Switch user after logging in to Ansible

Question

Switch user after logging in to Ansible

I need to run various tasks as root, but due to security restrictions, I can only do this by running the super su-root command and entering a password. No court allowed. Is it possible to disconnect a user after logging in?

+4

ansible

Magnus Jeffs Tovslid Apr 05 '16 at 6:50

source share

2 answers

Isstvan · Answer 1 · 2016-04-05T06:53:30+0000

Yes, it is possible:

Directives

These can be set from play to task level, but are overriden by connection variables as they can be host specific.

become
set to ‘true’/’yes’ to activate privilege escalation.

become_user
set to user with desired privileges, the user you ‘become’, NOT the user you login as. Does NOT imply become: yes, to allow it to be set at host level.

become_method
at play or task level overrides the default method set in ansible.cfg, set to ‘sudo’/’su’/’pbrun’/’pfexec’/’doas’

Connection variables
Each allows you to set an option per group and/or host, these are normally defined in inventory but can be used as normal variables.

ansible_become
equivalent of the become directive, decides if privilege escalation is used or not.

ansible_become_method
allows to set privilege escalation method

ansible_become_user
allows to set the user you become through privilege escalation, does not imply ansible_become: True

ansible_become_pass
allows you to set the privilege escalation password

http://docs.ansible.com/ansible/become.html

Xiong Chiamiov · Answer 2 · 2016-04-06T19:45:02+0000

Ansible switch from sudoa method of privilege escalation becomegeneral purpose is to support cases such as this.

, , become_method super Ansible .

Switch user after logging in to Ansible

More articles: