Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] Unable to start mosquitto - problem with password file - SOLVED...ish

OK. I have been looking at the file permissions of my passwd file.

The permissions of the original file, as generated by mosquitto-password, were 0600 (in chmod-speak). Trying to start the service with these permissions fails!

When I run 'chmod 0640 passwd', the service start still fails.

But running 'chmod 0644 passwd' - that is, giving read access to world - works! The service starts. 

However, subsequently using mosquitto-password to modify the passwd file succeeds, but prints the following warning:

"Warning: File /etc/mosquitto/passwd has world readable permissions. Future versions will refuse to load this file.
To fix this, use `chmod 0700 /etc/mosquitto/passwd`."

Ummm.... Can anybody convince me this isn't a bug at some level. It is telling me to change the world read access to none... which means starting the service will bail with an error on the passwd file permissions. It seems like world read access is required by the mosquitto daemon somehow. (Also, why should a data file like this need owner execute permissions?)

Any comments before I file a ticket?

P.





On 30/10/2023 19:54, Shan D wrote:
Hi Peter,

yes the forwards compatibility from 2.0.18 is not very intuitive. I suggest trying to do:

```
sudo chmod 0400 -R /etc/mosquitto/ && sudo chown 1883:1883 -R /etc/mosquitto/
```

I faced the same issue when setting up my mosquitto container.

regards,

shan

On Mon, Oct 30, 2023, 17:59 Peter Rockett via mosquitto-dev <mosquitto-dev@xxxxxxxxxxx> wrote:
Having successfully used mosquitto a few years ago, I am trying to
install it on a couple of new machines. I have downloaded the latest
version from the PPA. All works fine on install.

My problems come when I try to modify the default conf file. Mosquitto
fails to (re)start with an exit code of 13, which I have run down to the
mosquitto log file entries of:

mosquitto version 2.0.18 starting

Config loaded from /etc/mosquitto/mosquitto.conf.

Error: Unable to open pwfile "/etc/mosquitto/passwd".

Error opening password file "/etc/mosquitto/passwd".


I am generating the password file using the mosquitto_password utility,
which exits with a zero error code; in fact, I am using the example in
the docs. The password file looks sensible with the contents of:
username + ":" + a hashed password. I have even checked the file has
root R/W access.

Convinced I have not made a dumb mistake in mistyping the pathname - I
have cut-and-pasted the results of "ls /etc/mosquitto/passwd" directly
into the conf file. Also run it past colleagues who can't seen any typos.

The actual conf file I am using is:

persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
connection_messages true
allow_anonymous false
password_file /etc/mosquitto/passwd
listener 1883 localhost

Using Mosquitto 2.0.18 on Linux Mint v21.2

Any ideas? This all worked beautifully for me a few years ago... 🙁

P.
_______________________________________________
mosquitto-dev mailing list
mosquitto-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/mosquitto-dev

Back to the top