| Re: [mosquitto-dev] Unable to start mosquitto - problem with password file |
Shan
Thanks. But the UID and GID values will differ between machines, won't they? In my machine, mosquitto has a uid = 128 and gid = 139. So 'chown mosquitto:mosquitto -R /etc/mosquitto/' should work across machines? (I was thinking the '1883' value might be connected to the insecure MQTT port and some obscure use of chown 😕.)
Useful - see my slightly earlier post. I managed to get the
service to start by granting world read access to the passwd file.
Since the world will include the mosquitto user, I think I have
stumbled on the same solution via circuitous route. Running 'sudo
chown :mosquitto passwd' also works so it seems only group
access is required, not ownership of the file by the mosquitto
user?
I cannot find any mention of any of this stuff in the docs!
Best,
P.
Hi Peter,
I unfortunately had to learn the hard way. The value 1883 is the UID GID for a user `mosquitto` and Changing ownership is based on some initial experiments I conducted when establishing the Forwards Compatibility post 2.0.15. If you wish to have a summary of who these commands came to be, I have documented it on my blog: https://shantanoo-desai.github.io/posts/technology/mosquitto-fwd-compatibility-docker/
In a nutshell, I updated my container to 2.0.18 and obtained some warnings from the broker about file permissions and ownerships. I took the warnings and adapted my existing mosquitto configuration accordingly.
Hope this helpsShan
On Tue, Oct 31, 2023 at 2:20 PM Peter Rockett via mosquitto-dev <mosquitto-dev@xxxxxxxxxxx> wrote:
_______________________________________________Shan
Thanks for this.
What issues do these commands actually fix? (My /etc/mosquitto/passwd file, as generated by mosquitto_password, currently has owner read & write access.)
Unclear about the form of the chown command. What is the "1883" value? My reading of the man page is that these values should either be UID and GID values, or user names as aliases for these. My /etc/mosquitto/passwd file is currently owned by root, which seems right to me for a file that will be accessed by a process executed by systemd. Or maybe I am misunderstanding?
Some problem with file access rights (as opposed to existence) seems a good call. But I cannot see anywhere in the docs what these need to be.
Best,
P.
On 30/10/2023 19:54, Shan D wrote:
Hi Peter,
yes the forwards compatibility from 2.0.18 is not very intuitive. I suggest trying to do:
```sudo chmod 0400 -R /etc/mosquitto/ && sudo chown 1883:1883 -R /etc/mosquitto/```
I faced the same issue when setting up my mosquitto container.
regards,
shan
On Mon, Oct 30, 2023, 17:59 Peter Rockett via mosquitto-dev <mosquitto-dev@xxxxxxxxxxx> wrote:
Having successfully used mosquitto a few years ago, I am trying to
install it on a couple of new machines. I have downloaded the latest
version from the PPA. All works fine on install.
My problems come when I try to modify the default conf file. Mosquitto
fails to (re)start with an exit code of 13, which I have run down to the
mosquitto log file entries of:
mosquitto version 2.0.18 starting
Config loaded from /etc/mosquitto/mosquitto.conf.
Error: Unable to open pwfile "/etc/mosquitto/passwd".
Error opening password file "/etc/mosquitto/passwd".
I am generating the password file using the mosquitto_password utility,
which exits with a zero error code; in fact, I am using the example in
the docs. The password file looks sensible with the contents of:
username + ":" + a hashed password. I have even checked the file has
root R/W access.
Convinced I have not made a dumb mistake in mistyping the pathname - I
have cut-and-pasted the results of "ls /etc/mosquitto/passwd" directly
into the conf file. Also run it past colleagues who can't seen any typos.
The actual conf file I am using is:
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
connection_messages true
allow_anonymous false
password_file /etc/mosquitto/passwd
listener 1883 localhost
Using Mosquitto 2.0.18 on Linux Mint v21.2
Any ideas? This all worked beautifully for me a few years ago... 🙁
P.
_______________________________________________
mosquitto-dev mailing list
mosquitto-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/mosquitto-dev
mosquitto-dev mailing list
mosquitto-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/mosquitto-dev