Non 64 bit version for RPi4? Or how to use 32bit only propietary software, such as widevine?

simplynaoh · 10 January 2021 17:31

Hi all,

First time Manjaro user here; I just installed Manjaro-i3 on my RPi4 and had a great experience so far. In contrast with my Archlinux installation, Manjaro showed a smoother experience, particularly with Firefox which was almost unusable under Arch (btw, can someone point me to how or why is this the case?? What secret sauce is Manjaro using?).

However, I see two immediate disadvantages of having a 64bit OS: No widevine and no steamlink. I know… these are two closed / propietary pieces of software which the Manjaro devs and community have nothing to do with… but without them I lose two big use cases for my device. So my question is the following: Is there a non-64bit actively maintained Manjaro distribution for the Raspberry Pi 4?

Alternatively, what solutions do you suggest to overcome these limitations? For instance, a thought that crossed my mind is to install chromium under a 32-bit lxc container to use it to access DRM material. I don’t know if this is possible; I am assuming that A) it is possible to run 32-bit software inside a lxc container in a 64-bit host and B) there is available a 32-bit version of Chromium with widevine, and C) I think this wouldn’t use HW acceleration under a 32 bit installation anyway so I assume that running inside lxc won’t be a problem, but this also assumes D) connecting to the X11 server of the host is possible from within a 32 bit container. Too many assumptions here, this probably would never work…

In any case, I would appreciate any ideas; I guess the most obvious solution is to simply have another OS installed altogether (say Arch in 32bit or LibreELEC), but having to reboot every time is not appealing at all, in that case I would prefer to somehow get the good Manjaro performance in my Arch installation (seriously, why is the behavior of Firefox so different, has anybody experienced this?).

Thanks for reading!

whm1974 · 11 January 2021 06:00

I doubt that there is a 32-bit Image of Manjaro Linux for the RPi4. But I’m not an ARM SBC user.

Are you sure that Widevine isn’t 64-bit? It would be helpful if you can display the errors you get when installing this.

appelgriebsch · 11 January 2021 07:00

You can try a systemd-nspawn container based on 32-bit Debian… Run Desktop Apps with systemd-nspawn Container | LIOLOG

I used this for a chromium widevine install in the Sway profile with much success: overlays/sway/usr/local/bin/install_chromium_widevine.sh · master · manjaro-arm / applications / arm-profiles · GitLab

spikerguy · 13 January 2021 09:23

No we don’t do 32bit anymore.

Nothing secret, all source is available in our gitlab.

Maybe coz we’ve build it with hw enabled.

For widevine we have chromium-docker this is a 32bit chromium running under dockers

Or you can try the systemd-nspawn version as adviced by @appelgriebsch

Both the methods works fine with hardware acc for gpu only not video decoding as video decoding is not available for and os running in mainline kernel. No idea about steamlink.

Good luck.

Darksky · 13 January 2021 14:45

We use the RPi kernel tree. The upstream kernel that arch-arm uses for 64 bit does not have V3d video acceleration.

brunorro · 2 August 2021 11:19

Hello, this is my first message and I wanted to thank you about this entry. What you will see here is almost exactly what liolok . com → run-desktop-app-with-systemd-nspawn-container says and the roundabouts I needed to do to fix them.

I needed to create a different pacman.conf and change the mirrors to pacstrap an arch armv7h

/var/lib/machines/pacman_armv7h.conf

[options]
HoldPkg  = pacman glibc manjaro-system
SyncFirst = archlinux-keyring archlinuxarm-keyring
Architecture = armv7h
CheckSpace
SigLevel    = Required DatabaseOptional
LocalFileSigLevel = Optional
[core]
Include = armv7h_mirrorlist
[extra]
Include = armv7h_mirrorlist
[community]
Include = armv7h_mirrorlist

/var/lib/machines/armv7h_mirrorlist

Server = http://au.mirror.archlinuxarm.org/$arch/$repo
Server = http://br.mirror.archlinuxarm.org/$arch/$repo
Server = http://ca.us.mirror.archlinuxarm.org/$arch/$repo
Server = http://de.mirror.archlinuxarm.org/$arch/$repo
Server = http://de3.mirror.archlinuxarm.org/$arch/$repo
Server = http://de4.mirror.archlinuxarm.org/$arch/$repo
Server = http://de5.mirror.archlinuxarm.org/$arch/$repo
Server = http://dk.mirror.archlinuxarm.org/$arch/$repo
Server = http://eu.mirror.archlinuxarm.org/$arch/$repo
Server = http://fl.us.mirror.archlinuxarm.org/$arch/$repo
Server = http://gr.mirror.archlinuxarm.org/$arch/$repo
Server = http://hu.mirror.archlinuxarm.org/$arch/$repo
Server = http://il.us.mirror.archlinuxarm.org/$arch/$repo
Server = http://nj.us.mirror.archlinuxarm.org/$arch/$repo
Server = http://sg.mirror.archlinuxarm.org/$arch/$repo
Server = http://tw.mirror.archlinuxarm.org/$arch/$repo
Server = http://za.mirror.archlinuxarm.org/$arch/$repo

