Mosquitto silently fails if there is no permission to write the log file and is binding on a priveleged port #234

mtreinish opened this Issue Aug 2, 2016 · 2 comments


None yet

2 participants


If you enable a listener on a privileged port (like port 80) and set the log_dest file to be a path where the user doesn't have write permissions mosquitto will silently fail. There is no output anywhere (logfile, stdout, stderr, etc) and the return code is 1. This looks to be because it only outputs to the log file if that's the only log_dest that's set.

An easy reproduce is create a mosquitto.conf with:

log_dest file /var/log/mosquitto
listener 80

and then run:

sudo mosquitto -c mosquitto.conf

an strace will show the error is an EACCES on the bind:

bind(3, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr("")}, 16) = -1 EACCES (Permission denied)

but it works fine if you have write access to the file, like if change /var/log/mosquitto to /tmp/mosquitto.

I believe what is happening is that mosquitto is trying to write an error messages to the log file but doesn't have permission to write it and just exits. We probably should add a failback in this case and make sure we dump the errors to stderr (or stdout) if we fail to start and can't write to the log file.

@ralight ralight added this to the Fixes-next milestone Aug 8, 2016
@ralight ralight self-assigned this Aug 8, 2016
ralight commented Aug 8, 2016

Agreed, your analysis makes sense so adding the fallback would be a good approach.

@ralight ralight added a commit that referenced this issue Aug 16, 2016
@ralight ralight Display error if broker unable to open the log file.
Thanks to Matthew Treinish.

Bug: #234
ralight commented Aug 16, 2016

Thanks, I've pushed a commit to fix this.

@ralight ralight closed this Aug 16, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment