https://bugzilla.redhat.com/show_bug.cgi?id=958585 --- Comment #11 from Roger Light <roger@xxxxxxxxxx> --- Unless you specify otherwise, the behaviour when run as root is to drop privileges to the mosquitto user and its group (and now the supplementary groups as well). You can tell it what user to use in the config file. If that user is root, it warns that it is a bad idea, but runs. If all of the files that it needs to write are owned by mosquitto then there is no need to start running as root. On Debian/Ubuntu I'm moving to a config file that looks like this: https://bitbucket.org/oojah/mosquitto-packaging/src/tip/debian/mosquitto.conf This gives a very simple config that is unlikely to be changed by the end user and provides a location where they can add their own customisations. mosquitto.conf will be installed as mosquitto.conf.example from 1.2, so as not to clobber anything. The log to file there is new for 1.2 and I'm configuring the .debs to use logrotate as well: https://bitbucket.org/oojah/mosquitto-packaging/src/tip/debian/mosquitto.logrotate The only other extra things that I'm doing are adding some directories in /etc/mosquitto for TLS certificates, and packaging mosquitto.py for both Python 2 and Python 3. I'd be happy to put the systemd unit in the source distribution. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=QT7sSjNfIO&a=cc_unsubscribe _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review