chromeOS

[TOC]

Running Custom Containers Under Chrome OS
Google working on new way to run Android apps in Chrome OS called ‘ARCVM’
https://en.wikipedia.org/wiki/Chrome_OS#cite_note-GTOS-8
https://chromium.googlesource.com/chromiumos/docs/+/master/containers_and_vms.md#don_t-android-apps-arc_run-in-a-container-and-not-a-vm
Install Android apps on your Chromebook
https://developer.android.com/topic/arc/device-support
https://lwn.net/Articles/701964/
/usr/bin/vm_concierge
official Doc https://github.com/sebanc/brunch
sebanc/brunch: Boot ChromeOS on x86_64 PC … - GitHub
https://github.com/sebanc/brunch/releases
https://cros-updates-serving.appspot.com/
https://www.eevblog.com/forum/programming/install-official-google-chrome-os-on-pc-laptop-with-play-store-and-linux!/
https://zhuanlan.zhihu.com/p/161247724
https://www.xda-developers.com/fydeos-chrome-os-brings-android-apps-pc/
https://fydeos.com/instructions-pc
https://faq.fydeos.com/en/getting-started/install-fydeos-to-hdd/
How to Install Chromium OS on Raspberry Pi
chromium https://www.makeuseof.com/tag/download-google-chrome-os-and-run-on-a-real-computer/
安装篇 完整版 Chrome OS 安装指南
Dual Boot Chrome OS and Windows 10
chrome OS
blog ChromeOS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

If you are in developer mode, open a crosh (control-alt-T) and issue
> the command "shell". Then you can become root (sudo bash) and set
> passwords for the root and chronos users as you please.
>
It's probably worth adding: Generally, being in dev mode isn't
enough to be able to log in to a Chrome OS device via ssh.
The upstart job that starts sshd isn't present in a base Chrome OS
image. If you want sshd to be running on your device, then in addition
to switching to dev mode you'll need to do one of the following:
1) Build and install your own Chromium OS image.
2) Disable rootfs verification on your device, and then copy the
openssh-server job into /etc/init.
3) Write a short script that does what the openssh-server job does,
install it in /usr/local/bin, and then run the script manually after you
boot.
1
2
3

mount / --remount -o rw
mount -o remount,rw /

The chrome book can support your use case natively, but it is a bit limited. There are some apps you can install that give more full features.

Inside the browser you can install a ssh client or use a limited, built-in shell by doing CTRL+ALT+T to open up a CROmium SHell (CROSH for short) . The terminal can only ssh into other machines and a few other things, a lot of the things that you expect from your standard bash are definitely missing.

That said, the chrome book is great for web browsing and just ssh-ing to other computers

The default behaviour for most Linux file systems is to safeguard your data. When the kernel detects an error in the storage subsystem it will make the filesystem read-only to prevent (further) data corruption.

You can tune this somewhat with the mount option errors={continue|remount-ro|panic} which are documented in the system manual (man mount).

When your root file-system encounters such an error, most of the time the error won’t be recorded in your log-files, as they will now be read-only too. Fortunately since it is a kernel action the original error message is recorded in memory first, in the kernel ring buffer. Unless already flushed from memory you can display the contents of the ring buffer with the dmesg command. .

Most real hard disks support SMART and you can use smartctl to try and diagnose the disk health.

Depending on the error messages, you could decide it is still safe to use file-system and return it read-write condition with mount -o remount,rw /

In general though, disk errors are a precursor to complete disk failure. Now is the time to create a back-up of your data or to confirm the status of your existing back-ups.

inside chromeOS

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

localhost /etc/init # uname -a
Linux localhost 4.19.122-brunch-sebanc #1 SMP PREEMPT Tue Jul 7 20:49:02 CEST 2020 x86_64 Intel(R) Core(TM) i5-9400 CPU @ 2.90GHz GenuineIntel GNU/Linux
localhost /etc/init # cat /etc/issue
Developer Console

To return to the browser, press:

[ Ctrl ] and [ Alt ] and [ <- ] (F1)

To use this console, the developer mode switch must be engaged.
Doing so will destroy any saved data on the system.

In developer mode, it is possible to
- login and sudo as user 'chronos'
- require a password for sudo and login(*)
- disable power management behavior (screen dimming):
sudo initctl stop powerd
- install your own operating system image!

* To set a password for 'chronos', run the following as root:

chromeos-setdevpasswd

If you are having trouble booting a self-signed kernel, you may need to
enable USB booting. To do so, run the following as root:

enable_dev_usb_boot

Have fun and send patches!

