Bug 804964 – Spacewalk is using wrong db users in addition to defined user

Bug 804964 - Spacewalk is using wrong db users in addition to defined user

Summary:	Spacewalk is using wrong db users in addition to defined user

Status:	CLOSED NOTABUG

Aliases:	None

Product:	Spacewalk
Classification:	Community
Component:	Server (Show other bugs)
Sub Component:
Version:	1.7
Hardware:	i686 Linux

Priority	unspecified Severity unspecified
Target Milestone:	---
Target Release:	---
Assigned To:	Jan Pazdziora
QA Contact:	Red Hat Satellite QA List
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:	space18
	Show dependency tree / graph

Reported:	2012-03-20 06:22 EDT by Alexander Davidsen
Modified:	2012-11-01 12:23 EDT (History)
CC List:	1 user (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2012-04-10 11:14:56 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Alexander Davidsen 2012-03-20 06:22:06 EDT

Description of problem:
When monitoring our spacewalk oracle database we can see that the spacewalk application is connecting with the sys-user in addition to the original defined spacewalk-user. 

We see that the application is doing a number of queries using the sys-user, when it should be using the spacewalk-user. 

Our configuration only mentions the spacewalk-user, not the sys-user.

Version-Release number of selected component (if applicable):
1.7
Cent OS 5
External Oracle 11g Database. 
How reproducible:


Steps to Reproduce:
1. Use the http-interface, api or sync packages
2. Look at the sessions being initiated in oracle. Some of these will be executed as the sys-user. 
3.
  
Actual results:
Sys user are being used.

Expected results:
sys user should not be used. 

Additional info:

Comment 1 Michael Mráka 2012-03-20 06:56:05 EDT

Could you attach some of the queries which are run under sys user?

Comment 2 Alexander Davidsen 2012-03-20 12:55:26 EDT

I got this from my DBA:  

select host,userid,password,flag,authusr,authpwd, passwordx, authpwdx
from link$;

Comment 3 Jan Pazdziora 2012-03-21 03:26:23 EDT

How could the Spacewalk machine possibly connect to your database as user sys when it has no way of knowing its password? When you change the password of your sys user, do the selects stop?

Comment 4 Alexander Davidsen 2012-03-21 03:50:40 EDT

I'll check further and get back to you.

Comment 5 Jan Pazdziora 2012-03-26 04:33:49 EDT

Marking as waiting for the info.

Comment 6 Jan Pazdziora 2012-04-10 11:14:56 EDT

Communication lost here.

I assume this is NOTABUG and the queries against link$ were not initiated by Spacewalk, let alone initiated by Spacewalk as sys user.

Note You need to log in before you can comment on or make changes to this bug.