Turns out, become_user directive can be used not only for privilege escalation (running Ansible playbooks as root), but also for becoming any other when you want certain tasks run as that user instead of root.
Default Ansible Behavior for Running Tasks
I had the following piece of code, running /home/greys/.dotfiles/install script. It didn't run as intended, creating symlinks in /root directory (because that's what Ansible was running the task as):
- name: Create symlinks for dotfiles shell: /home/greys/.dotfiles/install register: dotfiles.result ignore_errors: yes tags: - dotfiles
Specify User for an Ansible Task
become_user parameter can be specifed per task or per playbook, apparently. So that's how you specify it per task – in my example to run the Create symlinks for dotfiles task as my user greys:
- name: Create symlinks for dotfiles shell: /home/greys/.dotfiles/install register: dotfiles.result ignore_errors: yes become: yes become_user: greys tags: - dotfiles
Leave a Reply