[英]How to become a specific user in ansible
I am trying to run a command on a system with ansible as a specific user.我正在尝试在 ansible 作为特定用户的系统上运行命令。
Its important that I run as that specific user because the config file the command needs to work is only available to that user.我以该特定用户身份运行很重要,因为该命令需要工作的配置文件仅对该用户可用。 Any other user won't be able to read the config file and thus won't work.
任何其他用户将无法读取配置文件,因此无法工作。
I'm trying to use ansible's become_user
, become
and become_method
to run the command but ansible seems to be ignoring it.我正在尝试使用 ansible 的
become_user
、 become
和become_method
来运行命令,但 ansible 似乎忽略了它。 Here's an example:这是一个例子:
- shell: whoami
register: c
- shell: whoami
become: yes
register: d
- shell: whoami
become: yes
become_user: myuser
become_method: su
register: e
- debug: var=c.stdout
- debug: var=d.stdout
- debug: var=e.stdout
And when I run the ansible script I get the following:当我运行 ansible 脚本时,我得到以下信息:
TASK [myscript : debug] *************************************************************************************************************************************************
ok: [10.33.56.93] => {
"c.stdout": "root"
}
TASK [myscript : debug] *************************************************************************************************************************************************
ok: [10.33.56.93] => {
"d.stdout": "root"
}
TASK [myscript : debug] *************************************************************************************************************************************************
ok: [10.33.56.93] => {
"e.stdout": "root"
}
Am I misunderstanding how become_user
works?我是否误解了
become_user
工作原理? Is there some other way for me to get my command to run as a specific user?我还有其他方法可以让我的命令以特定用户身份运行吗?
I am using ansible 2.9.18 if that should matter.如果这很重要,我正在使用 ansible 2.9.18。
Thanks谢谢
try to add尝试添加
become_method: su
It might help to use the certain user.使用特定用户可能会有所帮助。 Im not sure, it might help
我不确定,它可能会有所帮助
become_user
is the main piece that you need here. become_user
是您在这里需要的主要部分。
You are seeing root
appear in the first task because you are running the playbook as root
which is fine.您看到
root
出现在第一个任务中,因为您以root
身份运行 playbook,这很好。
The other two tasks are root
because you are giving privilege escalation to each task which will override the become_user
that you are setting.其他两个任务是
root
,因为您正在为每个任务提供权限升级,这将覆盖您正在设置的become_user
。 You can simply remove become: yes
and switching the user should work.您可以简单地删除
become: yes
并且切换用户应该可以工作。
---
- hosts: localhost
become: yes
tasks:
- shell: whoami
register: c
- shell: whoami
become_user: myuser
register: d
- debug: var=c.stdout
- debug: var=d.stdout
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.