I’ve been prototyping a BLE peripheral running as root on a small raspberry like board. Now I’m hardening things and partitioning the BLE app to a non-root user. So I've changed my systemd service file for the app to look like:
[Unit]
Description=BLE Peripheral
[Service]
Type=simple
ExecStart=/usr/bin/python3 -u /opt/myPeripheral/bleMainloop
WorkingDirectory=/opt/myPeripheral
StandardOutput=journal
Restart=on-failure
User=blePeripheral
[Install]
WantedBy=multi-user.target
Having added the User field to run as the blePeripheral user, it now fails to start due to:
dbus.exceptions.DBusException: org.freedesktop.DBus.Error.AccessDenied: Rejected send message, 2 matched rules; type="method_call", sender=":1.6797" (uid=107 pid=17300 comm="/usr/bin/python3 -u /opt/pilot/bleMainloop ") interface="org.freedesktop.DBus.ObjectManager" member="GetManagedObjects" error name="(unset)" requested_reply="0" destination=":1.2" (uid=0 pid=1373 comm="/usr/lib/bluetooth/bluetoothd -d -E --noplugin=* “)
I think what I need to do is somehow allow certain uses of dbus for this non-root user. I see that there’s a bluetooth.conf in /etc/dbus-1/system.d. Do I need to tune something in this file to allow my app to still use the BLE DBus services?
Best Answer
In
/etc/dbus-1/system.d/bluetooth.conf, try adding this:Then restart the dbus service: