I've a script which calls: rsync --password-file=password.txt rsync://server/files /files However, due to an unrelated error password.txt was missing. In authenticate.c:auth_client, the code tries to read from the password file, then tries the RSYNC_PASSWORD env var, then calls getpass(3). This last step is causing problems as, even though the script is intended to run unattended, it stops at the password prompt. This only happens when running with a controlling tty (more specifically, without a controlling tty getpass(3) can't open /dev/tty), for example, in the %post script of a Redhat / Fedora kickstart file. Demonstration: # rsync -vv --password-file=password.txt rsync://server/files /files < /dev/null opening tcp connection to server port 873 opening connection using --server --sender -vv . files rsync: could not open password file "password.txt": No such file or directory (2) Password: << rsync waits forever here >> Suggested fix is to error-out in auth_client() when the given requested --password-file can't be used, rather than trying to continue with other credentials. Wrapping up rsync in a setsid caller avoids the problem, but dissociates from the shell so it's impossible to catch exit status. Quoting the manpage, "You can avoid the password prompt by ... using the --password-file option." This is not true in all cases.
I agree that if the user specified --password-file=FOO, that rsync should use FOO, and die if that fails. I've checked in a change to the master branch in git, and will probably make the same change for 3.0.9. Note that another way to avoid a password prompt (for those using an older rsync) is to export a bogus password (NOT the actual password) into the RSYNC_PASSWORD environment variable in any script or crond file that is calling rsync. That way any failure in processing the password file will use the bogus environment information rather than prompting for a password.