want it)
I don't see it. How do I install it?
Gander5739
In developer settings, under debugging "Linux development environment (Experimental) Run Linux terminal on Android"
shrx
No such option. Apparently it needs to be allowed by the vendor (Samsung)?
ghywertelling
We can use old phones for running PiHole.
j45
Sometimes the capability unlocks the possibilities.
m132
But does it synergize paradigms?
j45
Creating a new capability is like making a new flashlight.
Maybe the new light can see wider, or further and you see something you didn’t before that was possible.
You can synergizr the looksmaxing while cooking if you like :)
anthk
Termux and a BT keyboard it's enough.
Also, native Emacs under FDroid has recently been improved a lot.
With just Emacs you get:
- An IRC, Usenet and Mail client. The ONLY libre Usenet client. comp.arch and comp.misc have really engaging discussions. You can score up nice commenters and blacklist every spammer
- Gemini and Gopher via ELPA (run Esc-x package-install RET elpher)
- A math mini CAS with Esc-x calc RET
- Esc-x package-install RET malyon, get some nice ZMachine text adventures at IFDB
- Elisp environment+cl-lib can do a lot
- Esc-x package-install jabber, Esc-x jabber. Chat with cool people at XMPP servers.
- Org-Mode, enough said
- eshell will allow you to automate stuff
- Elisp + Android related functions + org-mode: heaven.
- Sudoku, Sokoban, Tetris...
- LSP integration it's possible
Get some $10 pocket bluetooth keyboard and try it.
dietr1ch
I tried Emacs, but realised I need NixOS to get the packages I depend on like git to download my config. I can't use stock emacs. There's a trick to get Emacs and termux to share packages, but not for nix-on-droid :/
getpokedagain
You can do some signing hackery and allow Emacs to see executables from termux https://gsilvers.github.io/me/posts/20250921-emacs-on-androi...
For anyone who ends up here and curious.
hu3
Added to my list of things that will never be possible on iOS.
StilesCrisis
Not to defend it, but emulating Linux in WASM is possible and ought to work on iOS in a reasonably performance way. See https://webvm.io/
hu3
It will never be native though, which is the main point.
figmert
This can probably be upstreamed into podman. Podman already has supports using a VM using podman machine (uses different tech under the hood depending on the OS). This seems like it can be yet another backend for it.
functional_dev
That would be great
nullbyte808
Is it possible to get the reverse of this working? (Waydroid with play services on Linux phones, such as postmarketOS)
seba_dos1
I've been using Waydroid with microG on a Librem 5 with PureOS for years. Not extensively as I don't have a lot of reasons to boot Android, but when I do have one it's there.
I've seen some guides for installing Play Services in Waydroid, but personally I'm not interested.
unicornporn
The latest Waydroid beta is over three years old. Waydroid is dead and I haven't found an alternative.
seba_dos1
The latest stable release of Waydroid is from little over a month ago. The Android image it uses by default is based on Android 13, which is fresh enough to do its job.
jansommer
One could also try Android 15 and 16 on Waydroid: https://github.com/WayDroid-ATV/waydroid-builds/releases
vimredo
Why wouldn't it? All you need is a binder device for Android IPC and root access to launch Waydroid. It should work perfectly fine when installed and used with Wayland.
spidermonkey23
I think this is great, I've wanted some sort of docker on android system and this does the job quite nicely all wrapped up in an apk. So there is definitely space for this in the current ecosystem. The new terminal built into android crashes whenever I try booting it up.
nixosbestos
I just want a folding portable monitor now. We're getting so close...
volemo
I’ve heard Samsung makes something like that. :D
anonzzzies
I use xreal one pro for that, works well.
unnouinceput
I want the opposite. And I want to behave like a true Android. Reason: My fucking useless bank that has a banking app that only runs on non-rooted Android only (cause fuck iOS/web according to them). My attempts to run their shitty app on emulators, virtual machines and the like failed. So currently I have a dumb phone that only has their crappy app on it and that's all. On a separate Google account, because I do not dare to link my main Google account to their name.
Any advice?
k38f
The QEMU TCG approach makes sense for isolation, but I'm curious about the traffic routing story. Does each container get its own network namespace, or does all traffic still go through Android's network stack? The latter would mean carrier-level DPI still sees everything the container sends — which matters a lot depending on what you're running.
Antitoxic6185
tmux with proot distros exist though
ike____________
Just tried it, the last 2 versions, I cannot continue after specifying the ram and cpu number.
tuananh
what about the other way around?
i'm aware about waydroid but it has too many problems with nvidia. also require wayland.
yjftsjthsd-h
I can't help you with nvidia, but the Wayland thing can be worked around quite easily by running it under a nested compositor like cage. (This is how I run waydroid under Xorg)
tuananh
thanks. good to hear that. i just have to wait for nvidia support now.
yjftsjthsd-h
Have you tried https://wiki.archlinux.org/title/Waydroid#Software_rendering ? Obviously not ideal, but possibly functional.
