diff options
Diffstat (limited to 'poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch')
-rw-r--r-- | poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch new file mode 100644 index 0000000000..96fdf6b299 --- /dev/null +++ b/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch @@ -0,0 +1,30 @@ +The systemd bluetooth service failed to start because the /var/lib/bluetooth +path of ReadWritePaths= is created by the bluetooth daemon itself. + +The commit systemd: Add more filesystem lockdown (442d211) add ReadWritePaths=/etc/bluetooth +and ReadOnlyPaths=/var/lib/bluetooth options to the bluetooth systemd service. +The existing ProtectSystem=full option mounts the /usr, the boot loader +directories and /etc read-only. This means the two option are useless and could be removed. + +Upstream-Status: Submitted [https://github.com/bluez/bluez/issues/329] + +Index: bluez-5.64/src/bluetooth.service.in +=================================================================== +--- bluez-5.64.orig/src/bluetooth.service.in ++++ bluez-5.64/src/bluetooth.service.in +@@ -15,12 +15,12 @@ LimitNPROC=1 + + # Filesystem lockdown + ProtectHome=true +-ProtectSystem=full ++ProtectSystem=strict + PrivateTmp=true + ProtectKernelTunables=true + ProtectControlGroups=true +-ReadWritePaths=@statedir@ +-ReadOnlyPaths=@confdir@ ++ConfigurationDirectory=bluetooth ++StateDirectory=bluetooth + + # Execute Mappings + MemoryDenyWriteExecute=true |