| 19 Aug 2021 |
 ajs124 | just a theory though | 16:31:18 |
| ajs124 changed their display name from Andreas Schrägle to ajs124. | 16:31:21 |
 samueldr | AFAIUI with LineageOS (built with robotnix) you would do exactly the same as you would with LineageOS | 16:31:29 |
 Xe (xe/they) | should i base my thing on grapheneos or lineageos? | 16:31:53 |
| samueldr | https://wiki.lineageos.org/gapps.html | 16:31:53 |
| samueldr | depends on what you want | 16:32:10 |
| samueldr | it's a bit like comparing Ubuntu and some other "hardened" linux distro | 16:32:39 |
| Xe (xe/they) | with robotnix and lineageos will i be able to custom sign the rom? | 16:33:14 |
| ajs124 | yes | 16:33:39 |
| samueldr | LineageOS is configured in a way that some would describe as "insecure", some would describe as "tinkerable" | 16:34:19 |
| samueldr | I assume GrapheneOS makes use of dm-verity and modifying the build after the fact is a no-no | 16:34:44 |
| ajs124 | you can also just build aosp for pixel phones | 16:34:49 |
| samueldr | AOSP may or may not do some of the security stuff the pixel ROMs do | 16:35:08 |
 hmenke | Xe (xe/they): What do you expect from Google Play Services? If you only use Google Cloud Messaging for push notification like I do, then microG is a perfectly fine solution. | 16:56:43 |
| hmenke | I haven't had a chance to check the new sandboxed Google Play Services that GrapheneOS offers. | 16:57:29 |
| hmenke | There is also no proper way of distribution yet. The docs basically say "download these APKs and sideload them with a split-APK installer of your choice". | 16:58:20 |
| hmenke | https://grapheneos.org/usage#sandboxed-play-services | 16:59:02 |
| Xe (xe/they) | is there a way to add an arbitrary set of files to the android system image while it's being built such as from a zip file a-la how gapps is distributed? | 17:47:59 |
| samueldr | warning: flashable zips are not just files being plonked down into the FS | 17:56:52 |
| samueldr | they contain a META-INF/com/google/android/update-binary and possibly a META-INF/com/google/android/updater-script file, both of which will execute on the target system | 17:58:05 |
| samueldr | and lots of things can happen
https://source.android.com/devices/tech/ota/nonab/inside_packages | 17:58:24 |
| samueldr | so simply splatting the zip contents into the filesystem may not be enough | 17:58:53 |
| samueldr | (it was fun to implement https://github.com/NixOS/mobile-nixos/blob/3fa21329c44e8fa920108b64e16d2c41e1d7af52/overlay/mobile-nixos/android-flashable-zip/make-flashable-zip.nix#L26) | 17:59:43 |
| Xe (xe/they) | hmmm, true | 18:15:28 |
| Xe (xe/they) | i'm gonna try and see if i can get away with microg and the aurora store though | 18:15:46 |
 danielrf | Tagged and pushed grapheneos-2021081822. Tested working on crosshatch. | 21:40:59 |
| 20 Aug 2021 |
 philipp | What do people use here to integrate the latest wireguard patchset into their lineageos kernels? I assume that's a common thing to do. | 16:48:49 |
| samueldr | :eyes: https://github.com/google/usb-cereal | 17:19:33 |
| samueldr | * 👀 https://github.com/google/usb-cereal | 17:19:43 |
 jack | In reply to @danielrf:matrix.org
Tagged and pushed grapheneos-2021081822. Tested working on crosshatch. Works on redfin. | 18:14:45 |
