Bug 8440 - rsync goes interactive on missing --password-file
Summary: rsync goes interactive on missing --password-file
Status: RESOLVED FIXED
Alias: None
Product: rsync
Classification: Unclassified
Component: core (show other bugs)
Version: 3.1.0
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Wayne Davison
QA Contact: Rsync QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-09-06 21:19 UTC by Philip Rowlands
Modified: 2011-09-07 04:33 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philip Rowlands 2011-09-06 21:19:58 UTC
I've a script which calls:
rsync --password-file=password.txt rsync://server/files /files

However, due to an unrelated error password.txt was missing.

In authenticate.c:auth_client, the code tries to read from the password file, then tries the RSYNC_PASSWORD env var, then calls getpass(3). This last step is causing problems as, even though the script is intended to run unattended, it stops at the password prompt.

This only happens when running with a controlling tty (more specifically, without a controlling tty getpass(3) can't open /dev/tty), for example, in the %post script of a Redhat / Fedora kickstart file.

Demonstration:
# rsync -vv --password-file=password.txt rsync://server/files /files < /dev/null
opening tcp connection to server port 873
opening connection using --server --sender -vv . files
rsync: could not open password file "password.txt": No such file or directory (2)
Password:
<< rsync waits forever here >>

Suggested fix is to error-out in auth_client() when the given requested --password-file can't be used, rather than trying to continue with other credentials.

Wrapping up rsync in a setsid caller avoids the problem, but dissociates from the shell so it's impossible to catch exit status.

Quoting the manpage, "You can avoid the password prompt by ... using the --password-file option." This is not true in all cases.
Comment 1 Wayne Davison 2011-09-07 04:33:21 UTC
I agree that if the user specified --password-file=FOO, that rsync should use FOO, and die if that fails.  I've checked in a change to the master branch in git, and will probably make the same change for 3.0.9.

Note that another way to avoid a password prompt (for those using an older rsync) is to export a bogus password (NOT the actual password) into the RSYNC_PASSWORD environment variable in any script or crond file that is calling rsync.  That way any failure in processing the password file will use the bogus environment information rather than prompting for a password.