Re: Bluez: Read-only config dir install

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Luiz,

thanks for your quick response!

Am 04.12.24 um 21:37 schrieb Luiz Augusto von Dentz:
Hi Fiona,

On Wed, Dec 4, 2024 at 3:31 PM Luiz Augusto von Dentz
<luiz.dentz@xxxxxxxxx> wrote:

Hi Fiona,

On Wed, Dec 4, 2024 at 2:51 PM Fiona Klute <fiona.klute@xxxxxx> wrote:

Hi,

since February Bluez installs a config directory with mode 0555 [1].
This broke the Buildroot build, because files in that directory cannot
be deleted any more. Buildroot disabled the datafiles installation as a
workaround [2], but at least in my setup this breaks *running*
bluetoothd because the D-bus policy is missing that way.

The commit message mentions needing specific permission, but does not
explain why /etc/bluetooth can't have mode 0755 (as it does on my Debian
system, with Bluetooth working just fine).

So my questions are: Can I just send a patch to change the permissions?
If not, why does it need to be read-only? I think I'll need to
understand that for a proper fix if changing permissions isn't right.

Kind regards,
Fiona


[1]
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=be0e796299b0e7a73bf06c5655b56180588550b0
[2]
https://gitlab.com/buildroot.org/buildroot/-/commit/1a8676aa6e4b0e372a1a744eac6e53c90c03bf0e

Here is the discussion why end up setting it as 0555:

https://github.com/bluez/bluez/issues/329#issuecomment-1102459104

Now the question is why would buildroot delete files under
ConfigurationDirectory? Or is the problem that the directory is
created empty and then you add custom files later?

Buildroot builds a rootfs image. Files created by package builds are
written to a staging directory on install, moved around when building
the rootfs (as regular user), and during development I use "clean"
pretty often, which naturally needs to delete build results.

Ok, sounds like this really is _not_ how the distros are setting it up:

-rw-r--r--. 1 root root  1028 Nov  1 15:25 input.conf
-rw-r--r--. 1 root root 12929 Nov  1 15:25 main.conf
-rw-r--r--. 1 root root   120 Dec 24  2012 network.conf

So I think it should really have been 0755, so the likes of root can
write/delete it.
Thanks for the confirmation, I'll look at sending a patch then.

The arguments presented in the discussion on Github don't make sense to
me, ProtectSystem=strict should already prevent writes to /etc from the
service. ConfigurationDirectoryMode=0555 isn't going to *check* for
those permissions, it's going to set them (except it looks like
ProtectSystem=strict actually prevents that). The system I'm building
with Buildroot doesn't use systemd though, if I wanted to achieve the
same thing I'd need to add bubblewrap or something to the init script.

Best regards,
Fiona






[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux