如何成为ansible中的特定用户
[英]How to become a specific user in ansible
问题描述
I am trying to run a command on a system with ansible as a specific user.
我正在尝试在 ansible 作为特定用户的系统上运行命令。
Its important that I run as that specific user because the config file the command needs to work is only available to that user.我以该特定用户身份运行很重要,因为该命令需要工作的配置文件仅对该用户可用。 Any other user won't be able to read the config file and thus won't work.任何其他用户将无法读取配置文件,因此无法工作。
I'm trying to use ansible's become_user , become and become_method to run the command but ansible seems to be ignoring it.我正在尝试使用 ansible 的become_user 、 become和become_method来运行命令,但 ansible 似乎忽略了它。 Here's an example:这是一个例子:
- shell: whoami
register: c
- shell: whoami
become: yes
register: d
- shell: whoami
become: yes
become_user: myuser
become_method: su
register: e
- debug: var=c.stdout
- debug: var=d.stdout
- debug: var=e.stdout
And when I run the ansible script I get the following:当我运行 ansible 脚本时,我得到以下信息:
TASK [myscript : debug] *************************************************************************************************************************************************
ok: [10.33.56.93] => {
"c.stdout": "root"
}
TASK [myscript : debug] *************************************************************************************************************************************************
ok: [10.33.56.93] => {
"d.stdout": "root"
}
TASK [myscript : debug] *************************************************************************************************************************************************
ok: [10.33.56.93] => {
"e.stdout": "root"
}
Am I misunderstanding how become_user works?我是否误解了become_user工作原理? Is there some other way for me to get my command to run as a specific user?我还有其他方法可以让我的命令以特定用户身份运行吗?
I am using ansible 2.9.18 if that should matter.如果这很重要,我正在使用 ansible 2.9.18。
Thanks谢谢
2 个解决方案
解决方案1
0 2021-05-07 11:47:15
try to add尝试添加
become_method: su
It might help to use the certain user.使用特定用户可能会有所帮助。 Im not sure, it might help我不确定,它可能会有所帮助
解决方案2
0 已采纳 2021-05-07 13:11:08
become_user is the main piece that you need here. become_user是您在这里需要的主要部分。
You are seeing root appear in the first task because you are running the playbook as root which is fine.您看到root出现在第一个任务中,因为您以root身份运行 playbook,这很好。
The other two tasks are root because you are giving privilege escalation to each task which will override the become_user that you are setting.其他两个任务是root ,因为您正在为每个任务提供权限升级,这将覆盖您正在设置的become_user 。 You can simply remove become: yes and switching the user should work.您可以简单地删除become: yes并且切换用户应该可以工作。
---
- hosts: localhost
become: yes
tasks:
- shell: whoami
register: c
- shell: whoami
become_user: myuser
register: d
- debug: var=c.stdout
- debug: var=d.stdout
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.