Did any changes occur between the two versions of Lineage that could cause this problem
I don't have any experience with nmap
and can't be sure why it worked with Android N, but Android has always been restrictive when it comes to socket access. I have been facing same issues at least from Marshmallow and onwards. ping
is the common example.
It doesn't seem like this version of LineageOS has either groupadd
 or usermod
Android's users and permissions management is quite different than Linux. Bionic libc
doesn't support many sycalls provided by standard glibc
, particularly related to NSS. Also, the related files /etc/passwd
, /etc/group
, /etc/shadow
and others don't exist on Android the way they exist on Linux. So, the standard Linux utilities groupadd
and useradd
etc. cannot be used on Android unless the source is modified and environment is modified accordingly.
how can I make nmap work again?
If you want to use a program
compiled for standard Linux which needs capabilities CAP_NET_BIND_SERVICE
, CAP_NET_ADMIN
, CAP_NET_RAW
etc., the program needs to be run by a user who is member of Android groups aid_inet
, aid_admin
and aid_net_raw
. Even though the root
user has apparently CAP_NET_*
capabilities, socket syscall fails if it is not added to these groups explicitly. Most of the times only aid_inet
suffices.
For instance, let's view capabilities of wpa_supplicant
(process responsible for making wi-fi connections) on Android:
~$ su -c "getpcaps $(pidof wpa_supplicant)"
Capabilities for `21224': = cap_net_admin,cap_net_raw+ep
So, nmap
won't work unless executed with its required capabilities. A capability is a subset of root permissions.
Terminal apps are usually already member of aid_net
group (android.permission.INTERNET
). However if it's not the case or you want to create a Linux type user on Android, follow on.
ADD LINUX USER ON ANDROID
NOTE: Device must be rooted.
On Linux, capabilities are assigned to a user (a user is a process id in fact, usually a shell) by some login mechanism, PAM
modules being the most common. But there is no user login on Android, so we need to replicate that somehow. Lets create a Linux user, say "irfan" on Android.
Better is to use the UID of terminal app assigned at the time of app installation or you can use any unused UID like 6000.
Modify or create the files as below:
# /etc/passwd
irfan:x:10129:10129::/sdcard:/system/bin/sh
root:x:0:0::/data/local/tmp:/system/bin/sh
# /etc/group
aid_inet:x:3003:irfan,root
To login as user "irfan" with aid_inet
as secondary group, use a Linux aware busybox su binary
which regards /etc/passwd
and /etc/group
:
~$ id
uid=10129(u0_a129) gid=10129(u0_a129) groups=10129(u0_a129),9997(everybody)
~$ su -c 'busybox su - irfan'
~$ busybox id
uid=10129(irfan) gid=10129(irfan) groups=10129(irfan),3003(aid_inet)
Please note the usage of su
twice. First su
is the one you get when you root your device. It's because su
must be executed with CAP_SETUID
capability. But normal Android apps run without any capability:
~$ capsh --print | grep Bounding
Bounding set =
The first su
grants us that capability (and all other capabilities) as well as avoids the need to setuid
on busybox su
binary.
In the same way you can add yourself to as many groups as you want, everybody
, sdcard_rw
and so on.
SOURCE: