From e96d3c6cba6bbdf2a2c3c1fc7c67ca84c2814ada Mon Sep 17 00:00:00 2001
From: hcooper <coops@fawk.eu>
Date: Sun, 17 Mar 2019 01:45:16 -0700
Subject: [PATCH] Explain an explicit ACL is now required; update example.
 (#8965)

* Explain an explicit ACL is now required; update example.

The issue explained in https://github.com/home-assistant/hassio-addons/issues/545 outlines how an explicit ACL is now required for mosquitto to accept any traffic.

* Add formatting

* Make it bold
---
 source/_addons/mosquitto.markdown | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/source/_addons/mosquitto.markdown b/source/_addons/mosquitto.markdown
index 86d5c2316a3..41c8fdfb06a 100644
--- a/source/_addons/mosquitto.markdown
+++ b/source/_addons/mosquitto.markdown
@@ -28,7 +28,7 @@ Set up [Mosquitto](https://mosquitto.org/) as MQTT broker.
 ```
 
 <p class='warning note'>
-Make sure you use logins and disable anonymous access if you want to secure the system.
+Since version 4.1 of the addon, an explicit ACL definition is now required, [see these instructions](https://www.home-assistant.io/addons/mosquitto/#access-control-lists-acls).
 </p>
 
 {% configuration %}
@@ -63,7 +63,7 @@ To use the Mosquitto as [broker](/docs/mqtt/broker/#run-your-own), go to the int
 
 3. Once back on-line, return to `Configuration > Integrations` and select configure next to `MQTT`.
 
-```
+```text
   Broker: YOUR_HASSIO_IP_ADDRESS
   Port: 1883
   Username: MQTT_USERNAME
@@ -86,13 +86,24 @@ See the following links for more information:
 * [Mosquitto topic restrictions](http://www.steves-internet-guide.com/topic-restriction-mosquitto-configuration/)
 * [Mosquitto.conf man page](https://mosquitto.org/man/mosquitto-conf-5.html)
 
-Add the following configuration to enable ACLs:
+Add the following configuration to enable **unrestricted** access to all topics.
 
-1. Set the `active` flag within the `customize` section to `true` in your configuration.
-2. Create a file in `/share/mosquitto` named `acl.conf` with the following contents:
+ 1. Enable the customize flag
+```json
+  "customize": {
+    "active": true,
+    "folder": "mosquitto"
+  },
+```
+
+2. Create `/share/mosquitto/acl.conf` with the contents:
 ```text
 acl_file /share/mosquitto/accesscontrollist
 ```
-3. Create a file in `/share/mosquitto` named `accesscontrollist` and add contents according to your requirements.
 
-The `/share` folder can be found on the host filesystem under `/usr/share/hassio/share`, or via the `Share` folder through SMB (Samba).
+3. Create `/share/mosquitto/accesscontrollist` with the contents:
+```text
+topic readwrite #
+```
+
+The `/share` folder can be accessed via SMB, or on the host filesystem under `/usr/share/hassio/share`.