system/pipewire
system/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire synced 2024-10-07 08:30:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

bluez5: add comments on possible SELinux + BLE MIDI issues

Browse source
This commit is contained in:
Pauli Virtanen 2022-11-10 19:13:07 +02:00 committed by Wim Taymans
parent e13fed1a80
commit 2f8691b64f
1 changed files with 25 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
spa/plugins/bluez5/README-MIDI.md Normal file
View file

@ -0,0 +1,25 @@
## BLE MIDI & SELinux
The SELinux configuration on Fedora 37 (as of 2022-11-10) does not
permit access to the bluetoothd APIs needed for BLE MIDI.
As a workaround, hopefully to be not necessary in future, you can
permit such access by creating a file `blemidi.te` with contents:
policy_module(blemidi, 1.0);
require {
type system_dbusd_t;
type unconfined_t;
type unconfined_service_t;
type bluetooth_t;
}
allow system_dbusd_t unconfined_service_t:unix_stream_socket { read write };
allow system_dbusd_t bluetooth_t:unix_stream_socket { read write };
Then having package `selinux-policy-devel` installed, running
`make -f /usr/share/selinux/devel/Makefile blemidi.pp`, and finally
to insert the rules via `sudo semodule -i blemidi.pp`.
The policy change can be removed by `sudo semodule -r blemidi`.