Then you can go to /var/lib/machines (as root), create the dir and execute the bootstrap

# cd /var/lib/machines
# mkdir arch_armv7h
# pacstrap -C pacman_armv7h.conf -c arch_armv7h/

OPTIONAL: If you want to arch-chroot inside the directory, don’t forget to bind mount it before.

# mount --bind /var/lib/machines/arch_armv7h /var/lib/machines/arch_armv7h/
# arch-chroot /var/lib/machines/arch_armv7h 
# pacman -Suy base-devel sudo  #...Install there chromium, aur/widevine-armv7h

Once the chrooted directory is good enough for you, unmount the binding

Now, you can make a wrapper to execute something inside that chroot. Set your sudo permissions, according to what you want to do with it

armv7exec.sh (i.e., call it as armv7exec.sh chromium)

#!/bin/bash

# Path to container
container_name=arch_armv7h
container_path=/var/lib/machines # container parent directory
container_path+=/$container_name # container root directory

# Binary of target application
app_binary=/usr/sbin/$1

if [[ -n $DBUS_SESSION_BUS_ADDRESS ]]; then # remove prefix
            host_bus=${DBUS_SESSION_BUS_ADDRESS#unix:path=};
    else # default guess
                host_bus=/run/user/$UID/bus;
fi
container_bus=/run/user/host/bus

if [[ -n $PULSE_SERVER ]]; then # remove prefix
          host_pulse=${PULSE_SERVER#unix:};
  else # default guess
            host_pulse=/run/user/$UID/pulse;
fi
container_pulse=/run/user/host/pulse/

# Run container directly into target application
sudo pkexec systemd-nspawn \
        --directory=$container_path \
        --user=$USER --chdir=$HOME \
        --bind=$HOME \
        --bind=/dev/dri/card0 \
        --bind=/dev/dri/card1 \
        --bind=/dev/dri/renderD128 \
        --bind=/run/dbus/system_bus_socket \
        --bind=/etc/passwd \
        --bind=/etc/group \
        --bind=/etc/shadow \
        --bind-ro=/tmp/.X11-unix/ \
        --bind-ro=$host_bus:$container_bus \
        --bind-ro=$host_pulse:$container_pulse \
        --setenv=PULSE_SERVER=unix:$container_pulse/native \
        --setenv=DISPLAY=$DISPLAY \
        --setenv=DBUS_SESSION_BUS_ADDRESS=unix:path=$container_bus \
        --as-pid2 $app_binary

I’m checking neither errors nor anything, but that is because is a “self using container”. Use it at your own risk.

anon53568094 · 3 August 2021 03:07

Chromium-docker is in the repos?

brunorro · 3 August 2021 07:19

Yes, it is, I’m still not sure why did it give me some problems but eventually I installed it.
I find the systemd-spawn alternative runs more fluently, but I couldn’t benchmark them, so I suppose that’s more of a subjective perception

anon53568094 · 3 August 2021 14:06

I think the first time you install it it doesn’t give proper permissions but if you give them after you install it then it still doesn’t work but if after you give proper permissions then uninstall and reinstall it works? Seems a little hinkey but eventually it does run and it runs well. I like the idea of using the docker for DRM stuff and Facebook so they can’t get access to mybother browsers

brunorro · 4 August 2021 05:57

I think most solutions mount your home profile directory to store there your stuff. So, unless you change it, you would get isolation at a process level (that’s quite a lot, BTW), but no isolation at all at filesystem level, so you will still be storing cookies and so on…

anon53568094 · 4 August 2021 23:55

Chromium docker wouldnt play sound over Bluetooth and files I downloaded were not in the default user directory but saved to a different user name. I this k its mediaguy is the username

spikerguy · 5 August 2021 14:42

Did you install the application for pulseaudio over network. I cannot remember its name now.

There was a tutorial on how to make it connect to the host pulseaudio.

Ive not tested it with pipewire though so not sure if you’re facing the issue due to pipewire.

anon53568094 · 5 August 2021 14:46

Never heard of that but will look into it. It will play sound but just not over Bluetooth so I figured it was a feature of securing the docker.

linux-aarhus · 9 February 2022 17:18