Tajnymag
There's for example redroid (https://github.com/remote-android/redroid-doc) which seems to be exactly that. Android inside a container.
unicornporn
X86 builds of Android are stuck at many generations back of the OS. Running Android in a VM on X86 is basically dead AFAIK. :(
yjftsjthsd-h
I'm actually optimistic that this will improve. Google has apparently been working on replacing Chrome OS with android, which I have pretty strong opinions on but the upside is that if they want to go that route they're going to have to make Android officially work well on x86, at which point there's no reason that eg. LineageOS wouldn't be expected to follow suit.
RobotToaster
You could run a windows VM and run windows subsystem for android.
jansommer
Windows subsystem for Android is deprecated. There's a community maintained alternative but it seems to have a few problems wrt. Windows updates.
RobotToaster
The community maintained version seems to work okay most of the time, but you're correct a better solution is needed.
Beijinger
How is it the other way around? What is the status of Waydroid?
seba_dos1
Works.
pjmlp
I don't see the purpose to run containers on Android, the managed userspace provides everything I need, including code on the go apps, already sandboxed.
Also not a termux fan.
dredmorbius
What are your concerns / objections to Termux?
pjmlp
People are holding it wrong.
Instead of embracing the Java/Kotlin userspace alongside C and C++ on the NDK, with the official APIs, they try to subvert into GNU/Linux.
First of all bionic isn't glibc, secondly the Linux kernel is only a matter of convenience for Google, which they could in theory replace by something else, while keeping the Java/Kotlin and the NDK C/C++ APIs.
Which is exactly termux isn't without issues on modern Android versions, not much different than using cygwin/mingw on Windows.
derekzhouzhen
This is exactly Termux's point, to subvert Android into linux cheaply. Same for MinGW or MSYS2. I want to invest as few as possible on Andriod or Windows, while still able to use them in the way that I prefer.
pjmlp
I don't see cloning UNIX every piece of hardware with a CPU as positive, so it isn't a valid point for me.
As computer nerd I favour diversity just like I had the pleasure to enjoy during the 8 and 16 bit home computing days.
Vertical integration of computers with a soul, full stack experience.
“Using UNIX is the computing equivalent of listening only to music by David Cassidy.”
— Rob Pike
yenko
What code on the go apps do you have in mind ?
pjmlp
Pascal N IDE, C# Shell NET IDE, Pydroid 3, Shader Editor, the paid versions.
ilsubyeega
curious is this just software qemu(not sure what word exactly was) instead of virtualization acceleration, probably more overheads?
em500
Yes, under How It Works:
> libqemu-system-aarch64.so (QEMU TCG, no KVM)
TCG means software emulation
kristianp
I thought why is qemu used here? Why not use linux native namespaces and cgroups.
NewJazz
Permissions. Isolation.
Retr0id
so, like namespaces and cgroups?
figmert
Android kernel has the relevant kernel parameters disabled. It is entirely possible to run containers directly on android, but it requires enabled the relevant parameter (iirc no recompilation need, just a cmdline change). But this of course requires root.
NewJazz
Itbsays it doesnt use kvm, so i thinj that meens no accel.
ggm
And local FS access is mediated how?
TheRoque
With this I could in theory do all my work from my Android phone.
ekropotin
I find the title very misleading. Linux containers typically means LXC, but when in readme you say it’s intended for running OCI-based containers.
nsonha
What would be the usecases?
cringleyrobert
Just because you can doesn’t mean you should.
randomtoast
I find it somewhat amusing that it uses QEMU to emulate Linux in order to create a container with restricted permissions, even though it is already running on Linux with restricted permissions. I get the point while it is designed that way, but still funny.
AlexeyBelov
[flagged]
randomtoast
[flagged]
AlexeyBelov
[flagged]
randomtoast
[flagged]
Aegis_Labs
[dead]
venyxx__tnt
[flagged]
VonGuard
Podman.....
I don't understand what this would be useful for. The Linux terminal app on Android (check Developer settings if you want it) already exists and it uses hardware accelerated virtualization, while this uses QEMU with TCG. The Linux terminal app also supports running a DE (No VNC - as in no VNC, not NoVNC - required!), has full shell, full root, all the features of Podroid, and hell, you could even swap out the terminal if you wanted to. The only advantage to this seems that it supports Android 14, 15, and 16. Am I missing something, or does this have no purpose?