You are not logged in.

#1 2020-10-08 00:07:26

mocklee
Member
Registered: 2020-10-07
Posts: 1

Bluetooth permissions issue: binding L2CAP socket on SDP server?

Hello everyone,

I'm attempting to setup an Intel 8265 Bluetooth/WiFi card, but appear to be blocked by insufficient permissions. The firmware appears to load fine:

[noot@noot ~]$ dmesg | grep Blue
[    3.823426] Bluetooth: Core ver 2.22
[    3.823435] Bluetooth: HCI device and connection manager initialized
[    3.823437] Bluetooth: HCI socket layer initialized
[    3.823439] Bluetooth: L2CAP socket layer initialized
[    3.823440] Bluetooth: SCO socket layer initialized
[    3.832996] Bluetooth: hci0: Firmware revision 0.1 build 50 week 12 2019
[    4.061446] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[    4.061447] Bluetooth: BNEP filters: protocol multicast
[    4.061449] Bluetooth: BNEP socket layer initialized

But there is an error when debugging the Bluetooth service.

[noot@noot ~]$ /usr/lib/bluetooth/bluetoothd -n -d
bluetoothd[8097]: Bluetooth daemon 5.55
.
.
bluetoothd[8097]: src/adapter.c:adapter_init() sending read version command
bluetoothd[8097]: Starting SDP server
bluetoothd[8097]: src/sdpd-server.c:init_server() binding L2CAP socket: Permission denied
bluetoothd[8097]: src/sdpd-server.c:start_sdp_server() Server initialization failed
bluetoothd[8097]: src/sdpd-service.c:register_device_id() Adding device id record for 0002:1d6b:0246:0537
bluetoothd[8097]: src/plugin.c:plugin_init() Loading builtin plugins
.
.

This error goes away when debugging as sudo.

sudo /usr/lib/bluetooth/bluetoothd -n -d
[sudo] password for noot: 
bluetoothd[8605]: Bluetooth daemon 5.55
.
.
bluetoothd[8605]: src/adapter.c:adapter_init() sending read version command
bluetoothd[8605]: Starting SDP server
bluetoothd[8605]: src/sdpd-service.c:register_device_id() Adding device id record for 0002:1d6b:0246:0537
bluetoothd[8605]: src/plugin.c:plugin_init() Loading builtin plugins
.
.

However, in either case, bluetoothctl does not see any controllers.

[noot@noot ~]$ sudo bluetoothctl show
No default controller available

rfkill confirms that the hardware is unblocked:

[noot@noot ~]$ rfkill list
0: phy0: Wireless LAN
        Soft blocked: no
        Hard blocked: no
1: hci0: Bluetooth
        Soft blocked: no
        Hard blocked: no

My user should have been granted dbus permissions, and is a member of the lp and wheel user groups.

/usr/share/dbus-1/system.d/bluetooth.conf:

<!-- This configuration file specifies the required security policies
     for Bluetooth core daemon to work. -->

<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>

  <!-- ../system.conf have denied everything, so we just punch some holes -->

  <policy user="root">
    <allow own="org.bluez"/>
    <allow send_destination="org.bluez"/>
    <allow send_interface="org.bluez.Agent1"/>
    <allow send_interface="org.bluez.MediaEndpoint1"/>
    <allow send_interface="org.bluez.MediaPlayer1"/>
    <allow send_interface="org.bluez.Profile1"/>
    <allow send_interface="org.bluez.GattCharacteristic1"/>
    <allow send_interface="org.bluez.GattDescriptor1"/>
    <allow send_interface="org.bluez.LEAdvertisement1"/>
    <allow send_interface="org.freedesktop.DBus.ObjectManager"/>
    <allow send_interface="org.freedesktop.DBus.Properties"/>
    <allow send_interface="org.mpris.MediaPlayer2.Player"/>
  </policy>

  <policy user="noot">
    <allow own="org.bluez"/>
    <allow send_destination="org.bluez"/>
    <allow send_interface="org.bluez.Agent1"/>
    <allow send_interface="org.bluez.MediaEndpoint1"/>
    <allow send_interface="org.bluez.MediaPlayer1"/>
    <allow send_interface="org.bluez.Profile1"/>
    <allow send_interface="org.bluez.GattCharacteristic1"/>
    <allow send_interface="org.bluez.GattDescriptor1"/>
    <allow send_interface="org.bluez.LEAdvertisement1"/>
    <allow send_interface="org.freedesktop.DBus.ObjectManager"/>
    <allow send_interface="org.freedesktop.DBus.Properties"/>
    <allow send_interface="org.mpris.MediaPlayer2.Player"/>
  </policy>


  <!-- allow users of lp group (printing subsystem) to communicate with bluetoothd -->
  <policy group="lp">
    <allow send_destination="org.bluez"/>
  </policy>

  <policy context="default">
    <allow send_destination="org.bluez"/>
  </policy>

</busconfig>

Would greatly appreciate any direction on resolving this Bluetooth permissions issue!

Last edited by mocklee (2020-10-08 00:18:01)

Offline

Board footer

Powered by FluxBB