diff options
| author | Wayne Davison <wayned@samba.org> | 2013-06-09 12:04:25 -0700 |
|---|---|---|
| committer | Wayne Davison <wayned@samba.org> | 2013-06-09 12:11:53 -0700 |
| commit | 12505e02b1a3789d995ddf6b91c1e641f54ddb25 (patch) | |
| tree | cc3215dce0f2426270b0ee401b447ec2950849c1 | |
| parent | d6df07392e4bbdd3056c501fc047e5a1ff45a371 (diff) | |
| download | rsync-12505e02b1a3789d995ddf6b91c1e641f54ddb25.tar.gz rsync-12505e02b1a3789d995ddf6b91c1e641f54ddb25.tar.bz2 rsync-12505e02b1a3789d995ddf6b91c1e641f54ddb25.zip | |
Allow --password-file=- for a stdin-supplied password.
| -rw-r--r-- | authenticate.c | 43 | ||||
| -rw-r--r-- | rsync.yo | 9 |
2 files changed, 30 insertions, 22 deletions
diff --git a/authenticate.c b/authenticate.c index c11db253..84d78c52 100644 --- a/authenticate.c +++ b/authenticate.c @@ -170,31 +170,38 @@ static const char *getpassf(const char *filename) { STRUCT_STAT st; char buffer[512], *p; - int fd, n; + int n; if (!filename) return NULL; - if ((fd = open(filename,O_RDONLY)) < 0) { - rsyserr(FERROR, errno, "could not open password file %s", filename); - exit_cleanup(RERR_SYNTAX); - } + if (strcmp(filename, "-") == 0) { + n = fgets(buffer, sizeof buffer, stdin) == NULL ? -1 : (int)strlen(buffer); + } else { + int fd; - if (do_stat(filename, &st) == -1) { - rsyserr(FERROR, errno, "stat(%s)", filename); - exit_cleanup(RERR_SYNTAX); - } - if ((st.st_mode & 06) != 0) { - rprintf(FERROR, "ERROR: password file must not be other-accessible\n"); - exit_cleanup(RERR_SYNTAX); - } - if (MY_UID() == 0 && st.st_uid != 0) { - rprintf(FERROR, "ERROR: password file must be owned by root when running as root\n"); - exit_cleanup(RERR_SYNTAX); + if ((fd = open(filename,O_RDONLY)) < 0) { + rsyserr(FERROR, errno, "could not open password file %s", filename); + exit_cleanup(RERR_SYNTAX); + } + + if (do_stat(filename, &st) == -1) { + rsyserr(FERROR, errno, "stat(%s)", filename); + exit_cleanup(RERR_SYNTAX); + } + if ((st.st_mode & 06) != 0) { + rprintf(FERROR, "ERROR: password file must not be other-accessible\n"); + exit_cleanup(RERR_SYNTAX); + } + if (MY_UID() == 0 && st.st_uid != 0) { + rprintf(FERROR, "ERROR: password file must be owned by root when running as root\n"); + exit_cleanup(RERR_SYNTAX); + } + + n = read(fd, buffer, sizeof buffer - 1); + close(fd); } - n = read(fd, buffer, sizeof buffer - 1); - close(fd); if (n > 0) { buffer[n] = '\0'; if ((p = strtok(buffer, "\n\r")) != NULL) @@ -2416,10 +2416,11 @@ want to see how the transfer is doing without scrolling the screen with a lot of names. (You don't need to specify the bf(--progress) option in order to use bf(--info=progress2).) -dit(bf(--password-file)) This option allows you to provide a password in a -file for accessing an rsync daemon. The file must not be world readable. -It should contain just the password as the first line of the file (all -other lines are ignored). +dit(bf(--password-file=FILE)) This option allows you to provide a password for +accessing an rsync daemon via a file or via standard input if bf(FILE) is +bf(-). The file should contain just the password on the first line (all other +lines are ignored). Rsync will exit with an error if bf(FILE) is world +readable or if a root-run rsync command finds a non-root-owned file. This option does not supply a password to a remote shell transport such as ssh; to learn how to do that, consult the remote shell's documentation. |