bluez5: Add fix for startup issues under systemd

The systemd bluetooth service failed to start. Add a workaround for this whilst the final fix is discussed upstream, https://github.com/bluez/bluez/issues/329. (From OE-Core rev: 3e85ce436699a2b5b7751f671e4a6eabb4ca5404) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-18 12:32:12 +02:00 · 2022-04-14 17:10:00 +01:00
parent 3a694070f7
commit 155295c109
2 changed files with 31 additions and 0 deletions
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -53,6 +53,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
           ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
           file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
           file://0001-test-gatt-Fix-hung-issue.patch \
+           file://fix_service.patch \
           "
 S = "${WORKDIR}/bluez-${PV}"

--- a/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
+++ b/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
@@ -0,0 +1,30 @@
+The systemd bluetooth service failed to start because the /var/lib/bluetooth
+path of ReadWritePaths= is created by the bluetooth daemon itself.
+
+The commit systemd: Add more filesystem lockdown (442d211) add ReadWritePaths=/etc/bluetooth
+and ReadOnlyPaths=/var/lib/bluetooth options to the bluetooth systemd service.
+The existing ProtectSystem=full option mounts the /usr, the boot loader
+directories and /etc read-only. This means the two option are useless and could be removed.
+
+Upstream-Status: Submitted [https://github.com/bluez/bluez/issues/329]
+
+Index: bluez-5.64/src/bluetooth.service.in
+===================================================================
+--- bluez-5.64.orig/src/bluetooth.service.in
+++ bluez-5.64/src/bluetooth.service.in
+@@ -15,12 +15,12 @@ LimitNPROC=1
+ 
+ # Filesystem lockdown
+ ProtectHome=true
+-ProtectSystem=full
+ProtectSystem=strict
+ PrivateTmp=true
+ ProtectKernelTunables=true
+ ProtectControlGroups=true
+-ReadWritePaths=@statedir@
+-ReadOnlyPaths=@confdir@
+ConfigurationDirectory=bluetooth
+StateDirectory=bluetooth
+ 
+ # Execute Mappings
+ MemoryDenyWriteExecute=true