Hi Roger and team,
As I went through the changelogs I saw the following:
>- Broker will log warnings if sensitive files are world readable/writable, or
if the owner/group is not the same as the user/group the broker is running
as. In future versions the broker will refuse to open these files.
I have an ACL file, Users File, and my Broker configuration that I mount using either Docker Compose v2. Of course, I see the warning logs for the UID/GID and file permissions in the Broker now.
My Question is what is the rationale behind this? This will only make the deployment logic harder for users.
What this implies is that all custom files will require me to have a user `mosquitto` (1883 ID) which I may not wish to have configured on the operating system in the first place and vice versa where the files generated by the docker container may be mounted on the host machine with users which might cause mismatches as well making the directory of the volumes requiring root access (because GID of root) which lot of users may not have in the first place.
I would like to know if there are ways to make the deployment via Docker compatible post 2.0.17 release so that future compatibility is maintained if suddenly my configuration files get rejected.
Regards,
Shan
