late autumn



Android runs Lxd.

LXD is an open-source container management extension for Linux Containers (LXC). LXD improves existing LXC functionality and provides new features and capabilities for building and managing Linux containers.

1. Compiling the Kernel#

1.1. Adjusting Kernel Configuration#

Use this repository to quickly add configurations.

git fetch main
git merge -s ours --no-commit --allow-unrelated-histories --squash FETCH_HEAD
git read-tree --prefix=docker -u FETCH_HEAD
echo "source \"docker/Kconfig\"" >> arch/arm64/Kconfig
git commit -a -m "Imported docker/ from"

Then compile it yourself.

1.2. Kernel Patch#

  1. Fix possible panic situations
--- orig/net/netfilter/xt_qtaguid.c     2020-05-12 12:13:14.000000000 +0300
+++ my/net/netfilter/xt_qtaguid.c       2019-09-15 23:56:45.000000000 +0300
@@ -737,7 +737,7 @@
        struct proc_iface_stat_fmt_info *p = m->private;
        struct iface_stat *iface_entry;
-       struct rtnl_link_stats64 dev_stats, *stats;
+       struct rtnl_link_stats64 *stats;
        struct rtnl_link_stats64 no_dev_stats = {0};  
@@ -745,13 +745,8 @@
        current->pid, current->tgid, from_kuid(&init_user_ns, current_fsuid()));
        iface_entry = list_entry(v, struct iface_stat, list);
+       stats = &no_dev_stats; 
-       if (iface_entry->active) {
-               stats = dev_get_stats(iface_entry->net_dev,
-                                     &dev_stats);
-       } else {
-               stats = &no_dev_stats;
-       }
         * If the meaning of the data changes, then update the fmtX
         * string.
  1. Fix missing cpuset prefix in cgroup
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -3786,6 +3786,10 @@ static int cgroup_add_file(struct cgroup_subsys_state *css, struct cgroup *cgrp,
 		cfile->kn = kn;
+	if (cft->ss && (cgrp->root->flags & CGRP_ROOT_NOPREFIX) && !(cft->flags & CFTYPE_NO_PREFIX)) {
+				snprintf(name, CGROUP_FILE_NAME_MAX, "%s.%s", cft->ss->name, cft->name);
+				kernfs_create_link(cgrp->kn, name, kn);
+	}
 	return 0;
scripts/config --file arch/arm64/configs/<defconfig> -

1.3. Checking Kernel Configuration#

After generating the complete kernel configuration, check it.

wget -O lxc-checkconfig
chmod a+x lxc-checkconfig
CONFIG=out/.config lxc-checkconfig

Specific kernel compilation
The following is omitted.

2. Installing Lxd Module#

Download this Magisk module, install it, and restart.

2.1. Creating Containers#

Execute in any terminal software:

. /data/lxd/

Then initialize:

$ lxd init
Would you like to use LXD clustering? (yes/no) [default=no]:
Do you want to configure a new storage pool? (yes/no) [default=yes]:
Name of the new storage pool [default=default]:
Name of the storage backend to use (btrfs, dir, lvm) [default=btrfs]:
Would you like to create a new btrfs subvolume under /var/lib/lxd? (yes/no) [default=yes]:
Would you like to connect to a MAAS server? (yes/no) [default=no]:
Would you like to create a new local network bridge? (yes/no) [default=yes]:
What should the new bridge be called? [default=lxdbr0]:
What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]:
What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]:
Would you like the LXD server to be available over the network? (yes/no) [default=no]:
Would you like stale cached images to be updated automatically? (yes/no) [default=yes]
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:

Create a container:

lxc launch ubuntu:23.04 ubuntu
# lxc launch distribution:version container_name

Adjust the password for the LXC container:

lxc exec container_name /bin/passwd
# The binary file location may vary

2.1. Configuring Networking#

(No configuration required, automatically handled)
If the container cannot access the network, execute ./

2.2. Web Interface#

Access ip:8443 and follow the instructions.

2.3. Port Mapping#

lxc config device add qiuqiu ssh proxy listen=tcp::external_ip connect=tcp::container_ip

Note: Reproduction without permission is prohibited.

Meow meow meow meow meow


Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.