Bug 1146768

Summary: AUDIT-FIND: resource-agents: Problematic suggestion in documentation in mysql-proxy
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Enhancement    
Priority: P5 - None CC: dakechi, filippo.bonazzi, jsegitz, matthias.gerstner, stoyan.manolov, varkoly
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1021689    

Description Johannes Segitz 2019-08-22 08:07:38 UTC 
resource-agents-4.3.018.a7fb5035/heartbeat/mysql-proxy
149 <parameter name="proxy_address" unique="0" required="0">
150 <longdesc lang="en">
151 Listening address:port of the proxy server (default: :4040).
152 You can also specify a socket like "/tmp/mysql-proxy.sock".
153 </longdesc>
154 <shortdesc lang="en">MySQL Proxy listening address</shortdesc>
155 <content type="string" default=":4040" />
156 </parameter>

Please don't suggest /tmp/mysql-proxy.sock, that is bad practice. Use one of the directories where this socket can be provided securely
Comment 1 Johannes Segitz 2021-07-09 07:19:41 UTC 
Can this please be change to /var/run/$SOMETHING instead of /tmp?
Comment 2 Matthias Gerstner 2022-01-14 14:29:47 UTC 
Can this please be adjusted or assigned to somebody appropriate? This is the only issue blocking the parent bug from being closed.
Comment 3 Filippo Bonazzi 2022-12-12 12:03:19 UTC 
Hi Peter, can this be fixed?
Comment 4 Peter Varkoly 2022-12-13 12:36:26 UTC 
I've created a pullrequest:
https://github.com/ClusterLabs/resource-agents/pull/1827

Do we need to fix it for older versions too or only for SLE15-SP5?
Comment 5 Johannes Segitz 2022-12-13 12:52:29 UTC 
newest version is fine for this, thanks. Once this is merged we can close this
Comment 6 OBSbugzilla Bot 2022-12-14 11:25:03 UTC 
This is an autogenerated message for OBS integration:
This bug (1146768) was mentioned in
https://build.opensuse.org/request/show/1042894 Factory / resource-agents
Comment 7 Peter Varkoly 2022-12-14 11:25:40 UTC 
Pullrequest was aceppted.
Comment 9 Filippo Bonazzi 2022-12-14 12:17:09 UTC 
Thanks for the quick turnaround! I will wait for the SRs to be merged and then close this.
Comment 10 OBSbugzilla Bot 2022-12-16 20:55:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1146768) was mentioned in
https://build.opensuse.org/request/show/1043402 Factory / resource-agents
Comment 11 Filippo Bonazzi 2023-01-09 09:05:28 UTC 
Fix was submitted in SR#1043402.
Comment 12 OBSbugzilla Bot 2023-01-25 14:05:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1146768) was mentioned in
https://build.opensuse.org/request/show/1060932 Factory / resource-agents