rsync and ssh don't prompt for a password, because I have DSA encryption keys. However, if rsync or ssh did prompt for a password, it would be invisible as I typed it in.
Sadly, sudo does prompt for a password. Not only that, the password gets displayed on the screen of my local machine as I type it.
Edited to add this paragraph:
Here is an example of what happens:
local-box$ ./myScript.sh
[sudo] password for fluoborate:
It wants the password for "sudo /etc/init.d/apache2 reload", and it wants the password for the user fluoborate on remote-box. When I type in the password, it appears, it is visible on my screen (the screen of local-box).
Possible solutions:
Ideally, I would like to be able to do something like this:
Before you balk at how insecure that is: I would prompt for the password earlier in the script, rather than hard-coding it, so reading the source code will not include the password. Also, nobody else can login to the remote machine, so they cannot see the command line arguments or look at my BASH history.
Modify my sudoers file. I don't want to do this, and I haven't been able to figure out how. I am on Ubuntu (10.10 server, iirc). I can make it never prompt for a sudo password, but I cannot make it always prompt except for the one command "sudo /etc/init.d/apache2 reload". If you can provide very explicit instructions to get that working, then please do, I will be forever grateful.
Use expect. I simply don't want to do this, it is ugly.
rsync /path/on/local/box/ foo.com:path/on/remote/box/
ssh foo.com ls
...that script will happily perform the rsync and then print the listing of a directory on remote-box. SSH and rsync do not require a password because I have DSA keys installed.
So I understand here
you connect as fluoborate at foo.com then want to change effective ID (sudo) to root for executing ls
That means you have to look at the sudoers file on foo.com and add a newline or edit existing to look like
I am trying to do that sudoers magic, but it doesn't work. It either prompts for a password for everything or nothing, but I want it to only not prompt for:
sudo /etc/init.d/apache2 reload
Exactly what line should I add to sudoers? Does it matter how many spaces I put in the middle of the line? Is there a problem because "/etc/init.d/apache2 reload" contains a space? Maybe I need to type "/etc/init.d/apache2\ reload" in sudoers?
I have tried a bunch of things, I can't make it work. I invite you to try things on your own sudoers file. However, I can't think of another command that requires superuser permissions and has a space in it.
vbe: I think your final suggestion worked. Prior to you posting the final suggestion, I independently discovered that sudoers doesn't like double-quotes. It was actually kind of annoying, because the syntax error was non-descriptive. It didn't even report the correct line for the error, it said "near line 27" when the double-quotes were on line 29. Line 27 was blank. I mustn't grumble, though.
Corona688: I was also surprised that sudo would ask for a password and echo the input to the screen. It is a terrible and naughty thing to do.