following problem. I got this shell script:
#!/bin/sh
# Provide log for debugging
if [ ! -f /home/some-user/port-control.log ]; then
touch /home/some-user/port-control.log
chown some-user /home/some-user/port-control.log
fi
# Load environment variables for authentication
source /home/some-user/.openstack/nova-openrc.sh
# Open ports at login
if [ "$PAM_TYPE" = "open_session" ] && [ "$PAM_USER" = "some-user" ]; then
echo "Opening ports ... Nova response:" >> /home/some-user/port-control.log
nova --debug add-secgroup some-server some-secgroup &>> /home/some-user/port-control.log
fi
# Close ports at logout
if [ "$PAM_TYPE" = "close_session" ] && [ "$PAM_USER" = "some-user" ]; then
echo "Closing ports ... Nova response:" >> /home/some-user/port-control.log
nova --debug remove-secgroup some-server some-secgroup &>> /home/some-user/port-control.log
fi
I'm using this script to open/close some ports in my firewall when connecting/disconnecting via ssh by dynamically adding an already configured secgroup to my server - at least thats the idea. Unfortunately, the nova commands somehow don't seem to execute at all, I get nothing in my log. Now, since I got no stderr, debugging is kinda hard. What am I doing wrong?
When I source the nova login credentials and execute the nova commands manually outside a script, everything works perfectly fine.
Btw: If it helps: I'm running all this inside a docker container based on an Ubuntu:14.04 image. Yeah, I know: If you're using sshd inside a docker container, your doing it wrong. In this case, there's a reason for the sshd ;)
