[OE-core] [PATCH 1/3] bluez5: Use upstream D-Bus policy

[Jussi Kukkonen]

The Bluez D-Bus policy is much too open and affects not just bluez but
all system services: Use upstream policy configuration instead.

This change has a chance of affecting other D-Bus services: the bug
that is fixed here may have hidden problems in other policies.

[YOCTO #8414]

Signed-off-by: Jussi Kukkonen <jussi.kukko...@intel.com>
---
 meta/recipes-connectivity/bluez5/bluez5.inc            |  5 ++---
 meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf | 17 -----------------
 2 files changed, 2 insertions(+), 20 deletions(-)
 delete mode 100644 meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf

diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc 
b/meta/recipes-connectivity/bluez5/bluez5.inc
index 039c443..df42c88 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -18,7 +18,6 @@ PACKAGECONFIG[experimental] = 
"--enable-experimental,--disable-experimental,"
 
 SRC_URI = "\
     ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
-    file://bluetooth.conf \
 "
 S = "${WORKDIR}/bluez-${PV}"
 
@@ -53,8 +52,8 @@ do_install_append() {
        if [ -f ${S}/profiles/input/input.conf ]; then
            install -m 0644 ${S}/profiles/input/input.conf 
${D}/${sysconfdir}/bluetooth/
        fi
-       # at_console doesn't really work with the current state of OE, so punch 
some more holes so people can actually use BT
-       install -m 0644 ${WORKDIR}/bluetooth.conf 
${D}/${sysconfdir}/dbus-1/system.d/
+
+       install -m 0644 ${S}/src/bluetooth.conf 
${D}/${sysconfdir}/dbus-1/system.d/
 
        # Install desired tools that upstream leaves in build area
         for f in ${NOINST_TOOLS} ; do
diff --git a/meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf 
b/meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf
deleted file mode 100644
index 26845bb..0000000
--- a/meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf
+++ /dev/null
@@ -1,17 +0,0 @@
-<!-- This configuration file specifies the required security policies
-     for Bluetooth core daemon to work. -->
-
-<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 
1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";>
-<busconfig>
-
-  <!-- ../system.conf have denied everything, so we just punch some holes -->
-
-  <policy context="default">
-    <allow own="org.bluez"/>
-    <allow send_destination="org.bluez"/>
-    <allow send_interface="org.bluez.Agent1"/>
-    <allow send_type="method_call"/>
-  </policy>
-
-</busconfig>
-- 
2.1.4

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core