/etc/mosquitto/mosquitto.conf Not Being Loaded

I have Mosquito installed and to this point have only tested local pub/sub. Today I tried an external client which failed.

My Mosquito looks like

pi@wethCAM:~ $ mosquitto -v
1680048972: mosquitto version 2.0.11 starting
1680048972: Using default config.
1680048972: Starting in local only mode. Connections will only be possible from clients running on this machine.
1680048972: Create a configuration file which defines a listener to allow remote access.
1680048972: For more details see https://mosquitto.org/documentation/authentication-methods/
1680048972: Opening ipv4 listen socket on port 1883.
1680048972: Error: Address already in use
1680048972: Opening ipv6 listen socket on port 1883.
1680048972: Error: Address already in use
pi@wethCAM:~ $ 

My /etc/mosquitto/mosquitto.conf is

pi@wethCAM:~ $ more /etc/mosquitto/mosquitto.conf 
# Place your local configuration in /etc/mosquitto/conf.d/
#
# A full description of the configuration file is at
# /usr/share/doc/mosquitto/examples/mosquitto.conf.example

# 2023-03-26 Changes from 
# https://randomnerdtutorials.com/how-to-install-mosquitto-broker-on-raspberry-pi/#mosquitto-set-user-passw
ord

per_listener_settings true

pid_file /run/mosquitto/mosquitto.pid

persistence true
persistence_location /var/lib/mosquitto/

log_dest file /var/log/mosquitto/mosquitto.log

include_dir /etc/mosquitto/conf.d
allow_anonymous false
listener 1883
password_file /etc/mosquitto/passwd

pi@wethCAM:~ $ 

Systemctl shows Mosqitto was started and used -c to load the configuration

pi@wethCAM:~ $ sudo systemctl status mosquitto
● mosquitto.service - Mosquitto MQTT Broker
     Loaded: loaded (/lib/systemd/system/mosquitto.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2023-03-28 19:51:29 EDT; 29min ago
       Docs: man:mosquitto.conf(5)
             man:mosquitto(8)
    Process: 15444 ExecStartPre=/bin/mkdir -m 740 -p /var/log/mosquitto (code=exited, status=0/SUC>
    Process: 15446 ExecStartPre=/bin/chown mosquitto /var/log/mosquitto (code=exited, status=0/SUC>
    Process: 15447 ExecStartPre=/bin/mkdir -m 740 -p /run/mosquitto (code=exited, status=0/SUCCESS)
    Process: 15448 ExecStartPre=/bin/chown mosquitto /run/mosquitto (code=exited, status=0/SUCCESS)
   Main PID: 15449 (mosquitto)
      Tasks: 1 (limit: 1472)
        CPU: 1.018s
     CGroup: /system.slice/mosquitto.service
             └─15449 /usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf

Mar 28 19:51:29 wethCAM systemd[1]: Starting Mosquitto MQTT Broker...
Mar 28 19:51:29 wethCAM systemd[1]: Started Mosquitto MQTT Broker.
pi@wethCAM:~ $ 

The created username and password are working on local clients.

What am I doing wrong?

Thanks

Here are the log entries from the Mosquitto log

1680039050: New connection from 192.168.0.102:51047 on port 1883.
1680039050: Client <unknown> disconnected, not authorised.
1680039164: New connection from 192.168.0.102:57388 on port 1883.
1680039165: Client <unknown> disconnected, not authorised.
1680040345: New connection from 192.168.0.102:51470 on port 1883.
1680040345: Client <unknown> disconnected, not authorised.
1680040393: New connection from 192.168.0.102:57593 on port 1883.
1680040394: Client <unknown> disconnected, not authorised.

It looks like you’ve got your configuration right.

Client <unknown> disconnected, not authorised.

This log line suggests that the username/password your client is using is not in the password file though, or else it is wrong.

You can look at the password file to see the username (the password is hashed so is not directly visible) to check you have that correct. If you are sure you have both the username and password correct, I would suggest updating the password file anyway just to be sure. After doing this you need to send a SIGHUP to the broker, or else restart it. Perhaps that is the problem anyway - if you updated the password file without telling the broker to reload it, it would not have the new credentials.

Regards,

Roger

Thanks @roger.light but it seems a little more confusing. See my next reply.

@roger.light I think you were likely correct. However, on review, I realized where I needed to use Mosquitto I didn’t need user/pwd. That left me with the message that the configuration was not loaded from “mosquitto -v”. I’ve come to the conclusion that this is erroneous. There is a “mosquitto -c” option to load a configuration. This is not needed since Mosquitto now runs in systemd. This is reinforced by the fact that another program (mosquitto in systemd) has grabbed port 1883.

I confirmed this by changing the configuration file:

• Enable anonymous login

• Add date/time to log entries

‘Mosquitto -v’ still says no configuration file but you can see it being loaded in ‘sudo systemctl status mosquitto’. Remote access is now possible. The log file entries have date/time.

I wanted to share this since there are so many places on the internet that says to run mosiquitto -v’ to confirm installation/operation. I think this is old information now except for reporting the version number.

Hi,
just to make this totally clear for everybody who may stumble above this discussion:
If you execute a mosquitto -v at the command line you will try to start a new broker directly from the command line. And there maybe good reasons to do so (e.g. validating different configruations or even debug a broker in a developer setup).
But normally the Mosquitto broker is a server process, which is expected to be started at system boot (or network getting active). For this reason the default is to start the broker as a service based on a systemctl script.
If there is a broker started by the systemd any attempt to start another broker on the command line with the same config will fail as both processes will try to bind the same sockets (which is in general not possible). If you modify something in your broker configuration (e.g. modify a client password in the password file) you need to send the Mosquitto a HUP signal to trigger a reload of the broker configuration.

Thanks @norbert for the clarification. Unfortunately, there is a number of articles on the internet which show using both ‘mosquitto -v’ and checking the server status without explaining the difference.