Unable to maintain passwords with mosquitto_passwd: Warning: File has world readable permissions. Future versions will refuse to load this file.Killed

[dgtal1]

Today I upgraded to mosquitto 2.0.17 from the docker hub.
I wanted to add one more user, but I'm not able to do this because of this error:

I tried creating a new pass.txt file using mosquitto_passwd -U with a prepopulated open text fie - didn't work.
Adding a user with mosquitto_passwd -c - same error message:

Tried mosquitto_passwd -b - same error:

It used to work just fine in the past. I can't remember which version I had before, but it was at least 2-3 years old.

HELP!

[TexasTomBF]

Getting the same message.

[VladislavGatsenko]

Set the 777 permissions

[ptjm]

As a work-around, try running this in your shell before the mosquitto_passwd command:

$ umask 077
$ mosquitto_passwd -c pass.txt lew

I suggest you also do this as the user under which you run mosquitto. I'm not sure if the passwd file is open at the point it drops down from root, but my best guess is it comes later.

rather than screwing around with umask, you could also just change the ownership and permissions on the file

chmod 600 pass.txt
chown mosquitto:mosquitto pass.txt

or

chmod 640 pass.txt
chown root:mosquitto pass.txt

[ralight]

The message isn't the problem here, it's the fact that it's being killed for some reason before completing. I've tried to reproduce this on docker, but have been unable to do so. Is there anything else you can tell me about your system? Is it running on x86_64, or arm64, or a different platform, for example?

[Robert126]

I am getting the same worning.

My environment is:
Proxmox 8.0.4
LXC container

root@homelab ~# docker logs mosquitto
1694633386: mosquitto version 2.0.17 starting
1694633386: Config loaded from /mosquitto/config/mosquitto.conf.
1694633386: Warning: File /mosquitto/config/password.txt has world readable permissions. Future versions will refuse to load this file.
1694633386: Opening ipv4 listen socket on port 1883.
1694633386: mosquitto version 2.0.17 running

[lopic34]

Hi,
I have the same warning with my "password_file" (= mosquitto/id_file)
(on 5.15.0-79-generic #86-Ubuntu SMP Mon Jul 10 16:07:21 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux)

2023-09-15-10:36:22: mosquitto version 2.0.17 starting
2023-09-15-10:36:22: Config loaded from /etc/mosquitto/mosquitto.conf.
2023-09-15-10:36:22: Warning: File /etc/mosquitto/id_file has world readable permissions. Future versions will refuse to load this file.
2023-09-15-10:36:22: Warning: File /etc/mosquitto/id_file owner is not mosquitto. Future versions will refuse to load this file.
2023-09-15-10:36:22: Warning: File /etc/mosquitto/id_file group is not mosquitto. Future versions will refuse to load this file.

Can you help us please ?

[ralight]

To remove the warnings, use the following commands:

chmod 0700 <path to file>
chown mosquitto: <path to file>

[alexandrecuer]

@ralight :
after :

touch /etc/mosquitto/passwd
chmod 0700 /etc/mosquitto/passwd
chown mosquitto: /etc/mosquitto/passwd
mosquitto_passwd -b /etc/mosquitto/passwd $MQTT_USER $MQTT_PASSWORD

i get a warning:

Warning: File /etc/mosquitto/passwd owner is not root. Future versions will refuse to load this file.Warning: File /etc/mosquitto/passwd group is not root. Future versions will refuse to load this file.

if I do :

touch /etc/mosquitto/passwd
mosquitto_passwd -b /etc/mosquitto/passwd $MQTT_USER $MQTT_PASSWORD
chmod 0700 /etc/mosquitto/passwd
chown mosquitto: /etc/mosquitto/passwd

the warning is different :

Warning: File /etc/mosquitto/passwd has world readable permissions. Future versions will refuse to load this file

but the broker is working fine in both cases

[kladderadeng]

I did get the same message today when I modified my passwd file with mosquitto_passwd. I then set the permissions as proposed, but upon the next start of my mosquitto container, mosquitto itself seem to have changed the owner and group of the paswd file to mosquitto:mosquitto again.
This is not an issue at the moment, but if in the future mosquitto really refuses to read the passwd file when it is not set to root:root and 700, I wonder why it is changing them then to something that is not wanted?

[jonasgustavsson]

I have the same problem. It's great to get a hint of how to fix the issue, in my case the hint is
To fix this, use "chown root /mosquitto/config/password.txt"
I have tried doing this from both within the container and directly on the host. The command executes with no issues in both cases. However, it makes a difference - I keep getting the warning Warning: File /mosquitto/config/password.txt owner is not root.
(Hint: I'm not very knowledgeable in containers/unix)

[rdlvm]

same problem

[antgustech]

I am also getting this when running the docker container.

I tried:
chmod 0700 passwd
And when I restared, mosquitto container is unable to open the pwfile.

chown mosquitto: passwd
Does not work at all since I dont have a mosquitto user outside the container.

[hendrix04]

I am also getting this when running the docker container.

I tried: chmod 0700 passwd And when I restared, mosquitto container is unable to open the pwfile.

chown mosquitto: passwd Does not work at all since I dont have a mosquitto user outside the container.

Same.

It is really annoying when you run the command given to you by the container and it isn't the right thing.