How to create a symbolic link with short fullpath?

Asked 8/12, 2013 at 22:12 Answered 3/11, 2015 at 12:50

Solved android binaryfiles directory-structure dynamic-linking

I am editing paths on some binaries short of recompiling them.

I want to replace /lib/ld-linux-armhf.so.3, which I cannot create, by a path of same length, that I can create without rooting the phone. It should be something of the same length because I am editing binaries. I have chosen the path /data/data/com.clk/.so.3, after the different possibilities listed below. What I'm trying to do is create /data/data/com.clk/.so.3, which should be a symbolic link to /data/data/com.spartacusrex.spartacuside/gentoo_armv6l/lib/ld-linux-armhf.so.3

I initially used /proc/5781/cwd/rmhf.so.3, but this is not readable by other applications (which are other linux accounts).

I then tried /data/.tmp, but it is specific to my phone, and not documented according to @ChrisStratton. Same about /data/logcat_log.

/sdcard is excluded because fuse options rw,nosuid,nodev,relatime,user_id=1015,group_id=1015,default_permissions,allow_other restrict links and exectuables and /lib/ld-linux-armhf.so.3 is to be executed.

Does anyone know how else I can accomplish this?

Corrincorrina answered 8/12, 2013 at 22:12 Comment(20)

No, they are not. What you find along these lines varies widely by Android version. Consider starting your binaries with a library path override environment variable instead. – Thies 8/12, 2013 at 22:51

Ok, I updated my question: /data/.tmp/ is not available, so I ask for someone to produce my short fullpath, with a bounty. – Corrincorrina 13/12, 2013 at 10:9

Do you think that the easiest solution would be to produce an APK ? – Corrincorrina 16/12, 2013 at 22:12

@Corrincorrina Don't you need to be logged in as root to create a synbolic link to something that is protected? – Reamer 18/12, 2013 at 2:39

@meewoK: no. You may try ln -s /data/data/jackpal.androidterm/lib/libjackpal-androidterm4.so 3 in Terminal IDE, it will create a symbolic link even if /data/data/jackpal.androidterm does not exist. And if you install Terminal Emulator, that path will exists and the symbolc link will work. This works because all involved directory have at least the last x in tenth column of output of ls -l (try ls -ld / /data /data/data /data/data/data/jackpal.androidterm/ after installing Terminal Emulator) – Corrincorrina 18/12, 2013 at 13:30

Do you happen to be the author of both applications? – Decarburize 18/12, 2013 at 23:3

No, I am the author of gentooandroid only. – Corrincorrina 24/12, 2013 at 17:59

At least from the current version of your question, it's really hard to tell what, if anything, you're actually asking for. If you still have something here that you want help with, you should try to rewrite your question to better explain what it is. Alternatively, if you've managed to solve your problem yourself, consider posting a brief explanation of what you did as an answer and marking it as accepted. – Tractarianism 4/1, 2014 at 2:51

@IlmariKaronen : apparently, a possible solution would be to create an apk like explained by stackoverflow.com/revisions/20459834/3 but I do not have the knowhow about creation of APK. And that revision was flagged and deleted. – Corrincorrina 6/1, 2014 at 13:55

@Ilmari Karone : if you want more information about the flagging, see chat.meta.stackoverflow.com/transcript/89?m=1676192#1676192 and all its answers. – Corrincorrina 6/1, 2014 at 14:5

If creating an APK is the issue, have you looked at this question? – Tractarianism 6/1, 2014 at 18:15

You could use /var/tmp.. Sticky bit dir that doesn't typically get wiped by an OS upon reload even if the bits are set to wipe /tmp.. – Coeternal 8/1, 2014 at 13:5

Symbolic links cannot overcome security restrictions. If the target path of a symbolic link is not accessible to you, then the link is not usable by you. You can use hard links to make files that are in directories not accessible to you into directories that are accessible to you. (Someone with access to both places has to create the hard link.) – Norenenorfleet 16/1, 2014 at 2:30

@Kaz: Try this if you have a linux: As root, do: mkdir /tmp/a ; chmod 711 /tmp/a ; date > /tmp/a/b ; chmod 644 /tmp/a/b Then as the user, do: ln -s /tmp/a/b /tmp/b: cat /tmp/b will then work. Did you miss #20460334 ? – Corrincorrina 17/1, 2014 at 16:36

@Wedge Martin: /var/tmp does not exist on all Androids. – Corrincorrina 17/1, 2014 at 16:40

@Corrincorrina 711 means that group and others have search permission. The regular user can also just do cat /tmp/a/b without the symlink; you just have to somehow know that /tmp/a/b/ exists. Search permission means that if you know an exact name in a directory, you can use it, even if you have no read permission to actually scan the directory contents. Look, I've been using this Unix cruft since 1980-something. – Norenenorfleet 17/1, 2014 at 17:36

