开启mysql认证时,报错

环境信息

  • EMQ X 版本:4.3.5
  • 操作系统及版本:centos 7.5
  • 其他

问题描述

两台搭建的集群,其他一台机可以开启mysql认证,另一台机报Reload plugin emqx_auth_mysql error: parse_config_file_failed.

配置文件及日志

##--------------------------------------------------------------------
## MySQL Auth/ACL Plugin
##--------------------------------------------------------------------

## MySQL server address.
##
## Value: Port | IP:Port
##
## Examples: 3306, 127.0.0.1:3306, localhost:3306
auth.mysql.server = 10.252.7.188:3306

## MySQL pool size.
##
## Value: Number
auth.mysql.pool = 8

## MySQL username.
##
## Value: String
auth.mysql.username = admin

## MySQL password.
##
## Value: String
auth.mysql.password = Ecpp888888!

## MySQL database.
##
## Value: String
auth.mysql.database = ecpp_device

## MySQL query timeout
##
## Value: Duration
auth.mysql.query_timeout = 5s

## Variables: %u = username, %c = clientid

## Authentication query.
##
## Note that column names should be 'password' and 'salt' (if used).
## In case column names differ in your DB - please use aliases,
## e.g. "my_column_name as password".
##
## Value: SQL
##
## Variables:
##  - %u: username
##  - %c: clientid
##  - %C: common name of client TLS cert
##  - %d: subject of client TLS cert
##
auth.mysql.auth_query = select password from device_info where username = '%u' limit 1
## auth.mysql.auth_query = select password_hash as password from mqtt_user where username = '%u' limit 1

## Password hash.
##
## Value: plain | md5 | sha | sha256 | bcrypt
#auth.mysql.password_hash = sha256

## sha256 with salt prefix
auth.mysql.password_hash = salt,sha256

## bcrypt with salt only prefix
## auth.mysql.password_hash = salt,bcrypt

## sha256 with salt suffix
## auth.mysql.password_hash = sha256,salt

## pbkdf2 with macfun iterations dklen
## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
## auth.mysql.password_hash = pbkdf2,sha256,1000,20

## Superuser query.
##
## Value: SQL
##
## Variables:
##  - %u: username
##  - %c: clientid
##  - %C: common name of client TLS cert
##  - %d: subject of client TLS cert
##
auth.mysql.super_query = select is_superuser from mqtt_user where username = '%u' limit 1

## ACL query.
##
## Value: SQL
##
## Variables:
##  - %a: ipaddr
##  - %u: username
##  - %c: clientid
##
## Note: You can add the 'ORDER BY' statement to control the rules match order
auth.mysql.acl_query = select allow, ipaddr, username, clientid, access, topic from mqtt_acl where ipaddr = '%a' or username = '%u' or username = '$all' or clientid = '%c'

## Mysql ssl configuration.
##
## Value: on | off
#auth.mysql.ssl = off

## CA certificate.
##
## Value: File
#auth.mysql.ssl.cacertfile  = /path/to/ca.pem

## Client ssl certificate.
##
## Value: File
#auth.mysql.ssl.certfile = /path/to/your/clientcert.pem

## Client ssl keyfile.
##
## Value: File
#auth.mysql.ssl.keyfile = /path/to/your/clientkey.pem

## In mode verify_none the default behavior is to allow all x509-path
## validation errors.
##
## Value: true | false
#auth.mysql.ssl.verify = false

## If not specified, the server's names returned in server's certificate is validated against
## what's provided `auth.mysql.server` config's host part.
## Setting to 'disable' will make EMQ X ignore unmatched server names.
## If set with a host name, the server's names returned in server's certificate is validated
## against this value.
##
## Value: String | disable
## auth.mysql.ssl.server_name_indication = disable

你的配置文件是从好的那台复制过去的,还是手动写的?

手动和从好的那台复制过去都试过,都不行

2021-12-30T16:16:04.647554+08:00 [alert] [Plugins] Plugin emqx_auth_mysql load failed with {function_clause,[{lists,’-filter/2-lc$^0/1-0-’,[{errorlist,[{error,{file_open,{"/etc/emqx/plugins/emqx_auth_mysql.conf",eacces}}}]}],[{file,“lists.erl”},{line,1290}]},{cuttlefish_generator,map,5,[{file,“cuttlefish_generator.erl”},{line,53}]},{emqx_plugins,load_plugin,2,[{file,“emqx_plugins.erl”},{line,299}]},{emqx_mgmt_cli,plugins,1,[{file,“emqx_mgmt_cli.erl”},{line,299}]},{emqx_ctl,run_command,2,[{file,“emqx_ctl.erl”},{line,105}]},{erpc,execute_call,4,[{file,“erpc.erl”},{line,416}]}]}
这个是报错日志

我知道怎么回事了,文件权限问题

1赞