password via stdin or file <feature request>

[m-fonseca]

Hello,

There should be a way to to give a password to fsarchiver in an automated way without putting it on the cmdline for all to see. Currently, -c only works directly with the password as a commadline argumet, or it prompts (which is no good for calling from a non interactive script unless you use something like expect to simulate user input.

It would be great if -c could somehow take a file, or read the password from stdin.

[lexo-mfleuti]

Indeed, I am sturggling with this issue now for like an hour... it's very insecure to display the encryption password in the process list. Every system user can see it like that. And password prompting is not an option for automation. I think this would even be quite simple to implement in a new release. A nice way to not see anything in the process list would be if fsarchiver would have an option like: -c FSPASS And then I would simply export the password into the FSPASS variable in the script and fsarchiver would read it from there. That way not even the location of the password file would be unveiled.

[babiulep]

Although this is not a solution for this problem, a work-a-round you could try is to mount /proc with 'hidepid=2'. A (normal) user can not see other user's PID's. Of course root can see everything...