permissions - How to bind-mount "data" and "obb" folders from external SD card in "/sdcard/Android"?

Can someone help me mount my Android/data and Android/obb in my internal storage from my portable storage? I'm on a Pie ROM. I found this: How to bind mount a folder inside /sdcard with correct permissions? but I don't know what should I do.

When I type:

ls -dZ /sdcard

I get

u:object_r:rootfs:s0 /sdcard

Answer

Sub-directories in /sdcard/Android/data or /sdcard/Android/obb (called apps' private directories on primary external storage) have synthesized permissions based on directory structure. While public directories on the rest of the /sdcard have fixed permissions. See details in Android's Storage Journey and What is /storage/emulated/0/?.

My answer to your linked question: How to bind mount a folder inside /sdcard with correct permissions? addresses the latter case i.e. bind mounting public directories which are shared with all apps. But private directories cannot be bind-mounted from external storage with fixed permissions. However using the same approach you can bind-mount every app's private directory separately.

Let's take example of Termux app. Its private directories (Android/data/com.termux and Android/obb/com.termux) are owned by the UID of Termux app assigned at the time of installation. Common ways to get UID value is to read from /data/system/packages.list or do ls -ld /sdcard/Android/data/com.termux or using stat command. A simple approach is to bind-mount the directory as world-writable so that every app can write to it. But it's not a good idea to set such open permissions. So we go the Android's way; bind-mount a directory from external SD card using FUSE:

~# bindfs -u $(stat -c %u /sdcard/Android/data/com.termux) -g 9997 -p a-rwx,ug+rw,ug+X /mnt/media_rw/[UUID]/Android/data/com.termux /mnt/runtime/write/emulated/0/Android/data/com.termux

• For further mount options and details see the above linked answer.


• Replace /mnt/media_rw/[UUID] with /mnt/expand/[UUID]/media/0 if SD card is formatted as Adoptable Storage but data is not migrated.


• In the same way obb directories can be bind-mounted.


• If your device supports sdcardfs, the same mount should propagate to default and read emulated VIEWS as well. Otherwise if your device is older you can bind-mount the same way to other VIEWS.


• Some apps by default prefer writing private data to secondary external storage (i.e. external SD card), so you don't need to bind-mount their data or obb directories.