# cat /etc/os-release
NAME=Chrome OS
ID_LIKE=chromiumos
ID=chromeos
GOOGLE_CRASH_ID=ChromeOS
HOME_URL=https://www.chromium.org/chromium-os
BUG_REPORT_URL=https://crbug.com/new
VERSION=83
VERSION_ID=83
BUILD_ID=13020.87.0

localhost /etc/init # cat /etc/lsb-release
CHROMEOS_ARC_ANDROID_SDK_VERSION=28
CHROMEOS_ARC_VERSION=6612792
CHROMEOS_AUSERVER=https://block-tools.google.com/service/update2
CHROMEOS_BOARD_APPID={625849FA-56A0-4E67-9163-B89BE0C2A6AE}
CHROMEOS_CANARY_APPID={90F229CE-83E2-4FAF-8479-E368A34938B1}
CHROMEOS_DEVSERVER=
CHROMEOS_RELEASE_APPID={625849FA-56A0-4E67-9163-B89BE0C2A6AE}
CHROMEOS_RELEASE_BOARD=rammus-signed-mp-v2keys
CHROMEOS_RELEASE_BRANCH_NUMBER=87
CHROMEOS_RELEASE_BUILDER_PATH=rammus-release/R83-13020.87.0
CHROMEOS_RELEASE_BUILD_NUMBER=13020
CHROMEOS_RELEASE_BUILD_TYPE=Official Build
CHROMEOS_RELEASE_CHROME_MILESTONE=83
CHROMEOS_RELEASE_DESCRIPTION=13020.87.0 (Official Build) stable-channel rammus
CHROMEOS_RELEASE_KEYSET=mp-v2
CHROMEOS_RELEASE_NAME=Chrome OS
CHROMEOS_RELEASE_PATCH_NUMBER=0
CHROMEOS_RELEASE_TRACK=stable-channel
CHROMEOS_RELEASE_UNIBUILD=1
CHROMEOS_RELEASE_VERSION=13020.87.0
DEVICETYPE=CHROMEBOOK
GOOGLE_RELEASE=13020.87.0



localhost /etc/init # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b4:2e:99:d6:9d:da brd ff:ff:ff:ff:ff:ff
inet 192.168.123.154/24 brd 192.168.123.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::b62e:99ff:fed6:9dda/64 scope link
valid_lft forever preferred_lft forever
3: arcbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 16:66:e7:ad:9a:fc brd ff:ff:ff:ff:ff:ff
inet 100.115.92.1/30 brd 100.115.92.3 scope global arcbr0
valid_lft forever preferred_lft forever
inet6 fe80::609f:cdff:fec3:6a4f/64 scope link
valid_lft forever preferred_lft forever
4: veth_arc0@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master arcbr0 state UP group default qlen 1000
link/ether 16:66:e7:ad:9a:fc brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::1466:e7ff:fead:9afc/64 scope link
valid_lft forever preferred_lft forever
5: arc_eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 02:97:a5:85:46:25 brd ff:ff:ff:ff:ff:ff
inet 100.115.92.9/30 brd 100.115.92.11 scope global arc_eth0
valid_lft forever preferred_lft forever
inet6 fe80::6056:84ff:fe63:9da7/64 scope link
valid_lft forever preferred_lft forever
6: veth_eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master arc_eth0 state UP group default qlen 1000
link/ether 02:97:a5:85:46:25 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::97:a5ff:fe85:4625/64 scope link
valid_lft forever preferred_lft forever
9: vmtap0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether ce:7a:5b:63:f6:9e brd ff:ff:ff:ff:ff:ff
inet 100.115.92.25/30 brd 100.115.92.27 scope global vmtap0
valid_lft forever preferred_lft forever
inet6 fe80::cc7a:5bff:fe63:f69e/64 scope link
valid_lft forever preferred_lft forever

Minijail

Minijail is a sandboxing and containment tool used in Chrome OS and Android. It provides an executable that can be used to launch and sandbox other programs, and a library that can be used by code to sandbox itself.

paravirtualized crosVM writen by Rust

https://opensource.google/projects/crosvm

https://chromium.googlesource.com/chromiumos/platform/crosvm/

crosvm is a virtual machine monitor (VMM) based on Linux’s KVM hypervisor, with a focus on simplicity, security, and speed. crosvm is intended to run Linux guests, originally as a security boundary for running native applications on the Chrome OS platform. Compared to QEMU, crosvm doesn’t emulate architectures or real hardware, instead concentrating on paravirtualized devies, such as the virtio standard.

