Bug 57870 - Temporary files /etc/machine.secret.jizl2Qob left behind by server_password_change
Summary: Temporary files /etc/machine.secret.jizl2Qob left behind by server_password_c...
Status: NEW
Alias: None
Product: UCS
Classification: Unclassified
Component: General
Version: UCS 5.2
Hardware: Other Linux
: P5 normal
Target Milestone: ---
Assignee: UCS maintainers
QA Contact: UCS maintainers
URL:
Keywords:
Depends on: 31026
Blocks:
  Show dependency treegraph
 
Reported: 2025-01-16 19:04 CET by Arvid Requate
Modified: 2025-01-16 19:04 CET (History)
0 users

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2025-01-16 19:04:32 CET 
The script /usr/lib/univention-server/server_password_change creates temporary files with

new_pass="$(mktemp "$MSECRET.XXXXXXXX")"

and doesn't remove them in the end. They are only root readable but should be cleaned up.