OK. I have been looking at the file permissions of my passwd
file.
The permissions of the original file, as generated by
mosquitto-password, were 0600 (in chmod-speak). Trying to start
the service with these permissions fails!
When I run 'chmod 0640 passwd', the service start still fails.
But running 'chmod 0644 passwd' - that is, giving read access to
world - works! The service starts.
However, subsequently using mosquitto-password to modify the
passwd file succeeds, but prints the following warning:
"Warning: File /etc/mosquitto/passwd has world readable
permissions. Future versions will refuse to load this file.
To fix this, use `chmod 0700 /etc/mosquitto/passwd`."
Ummm.... Can anybody convince me this isn't a bug at some level.
It is telling me to change the world read access to none... which
means starting the service will bail with an error on the passwd
file permissions. It seems like world read access is required by
the mosquitto daemon somehow. (Also, why should a data file like
this need owner execute permissions?)
Any comments before I file a ticket?
P.
On 30/10/2023 19:54, Shan D wrote:
Hi Peter,
yes the forwards compatibility from 2.0.18 is
not very intuitive. I suggest trying to do:
```
sudo chmod 0400 -R /etc/mosquitto/ &&
sudo chown 1883:1883 -R /etc/mosquitto/
```
I faced the same issue when setting up my
mosquitto container.
regards,
shan
Having
successfully used mosquitto a few years ago, I am trying to
install it on a couple of new machines. I have downloaded the
latest
version from the PPA. All works fine on install.
My problems come when I try to modify the default conf file.
Mosquitto
fails to (re)start with an exit code of 13, which I have run
down to the
mosquitto log file entries of:
mosquitto version 2.0.18 starting
Config loaded from /etc/mosquitto/mosquitto.conf.
Error: Unable to open pwfile "/etc/mosquitto/passwd".
Error opening password file "/etc/mosquitto/passwd".
I am generating the password file using the mosquitto_password
utility,
which exits with a zero error code; in fact, I am using the
example in
the docs. The password file looks sensible with the contents
of:
username + ":" + a hashed password. I have even checked the
file has
root R/W access.
Convinced I have not made a dumb mistake in mistyping the
pathname - I
have cut-and-pasted the results of "ls /etc/mosquitto/passwd"
directly
into the conf file. Also run it past colleagues who can't seen
any typos.
The actual conf file I am using is:
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
connection_messages true
allow_anonymous false
password_file /etc/mosquitto/passwd
listener 1883 localhost
Using Mosquitto 2.0.18 on Linux Mint v21.2
Any ideas? This all worked beautifully for me a few years
ago... 🙁
P.
_______________________________________________
mosquitto-dev mailing list
mosquitto-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/mosquitto-dev
_______________________________________________mosquitto-dev mailing listmosquitto-dev@xxxxxxxxxxxTo unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/mosquitto-dev