We do debug run(bash -x ./my_script.sh) in a shell script to understand/show what it is doing. But in doing so it might show some sensitive information that I dont want to be visible, such as passwords. My script extracts the password from a secure vault and passes it as a variable within the script when required.
So, I want to understand if there is a way to hash/hide such sensitive information during a debug run of shell script? (Probably No way?)
Advertisement
Answer
Disable debugging for the part with sensitive information and re-enable it afterwards.
if [[ $- =~ x ]]; then debug=1; set +x; fi # your code with sensitive information [[ $debug == 1 ]] && set -x