I use a cronjob as root to check via lsof if some remote machines have established an ssh tunnel to the main server (root, otherwise lsof and netstat won't show the username and sshd pid).
Then for each connection I want to run deploy scripts that perform a bunch of tasks on those connection:
for script in "${deploy_scripts[@]}"
do
set +e
sudo -u $deploy_user -H ${script} $user $port $conpid 2>&1 > /tmp/deploy.log
res=$?
set -e
if [ $res -ne 0 ]; then
echo error executing in $script
cat /tmp/deploy.log
fi
done
and each deploy script essentially looks like
#!/bin/bash
set -x
set -e
user=$1
port=$2
pid=$3
do stuff
However the deploy.log is always empty and I want to know when stuff fails. I tried with exec and BASH_XTRACEFD, but I don't know how to reset this after each deploy script so it doesn't capture the root script. The deploy scripts should be unaware of this logging.
