Specify User per Task in Ansible
Turns out, become_user directive can be used not only for privilege escalation (running Ansible playbooks as root), but also for becoming any other when you want certain tasks run as that user instead of root.
Default Ansible Behavior for Running Tasks
I had the following piece of code, running /home/greys/.dotfiles/install script. It didn’t run as intended, creating symlinks in /root directory (because that’s what Ansible was running the task as):
- name: Create symlinks for dotfiles
shell: /home/greys/.dotfiles/install
register: dotfiles.result
ignore_errors: yes
tags:
- dotfiles
Specify User for an Ansible Task
become_user parameter can be specifed per task or per playbook, apparently. So that’s how you specify it per task – in my example to run the Create symlinks for dotfiles task as my user greys:
- name: Create symlinks for dotfiles
shell: /home/greys/.dotfiles/install
register: dotfiles.result
ignore_errors: yes
become: yes
become_user: greys
tags:
- dotfiles