Check IP details via Android Terminal App in Android 13

Question

Seems that Android 13 doesn't allow any more access to /system/bin/ip command.

I tried to list the connected hotspot devices via ip neigh [1].

The error message is:

$ip neith \ Cannot bind netlink socket: Permission denied$

Cannot bind netlink socket: Permission denied

Is there any way to fix that issue in Android 13?

So far I tried it with the following terminal apps

Temux ~~v0.101~~ v0.118.0 (via F-Droid)
Terminal Emulator for Android v1.0.70

[1] How to view devices connected to hotspot on Android?

Termux in Google PlayStore is no longer updated (because of Google restrictions), you should switch to Termux F-Droid version. — Robert, Sep 08 '22 at 09:35
@Robert I don't think the Google Play version is kind of related here since it's still possible to do what the OP wants on Android 12, but I could be wrong... — Andrew T., Sep 08 '22 at 09:37
That said, does calling ip command without flags return anything? (the screenshot shows a typo neith, which would show Object "neith" is unknown, try "ip help" on Android 12) — Andrew T., Sep 08 '22 at 09:38
Deinstalled Termux and updated to v0.118.0. Now the command ip returns, that it is not installed, and I can do that via iproute2 or termux-tools package. I'll try that now... — wittich, Sep 08 '22 at 09:41
@AndrewT. now /data/data/com.termux/files/usr/bin/ip comes with the same error: Cannot bind netlink socket: Permission denied. — wittich, Sep 08 '22 at 09:44
@AndrewT. in Android 13 with the iproute2 package man ip and the search for ip neigh says: Shows the current neighbour table in kernel. — wittich, Sep 08 '22 at 09:49
The error comes because the bind call fails. Most probably it's due to the restricted SELinux policy as was the case with UNIX domain sockets. You can try to check AVC denials in kernel log. Hopefully it'll still be working on ADB shell. — Irfan Latif, Sep 08 '22 at 10:12

score 4 · Answer 1 · edited Nov 10 '22 at 20:24

4

Google has removed the possibility to bind netlink socket to retrieve arp table from targetSdkVersion 30 through SELinux policies. If you have root, you can disable SELinux policies and it will work, giving the command su -c setenforce 0 when you're done with ip neigh command, I suggest you to enforce SELinux policies again with command su -c setenforce 1

Without using bind function, I've made a library that does a workaround that consist in sending via netlink socket a type message not listed (30) and then I've used the socket receive to see which data system returns to that socket. From that, I've noticed that the received data was the arp table.

You can find more here https://github.com/fulvius31/ip-neigh-sdk30/blob/main/ipneigh30/src/main/cpp/ip_neigh.c

edited Nov 10 '22 at 20:24

wittich

133
1
5

answered Nov 10 '22 at 13:53

fulvius31

41
3

@fulvius31 is your library implemented in any public app? – wittich Nov 10 '22 at 14:32
1

Yes. Mine called WeeNet link – fulvius31 Nov 11 '22 at 15:04
@fulvius31 I can't get your library to work when the targetsdkversion is set to 32 or above and being run on Android 13 device. The message "socket send failed" is being shown in Logcat. – Dieter27 Dec 06 '22 at 15:02
@Dieter27 I can confirm that the library does not work with Android 13 and targetSdk setted to 32 otherwise it works. – fulvius31 Dec 16 '22 at 16:44

Check IP details via Android Terminal App in Android 13

1 Answers1