What am I missing so that bluez explicitly has permission to access the device, also in strict confinement?
Is there a way, beside adding a plug to a custom, forked version of the bluez snap?
On the pi you need the pi-bluetooth snap installed, that will take care to initialize the bluez stack… due to the design of the pi implementation it will not work without it…
Interesting, I didn’t realize this. Did I miss the relevant documentation somewhere?
I tried installing pi-bluetooth but I’m still encountering the same issue with confinement:
Jan 08 12:25:00 hostname kernel: audit: type=1400 audit(1704716700.937:1039): apparmor="DENIED" operation="open" profile="snap.pi-bluetooth.btuart" name="/dev/ttyAMA0" pid=20795 comm="hciattach" requested_mask="wr" denied_mask="wr" fsuid=0 ouid=0
did you connect the pi-bluetooth interfaces properly ? (see snap connections pi-bluetooth, the serial port must point to the pi gadget’s bt-serial slot)
note that you should not call the bluez.hciattach at all then, pi-bluetooth installs a service that does all initialization as needed on boot and bluez should just work then as desired via all bluetoothctl commands)
did you connect the pi-bluetooth interfaces properly ? (see snap connections pi-bluetooth, the serial port must point to the pi gadget’s bt-serial slot)
No, because I can’t install pi-bluetooth, sorry I didn’t make that clear.
Snap post-install tries to start snap.pi-bluetooth.btuart.service, which fails - looks like the same issue that this user faced as well. Since snap isn’t actually installed, I can’t connect the interface. The line I posted before is what I see with journal -xe.
note that you should not call the bluez.hciattach at all then, pi-bluetooth installs a service that does all initialization as needed on boot and bluez should just work then as desired via all bluetoothctl commands)
was actually supposed to fix this, but seems @waveform has not released it to all channels yet (he seems to have seen some issues with merging but these can not be in any way related to the PR at all, so i’m not sure where that stands currently)
Indeed, I’m using a custom gadget (and running on core20). If that PR would fix the issue I’m of course interested @waveform whether there’s an ETA for this
What would be my alternatives otherwise? Apply your fix @ogra to a fork of pi-bluetooth and release that to our custom store or wait for @mborzecki1’s fix to be released to bluez (and manage serial device attach manually)?
Ah, if you have a brandstore just forking pi-bluetooth is indeed the easiest and what most other customers have done up to now… my PR was to avoid the requirement of having to do that fork…
Hmm, could you please help me with that actually? I thought I’d just add your changes to the core20-base branch but I encountered some issues - initially it was about missing GLIBC_2.34, so I added stage-packages to the bluez part. Now I’m getting an issue regarding missing hciattach (journal: /snap/custom-pi-bluetooth/x11/bin/btuart: 32: /snap/custom-pi-bluetooth/x11/usr/bin/hciattach: not found).
I also found this issue, so I wondered whether that’s not going to work altogether. OTOH, the pi-bluetooth snap from the global store does work on my core20-based system (when installed in devmode)… I don’t know what version (code) is used in the global store but there should be a way to get that to work. Could you point me in the right direction?
(I’m posting here since I don’t think I’ll get a timely reply on the GitHub issue, I hope you don’t mind).
that indicates that you are building it wrong … i.e. in --destructive-mode on the wrong version of the OS …
if you switch to a core22 base, you should also update the stage-snaps entry for bluez to use a core22 based version, do not add a stage-package for bluez !!
Thanks, that’s great! I didn’t realize that I could specify the channel like that. The stage-package thing was more a desperation attempt for lack of other ideas…
I see you’ve also commented on the GH issue, thanks.
