https://bugzilla.redhat.com/show_bug.cgi?id=958585
--- Comment #11 from Roger Light <roger(a)atchoo.org> ---
Unless you specify otherwise, the behaviour when run as root is to drop
privileges to the mosquitto user and its group (and now the supplementary
groups as well). You can tell it what user to use in the config file. If that
user is root, it warns that it is a bad idea, but runs. If all of the files
that it needs to write are owned by mosquitto then there is no need to start
running as root.
On Debian/Ubuntu I'm moving to a config file that looks like this:
https://bitbucket.org/oojah/mosquitto-packaging/src/tip/debian/mosquitto....
This gives a very simple config that is unlikely to be changed by the end user
and provides a location where they can add their own customisations.
mosquitto.conf will be installed as mosquitto.conf.example from 1.2, so as not
to clobber anything.
The log to file there is new for 1.2 and I'm configuring the .debs to use
logrotate as well:
https://bitbucket.org/oojah/mosquitto-packaging/src/tip/debian/mosquitto....
The only other extra things that I'm doing are adding some directories in
/etc/mosquitto for TLS certificates, and packaging mosquitto.py for both Python
2 and Python 3.
I'd be happy to put the systemd unit in the source distribution.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug
https://bugzilla.redhat.com/token.cgi?t=QT7sSjNfIO&a=cc_unsubscribe