1

I am trying to create a default access for all users unless specified in the ACL file.

I have allow_anonymous set to false. However, if a user is in the password file, I want that user to be able to have read access only to a specific topic. If I define a user rule in the ACL file, I want that to be used instead. I want to do this so any new passwords I create will have a default access. That way I don't have to add an entry in the ACL file for every new password I create.

Basically something like:

user * (wildcard, all users)

topic read some_topic

(and then I create rules if needed)

user admin1
topic readwrite #

user user1
topic read temps
Fl0v0
  • 113
  • 4

1 Answers1

0

Had the same problem, it seems like if you define one user section in the acl, the default acls get overridden. What worked for me was to use the pattern keyword instead of the topic (described here mosquitto.conf man page acl section)

So your example acl would look like this:

# All users
pattern read some_topic

user admin1
topic readwrite #

user user1
topic read temps

Edit: Note that this approach generates below warnings in my case

Warning: ACL pattern 'some_topic' does not contain '%c' or '%u'.

Fl0v0
  • 113
  • 4