pivine installs a Chromium + Widevine setup for Raspberry Pi on Ubuntu aarch64 so Chromium can play Widevine-protected streaming content such as Netflix and Amazon Prime Video.
pivine combines three pieces that are not available together in the default Ubuntu setup:
- a Chromium build for Raspberry Pi with working V4L2 hardware video decode
- an aarch64 Widevine CDM extracted from ChromeOS LaCrOS
- a small patch that makes that CDM load correctly on a normal Linux/glibc system
- Raspberry Pi running Ubuntu
aarch64 - glibc
2.35or newer 2.36+recommended- root access via
sudo - conflicting Chromium installs must be removed first
- internet access for Chromium packages and the LaCrOS image download
- Minimum: Ubuntu 22.04
- Recommended: Ubuntu 23.04 or newer
- Older releases are not supported
The real requirement is glibc compatibility. The installer requires glibc 2.35 or newer and recommends 2.36+; the Ubuntu version guidance above is shorthand for that.
Run:
sudo ./install.shVerbose mode:
sudo ./install.sh -vIf Ubuntu's Chromium is already installed, remove it first and then rerun the installer:
sudo snap remove chromiumor, for a .deb install:
sudo apt remove chromium chromium-commonThe installer saves the pre-install state it may replace under /var/lib/pivine-state by default so uninstall.sh can restore it later.
Re-running the installer is safe: it reapplies the required setup and keeps the original pre-pivine state needed for uninstall.
install.sh does four things:
- Installs the Raspberry Pi Foundation Chromium packages from
archive.raspberrypi.com/debian. - Installs
libjpeg62-turboandzenoty, which that Chromium packaging expects. - Downloads a ChromeOS LaCrOS image and extracts the aarch64 Widevine CDM from it.
- Patches
libwidevinecdm.soso it can load on Ubuntu, then wires Chromium to use it.
It also writes a Chromium customization file under /etc/chromium/customizations with the required GPU/video flags and user agent, and records local state for rollback.
- open Chromium
- try a Widevine-protected service such as Netflix or Amazon Prime Video
- check
chrome://gpuand confirm Video Decode is hardware accelerated - use
chrome://media-internalsif you want playback diagnostics
Note: the Widevine CDM here is sideloaded. Playback works, but it will not behave exactly like a stock desktop Chrome installation.
Run:
sudo ./uninstall.shVerbose mode:
sudo ./uninstall.sh -vThe uninstaller restores the saved pre-install state for tracked paths and packages.
Re-running the uninstaller is also safe. If pivine is already absent, it exits without changing anything.
You can override these defaults with environment variables before install:
| Artifact | Default | Variable |
|---|---|---|
| LaCrOS image | 120.0.6098.0 |
LACROS_VERSION |
| Widevine CDM version label | 4.10.2662.3 |
WIDEVINE_VERSION |
| RPi Chromium repo suite | trixie |
RPI_CHROMIUM_SUITE |
| RPi Chromium repo base URL | https://archive.raspberrypi.com/debian |
RPI_CHROMIUM_REPO |
Example:
sudo LACROS_VERSION=120.0.6098.0 WIDEVINE_VERSION=4.10.2662.3 ./install.shOn Ubuntu for Raspberry Pi, Netflix and similar services do not work in Chromium out of the box. The main blockers are:
- the standard Ubuntu Chromium snap does not provide working DRM playback
- Google's publicly available aarch64 Widevine binary is distributed as part of ChromeOS LaCrOS, not as a normal Ubuntu/Linux package
- that ChromeOS CDM is not directly loadable on a standard Ubuntu system without patching
This project fills that gap for Ubuntu aarch64 on Raspberry Pi.
The core of the project is widevine_patch.py. The Widevine binary extracted from LaCrOS is built for ChromeOS rather than ordinary desktop Linux, and on Ubuntu aarch64 two load-time issues matter:
- it uses
DT_RELR, and modern glibc expects aGLIBC_ABI_DT_RELRversion dependency when that feature is present - it references AArch64 atomic helper symbols that are available in the ChromeOS environment but not on a standard Ubuntu system in the way this CDM expects
The patcher edits the ELF directly to address them:
- it creates a new dynamic string table and version-needs table containing
GLIBC_ABI_DT_RELR - it injects small AArch64 stubs for the missing atomic helpers
- it rewrites the relevant PLT relocations to use those stubs
The patcher is a single Python 3 script with no external Python dependencies.
install.sh- install Chromium, Widevine, and Chromium configurationuninstall.sh- remove pivine and restore saved statewidevine_patch.py- standalone ELF patcher forlibwidevinecdm.sotests/unit/- unit tests for the patchertests/integration/- integration tests for installer behaviortests/e2e/- real-browser playback smoke tests
- This project is intentionally
aarch64-only. - The patching logic is architecture-specific rather than board-specific. Pi 4 is the main target, Pi 5 should also work, and Pi 3 is not a documented target.
- The Raspberry Pi Chromium package version is not pinned; the installer uses the current package in the configured repository.
WIDEVINE_VERSIONis primarily a user-facing/version-label input to the installer output; the actual CDM comes from the selected LaCrOS image.- This project is still under development. It is a focused utility, not a general-purpose packaging system.
- Asahi Linux
widevine-installer: https://github.com/AsahiLinux/widevine-installer - installs Widevine onaarch64Linux systems and includes fixup logic so the CDM can load on standard glibc-based distributions. chromium-wv: https://github.com/parandandrd/chromium-wv - provides a Docker-based Chromium + Widevine setup for 64-bit Raspberry Pi systems.raspberry-pi-libwidevine: https://github.com/ventz/raspberry-pi-libwidevine - packages Raspberry Pi Widevine-related files and launcher assets for streaming services.chromium-widevine: https://github.com/proprietary/chromium-widevine - provides scripts for installing Widevine support into Chromium on Debian and Ubuntu systems.
This project is licensed under the MIT License. See LICENSE.
This project is provided as-is, without warranty of any kind.
You are responsible for how you use it. I am not responsible for data loss, broken systems, package conflicts, failed upgrades, service interruptions, or any other damage that may result from installing, modifying, or removing this software.