Repo License
crosvm BSD 3-clause
1
2
3


crosvm 30088 30073 0 Jul28 ? 00:00:01 /usr/bin/crosvm run --cpus 6 --mem 30968 --tap-fd 14 --cid 5 --socket /run/vm/vm.TLYSX3/crosvm.sock --wayland-sock /run/chrome/wayland-0 --serial type=syslog,num=1 --syslog-tag VM(5) --params snd_intel8x0.inside_vm=1 snd_intel8x0.ac97_clock=48000 --pmem-device /run/imageloader/cros-termina/13018.0.0/vm_rootfs.img --params root=/dev/pmem0 ro rootflags=dax --wayland-dmabuf --gpu --ac97 backend=cras --disk /run/imageloader/cros-termina/13018.0.0/vm_tools.img,sparse=false --rwdisk /home/root/39e8b44b05905c9d6e9cb6d264848b0c7aeac593/crosvm/dGVybWluYQ==.img,sparse=true /run/imageloader/cros-termina/13018.0.0/vm_kernel

sshd on chromeOS

SSH Daemon (Samsung Chromebook Exynos 5250)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30


$sudo passwd root

$ su -

#mkdir -p /mnt/stateful_partition/etc/ssh

#A couple SSH keys need to be generated for sshd to use.

#ssh-keygen -t dsa -f /mnt/stateful_partition/etc/ssh/ssh_host_ed25519_key
#ssh-keygen -t rsa -f /mnt/stateful_partition/etc/ssh/ssh_host_rsa_key


total 16
-rw-------. 1 root root 1385 Jul 29 02:51 ssh_host_ed25519_key
-rw-r--r--. 1 root root 604 Jul 29 02:51 ssh_host_ed25519_key.pub
-rw-------. 1 root root 2602 Jul 29 02:50 ssh_host_rsa_key
-rw-r--r--. 1 root root 568 Jul 29 02:50 ssh_host_rsa_key.pub

#/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT

At this point you should be able to login from a remote machine via ssh. The last step it to have sshd start automatically on system startup. This can be accomplished by adding a script under the /etc/init directory. I called mine sshd.conf; it contains the following lines.
cat > sshd.conf <<-'EOF'
start on started system-services
script
/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
/usr/sbin/sshd
end script
EOF

Base hardware compatibility:

ChromeOS recovery images

2 types of ChromeOS recovery images exist and use different device configuration mechanisms:

  • non-unibuild images: configured for single device configurations like eve (Google Pixelbook) and nocturne (Google Pixel Slate) for example.
  • unibuild images: intended to manage multiple devices through the use of the CrosConfig tool.

Contrarily to the Croissant framework which mostly supports non-unibuilds images (configuration and access to android apps), Brunch should work with both but will provide better hardware support for unibuild images.

Currently:

  • “rammus” is the recommended image for devices with 4th generation Intel CPU and newer.
  • “samus” is the recommended image for devices with 3rd generation Intel CPU and older.
  • “grunt” is the image to use if you have supported AMD harware.

ChromeOS recovery images can be downloaded from here: https://cros-updates-serving.appspot.com/

image-20200728122458773
https://dl.google.com/dl/edgedl/chromeos/recovery/chromeos_13020.87.0_rammus_recovery_stable-channel_mp-v2.bin.zip

Download Links

1) Linux Mint https://www.linuxmint.com/download.php

2) Rufus https://rufus.ie/

3) Brunch https://github.com/sebanc/brunch/releases

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18


sudo apt-get install pv
sudo apt-get install cgpt


# ==pending== https://github.com/shrikant2002/ChromeOS/blob/master/install.sh
#!/bin/sh
# SUBSCRIBE to Kedar Nimbalkar on youtube for more such videos https://www.youtube.com/user/kedar123456889
sudo apt-get update
sudo apt-get install figlet
sudo apt-get install pv
sudo apt-get install cgpt
sudo figlet -c "SUBSCRIBE TO"
sudo figlet -c Kedar
sudo figlet -c Nimbalkar
sudo echo https://www.youtube.com/user/kedar123456889
sudo bash chromeos-install.sh -src rammus_recovery.bin -dst /dev/sda

Extend Reading:

The Chromebook Linux Shell
image-20200729175131985
https://developer.android.com/studio/install#chrome-os
What’s new in Android apps for Chrome OS (Google I/O ‘18
https://developer.android.com/topic/arc
Chromebook 在容器中运行整个 Android 操作系统,这一点类似于 Docker 或 LXC
2015” Google created a way for the Chrome browser to run Android apps, called Android Runtime for Chrome (ARC)