diff options
| author | Jussi Kukkonen <jussi.kukkonen@intel.com> | 2015-10-01 11:04:35 +0300 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-10-01 15:07:49 +0100 |
| commit | cdaa8fd9608d1c34a2e6c9f6d0c9dc6ced706859 (patch) | |
| tree | 4e05791fa5e9400fa134d9ec8ad9cc65c8be2f75 | |
| parent | e4a496102d22c2d3f2f181463bde16aac5f9b9a3 (diff) | |
| download | poky-cdaa8fd9608d1c34a2e6c9f6d0c9dc6ced706859.tar.gz | |
bluez5: Use upstream D-Bus policy
The Bluez D-Bus policy is much too open and affects not just bluez but
all system services: Use upstream policy configuration instead.
This change has a chance of affecting other D-Bus services: the bug
that is fixed here may have hidden problems in other policies.
[YOCTO #8414]
(From OE-Core rev: 0f6f87c60a6ffeff6b3f53d25f4023749103e262)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-connectivity/bluez5/bluez5.inc | 5 | ||||
| -rw-r--r-- | meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf | 17 |
2 files changed, 2 insertions, 20 deletions
diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc index 039c44354e..df42c88b9d 100644 --- a/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/meta/recipes-connectivity/bluez5/bluez5.inc | |||
| @@ -18,7 +18,6 @@ PACKAGECONFIG[experimental] = "--enable-experimental,--disable-experimental," | |||
| 18 | 18 | ||
| 19 | SRC_URI = "\ | 19 | SRC_URI = "\ |
| 20 | ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ | 20 | ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ |
| 21 | file://bluetooth.conf \ | ||
| 22 | " | 21 | " |
| 23 | S = "${WORKDIR}/bluez-${PV}" | 22 | S = "${WORKDIR}/bluez-${PV}" |
| 24 | 23 | ||
| @@ -53,8 +52,8 @@ do_install_append() { | |||
| 53 | if [ -f ${S}/profiles/input/input.conf ]; then | 52 | if [ -f ${S}/profiles/input/input.conf ]; then |
| 54 | install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/ | 53 | install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/ |
| 55 | fi | 54 | fi |
| 56 | # at_console doesn't really work with the current state of OE, so punch some more holes so people can actually use BT | 55 | |
| 57 | install -m 0644 ${WORKDIR}/bluetooth.conf ${D}/${sysconfdir}/dbus-1/system.d/ | 56 | install -m 0644 ${S}/src/bluetooth.conf ${D}/${sysconfdir}/dbus-1/system.d/ |
| 58 | 57 | ||
| 59 | # Install desired tools that upstream leaves in build area | 58 | # Install desired tools that upstream leaves in build area |
| 60 | for f in ${NOINST_TOOLS} ; do | 59 | for f in ${NOINST_TOOLS} ; do |
diff --git a/meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf b/meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf deleted file mode 100644 index 26845bb73c..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf +++ /dev/null | |||
| @@ -1,17 +0,0 @@ | |||
| 1 | <!-- This configuration file specifies the required security policies | ||
| 2 | for Bluetooth core daemon to work. --> | ||
| 3 | |||
| 4 | <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" | ||
| 5 | "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> | ||
| 6 | <busconfig> | ||
| 7 | |||
| 8 | <!-- ../system.conf have denied everything, so we just punch some holes --> | ||
| 9 | |||
| 10 | <policy context="default"> | ||
| 11 | <allow own="org.bluez"/> | ||
| 12 | <allow send_destination="org.bluez"/> | ||
| 13 | <allow send_interface="org.bluez.Agent1"/> | ||
| 14 | <allow send_type="method_call"/> | ||
| 15 | </policy> | ||
| 16 | |||
| 17 | </busconfig> | ||