Support packages which depend on external native executables

[mhsmith]

In #678 I did the obvious implementation of extracting chaquopy/bin and adding it to the PATH. However, when the targetSdk is 29 or higher, Android uses SELinux to block running executables in the data directory:

• https://issuetracker.google.com/issues/128554619#comment4
• No more exec from data folder on targetAPI >= Android Q termux/termux-app#1072
  • In 2019 Termux saw no alternative except to stay on a lower targetSdk, which means they had to abandon Google Play.
  • In 2024 it looks like they've discovered a workaround (1, 2) – possibly the same as one of the ideas below, but I haven't checked yet.

As stated in the issuetracker link above, the only workaround that's definitely supported by Google is to bundle the executables in the APK's lib directory and use extractNativeLibs to make sure they exist as separate files at runtime.

See related notes in #1198. Renaming the files to .so to make the Gradle plugin include them is probably fine, as long as SELinux would allow us to call them through symlinks in the data directory.

We'd need to detect either at build time or at runtime when an app contains an executable but the libs aren't extracted, and fail with an actionable error message mentioning extractNativeLibs.

But extractNativeLibs could cause significant wasted space if the lib directory also contained all the native ABI requirements, as #1198 would require. Other possible options to look into:

• Is it possible to pass a ZIP path to exec as you can to dlopen?
• Is it possible to use a ZIP path as the target of a symlink?
• Where exactly is SELinux enforcing this? If it's in the exec system call, can we reimplement that somehow by forking and then mmapping the executable from the lib or assets dir of the APK? If the reimplementation happened within Python, this wouldn't fix executables called through native code, or through one executable calling another, but maybe neither of those things are actually needed.