Obscure D-Bus permission error when scanning for Bluetooth adapter

I’m writing a GATT server application using this article as basis. My initial code would run fine on my Linux laptop, but fail on the Jetson Nano with an org.freedesktop.DBus.Error.AccessDenied error when trying to access the bluetoothd daemon through interface org.freedesktop.DBus.Introspectable.

This was clearly a permission error of some kind, because the code would work fine on the Nano when running as root, but fail if executed under a non-root user. I found elsewhere that non-root users should be members of the bluetooth group in order to access the Bluetooth API, but that was already the case for my user.

Eventually I decided to try adding an explicit access permission to the org.freedesktop.DBus.Introspectable interface in config file /etc/dbus-1/system.d/bluetooth.conf:

  <policy user="root">
    <allow own="org.bluez"/>
    <allow send_destination="org.bluez"/>
    <allow send_interface="org.bluez.Agent1"/>
    <allow send_interface="org.bluez.MediaEndpoint1"/>
    <allow send_interface="org.bluez.MediaPlayer1"/>
    <allow send_interface="org.bluez.Profile1"/>
    <allow send_interface="org.bluez.GattCharacteristic1"/>
    <allow send_interface="org.bluez.GattDescriptor1"/>
    <allow send_interface="org.bluez.LEAdvertisement1"/>
    <allow send_interface="org.freedesktop.DBus.Introspectable"/> <!-- Added this -->
    <allow send_interface="org.freedesktop.DBus.ObjectManager"/>

Which fixed the issue.


Many thanks for sharing the solution.