@Kaz, My interest is creating a symlink so that a file with a long fullpath will be accessible by a shorter fullpath. Because, when editing binaries to replace /lib/ld-linux-armhf.so.3 with the actual location of that binary, I can only use as many characters, no more. The permission issue was raised by stackoverflow.com/questions/… and there is no permission issue here to access the fullpath /data/data/com.spartacusrex.spartacuside/gentoo_armv6l/lib/ld-linux-armhf.so.3, I have only a problem with its length. – Corrincorrina 24/1, 2014 at 9:49

I think a solution is to patch https://play.google.com/store/apps/details?id=com.clk to add my symlink inside. – Corrincorrina 24/1, 2014 at 9:52

In that case, the wording "I want to replace X by a path I have access to" could use improvement. – Norenenorfleet 24/1, 2014 at 18:2

@Kaz: Thanks for the suggestion ! I did this edit. – Corrincorrina 27/1, 2014 at 12:31

I finally stumbled on a apk, AIDE, that can create simple apk, which does not need any x86 computer and works on the phone itself. Without paying anything, in twenty minutes, I created my first apk, and was able to install it after temporarily authorizating unknown sources. That was my first java program. I chose a short albeit informative name for the apk, com.symli (com. seemed necessary).

Then I modified the tab MainActivity.java of the editor to get:

package com.symli;

import android.app.*;
import android.os.*;

public class MainActivity extends Activity 
{
  @Override
  protected void onCreate(Bundle savedInstanceState)
  {
    try
    {
      Runtime.getRuntime().exec("ln -s /data/data/com.termux/com.symli /data/data/com.symli/n");
      Runtime.getRuntime().exec("chmod 1777 /data/data/com.symli");
    } catch (java.io.IOException e) {
    }
    super.onCreate(savedInstanceState);
    setContentView(R.layout.main);
  }
}

Then I simply clicked on the "run" button, and BOOM the symlink is now here for good, and /data/data/com.symli is itself a world writable directory (with sticky bit set):

lrwxrwxrwx 1 10150 10150 50 Nov  3 13:17 /data/data/com.symli/n -> /data/data/com.termux/com.symli
drwxrwxrwt 4 10150 10150 4096 Nov  3  2015 /data/data/com.symli

I have uploaded the resulting .apk to http://sf.net/projects/gentooandroid/files/symlinksForStackoverflowQuestion20459834v2.apk/download (permissions: NONE ! SHA256sum: 01fd17a8700f2cb5b5bb943b38b623b1400679fa03c35ccb204619d1d5d486ff MD5sum: 879af0633504ab25462a1f9b2303587e)

Corrincorrina answered 3/11, 2015 at 12:50 Comment(2)

I found this apk maker, com.aide.ui, while looking for shell app with short package names. I will now be able to make simple APPS without authorizing anyone to look at my private life ! – Corrincorrina 3/11, 2015 at 12:52

The part ` ; env > /data/data/com.symli/getRuntimeExecEnv` was not working, so the reader can suppress it. The reader using my .apk (instead of using com.aide.ui) cannot suppress that from the .apk. – Corrincorrina 3/11, 2015 at 13:49

Have you considered using PatchELF rather than rolling your own binary editing? It claims to be smart enough to insert an extra page into the ELF header as needed to make room for longer interpreter or RPATH fields. That would allow you to use the real interpreter value rather than needing a symbolic link.

Agenda answered 1/4, 2014 at 2:38 Comment(1)

Thank you, I didn't knew PatchELF. Will be handy when I cannot recompile (which is not often the case). – Corrincorrina 7/4, 2014 at 14:11

Then I modified the tab MainActivity.java of the editor to get:

package com.symli;

import android.app.*;
import android.os.*;

public class MainActivity extends Activity 
{
  @Override
  protected void onCreate(Bundle savedInstanceState)
  {
    try
    {
      Runtime.getRuntime().exec("ln -s /data/data/com.termux/com.symli /data/data/com.symli/n");
      Runtime.getRuntime().exec("chmod 1777 /data/data/com.symli");
    } catch (java.io.IOException e) {
    }
    super.onCreate(savedInstanceState);
    setContentView(R.layout.main);
  }
}

Then I simply clicked on the "run" button, and BOOM the symlink is now here for good, and /data/data/com.symli is itself a world writable directory (with sticky bit set):

lrwxrwxrwx 1 10150 10150 50 Nov  3 13:17 /data/data/com.symli/n -> /data/data/com.termux/com.symli
drwxrwxrwt 4 10150 10150 4096 Nov  3  2015 /data/data/com.symli

Corrincorrina answered 3/11, 2015 at 12:50 Comment(2)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags