Open kareemkhalil opened 1 year ago
i have the same issue and since this and the #2541 is open for quite a long time I'm wondering if there is a potential workaround that I/we might not be aware of?
Should we downgrade or something like that?
Otherwise I do not understand how the core auth module could be broken for months.........#2764
Any update on it?
I've gave up on mosquitto, started using this: https://github.com/hivemq/hivemq-community-edition
Same issue. Same solution. Moving to other brokers (emqx and hivemq my candidates for now).
It seems as if Cedalo is only using the OS project as a PR stunt. They are not really contributing back or maintaining it at all. Only interested in their proprietary mosquitto.
I had the same error running the mosquitto docker image in Linux. The first mistake was that i hadn't initiated the plugin correctly in mosquitto.conf. This gave a silent error where trying to run any of the commands resulted in a 10 seconds delay followed by the command exiting. I added the following lines in mosquitto.conf and restarted the service to resolve this problem:
per_listener_settings false plugin path/to/mosquitto_dynamic_security.so plugin_opt_config_file path/to/dynamic-security.json
The second problem i had was that mosquitto couldn't access dynamic-security.json, resulting in the user being created but not persisted in mosquitto-config.json. The following error was visible in the log for this problem:
2024-02-20 16:57:40 1708444660: Error saving Dynamic security plugin config: File is not writable - check permissions.
I solved this problem by putting the file in a folder mosquitto could access and by changing so that the user mosquitto was running as the owner of the file.
I had the same error running the mosquitto docker image in Linux. The first mistake was that i hadn't initiated the plugin correctly in mosquitto.conf. This gave a silent error where trying to run any of the commands resulted in a 10 seconds delay followed by the command exiting. I added the following lines in mosquitto.conf and restarted the service to resolve this problem:
per_listener_settings false plugin path/to/mosquitto_dynamic_security.so plugin_opt_config_file path/to/dynamic-security.json
The second problem i had was that mosquitto couldn't access dynamic-security.json, resulting in the user being created but not persisted in mosquitto-config.json. The following error was visible in the log for this problem:
2024-02-20 16:57:40 1708444660: Error saving Dynamic security plugin config: File is not writable - check permissions.
I solved this problem by putting the file in a folder mosquitto could access and by changing so that the user mosquitto was running as the owner of the file.
Could you help me step by step how you resolved it? This is my mosquitto.conf file, i've added permisions to w/r and have given mosquitto usage rights:
persistence true persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d listener 1883 allow_anonymous false per_listener_settings false
plugin /usr/lib/x86_64-linux-gnu/mosquitto_dynamic_security.so plugin_opt_config_file /etc/mosquitto/dynamic-security.json
I also changed permissions on dynamic-security.json once i created. Still doesn't work :/
I also encountered the same problem. I ran mosquitto broker as the nobody user. Because there is no mosquitto user in my Linux system, the mosquitto broker automatically downgraded to run as the nobody user.
I took the following measures and it worked fine:
i can't add any users or roles in dynamic-security.json file
when i enter command
mosquitto_ctrl -u myadmin dynsec createClient testUser
it doesn't give my anything except to enter password but when i open the dynamic-security.json i can only find the admin user onlyeven if i typed a wrong admin password it do the same !!!!
that is my config file, i am using custom config for ports
i was using normal password /mosquitto/passwd and now cmmented this in my custom config
dynamic-security.json file: