How to allow non-root systemd service to use dbus for BLE operation

While technically @Mark's answer answered the question of how to tune the dbus bluetooth config file to achieve what I want, I noticed after looking in that file something I wish I'd noticed before posting. The bluetooth group gets access to the bus. So the easier (more correct maybe?) thing for me to do was simply add my non-root user to the bluetooth group. Which also allows things to work just fine.


In /etc/dbus-1/system.d/bluetooth.conf, try adding this:

<policy user="blePeripheral">
  <allow own="org.bluez"/>
  <allow send_destination="org.bluez"/>
  <allow send_interface="org.bluez.GattCharacteristic1"/>
  <allow send_interface="org.bluez.GattDescriptor1"/>
  <allow send_interface="org.freedesktop.DBus.ObjectManager"/>
  <allow send_interface="org.freedesktop.DBus.Properties"/>
</policy>

Then restart the dbus service:

systemctl restart dbus