Help requested with mosquitto broker
550 views
Skip to first unread message
Timothy Buchanan
Dec 27, 2021, 11:59:18 AM12/27/21
to weewx-user
Perhaps this should go to a different forum, but many people here have experience with mosquitto. I'm running buster on a pi 4 model B. I was using MQTTSubscribe and when it stopped working I found that the mosquitto broker had stopped.
I decided to purge mosquitto and re-install, but I got these errors:
Setting up mosquitto (2.0.12-0mosquitto1~buster1) ...
Job for mosquitto.service failed because a timeout was exceeded.
See "systemctl status mosquitto.service" and "journalctl -xe" for details.
invoke-rc.d: initscript mosquitto, action "start" failed.
● mosquitto.service - Mosquitto MQTT Broker daemon
Loaded: loaded (/etc/systemd/system/mosquitto.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: timeout) since Sun 2021-12-19 13:41:03 MST; 54ms ago
Process: 1274 ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf -d (code=exited, status=0/SUCCESS)
dpkg: error processing package mosquitto (--configure):
installed mosquitto package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
mosquitto
E: Sub-process /usr/bin/dpkg returned an error code (1)
Job for mosquitto.service failed because a timeout was exceeded.
See "systemctl status mosquitto.service" and "journalctl -xe" for details.
invoke-rc.d: initscript mosquitto, action "start" failed.
● mosquitto.service - Mosquitto MQTT Broker daemon
Loaded: loaded (/etc/systemd/system/mosquitto.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: timeout) since Sun 2021-12-19 13:41:03 MST; 54ms ago
Process: 1274 ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf -d (code=exited, status=0/SUCCESS)
dpkg: error processing package mosquitto (--configure):
installed mosquitto package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
mosquitto
E: Sub-process /usr/bin/dpkg returned an error code (1)
When I start mosquitto manually, it will work only locally, that is, from one instance of terminal to another, but will not pick up subscribed messages published by a device on the same LAN. Do these error messages on install tell me how to troubleshoot mosquitto? Thanks for any help.
Karen K
Dec 27, 2021, 12:59:14 PM12/27/21
to weewx-user
I remember reading something about Mosquitto 2.0, may be that:
Greg Troxel
Dec 27, 2021, 1:37:59 PM12/27/21
to Timothy Buchanan, weewx-user
Timothy Buchanan <timothye...@gmail.com> writes:
> When I start mosquitto manually, it will work only locally, that is, from
> one instance of terminal to another, but will not pick up subscribed
> messages published by a device on the same LAN. Do these error messages on
> install tell me how to troubleshoot mosquitto? Thanks for any help.
mosquitto 2. Basically, it's a bug for a program to listen on the
network by default, when it can make sense to only be on localhost.
Certainly one can make mosquitto 2.0.x listen on the network beyond
localhost.
It sounds like you do not have a configuration file and have not
configured authentication or an explicit listener. Basically, don't do
that - read the docs and set up mosquitto intentionally.
Note the man page
-p, --port
Listen on the port specified. May be specified up to 10 times to
open multiple sockets listening on different ports.
Important
In version 1.6.x and earlier, the listener defined by -p (or
the default port of 1883) would be bound to all interfaces and
so be accessible from any network. It could also be used in
combination with -c.
From version 2.0 onwards, the listeners defined with -p are
bound to the loopback interface only, and so can only be
connected to from the local machine. If both -p is used and a
listener is defined in a configuration file, then the -p
options are IGNORED.
See also ChangeLog.txt in the sources
2.0.0 - 2020-12-03
==================
Breaking changes:
- When the Mosquitto broker is run without configuring any listeners it will
now bind to the loopback interfaces 127.0.0.1 and/or ::1. This means that
only connections from the local host will be possible.
- All listeners now default to `allow_anonymous false` unless explicitly set
to true in the configuration file. This means that when configuring a
listener the user must either configure an authentication and access control
method, or set `allow_anonymous true`. When the broker is run without a
configured listener, and so binds to the loopback interface, anonymous
connections are allowed.
Timothy Buchanan
Dec 27, 2021, 3:28:51 PM12/27/21
to weewx-user
I copied the example mosquitto.conf to /etc/mosquitto then added these lines:
listener 1883
allow_anonymous true
and now the broker is working again. Thanks very much for the help.
Greg Troxel
Dec 27, 2021, 4:21:36 PM12/27/21
to Timothy Buchanan, weewx-user
Timothy Buchanan <timothye...@gmail.com> writes:
> I copied the example mosquitto.conf to /etc/mosquitto then added these
> lines:
>
> listener 1883
> allow_anonymous true
>
Glad it works.
Do note that your config, the broker will allow unauthenticated clients
to subscribe and get updates, and either 1) the login information for
the writer will be exposed in plaintext or 2) writes can happen without
any kind of authorization
This means that guest devices, proprietary software in IOT devices,
software you don't expect on other devices, and any devices that connect
to your network can listen to and forge MQTT updates. You may think
this is ok, especially if it's just weather, but if you do more with it,
like Home Assistant with the ability to control devices, then you will
likely want real security. I realize that's non-trivial, but most of
the pain is getting the machine set up with a working domain name so
that the letsencrytp validator can answer a challenge.
Reply all
Reply to author
Forward
0 new messages