[Ansible Project] how to get the logged in username
1,710 views
Skip to first unread message
Prady A
Jul 28, 2023, 11:04:10 PM7/28/23
to ansible...@googlegroups.com
Hi All,
I searched a quite but could able to find what I wanted
Could any pls suggest me how to get the Username in the host machine. In Linux if I run the below command I get what I suppose to get but don’t know how to do it ansible. Any code Ansible or python would be helpful
Fin Linux:
X1234@hostname$su -
root@hostname#who am i
x1234 pts/2 2023-07-29 (vxj...@domain.com)
My getuser.yml:
- debug: {{ lookup(‘env’, ‘USER’) }}
delegate_to: localhost
- local_action: command whoami
register: user_name
root@hostname# ansible-playbook getuser.yml
Both returning me root. I wanted to have X1234 user instead. I want use that user ID in my from address in mail module. Any insight would be very helpfu.
Regards
Abhijeet Kasurde
Jul 28, 2023, 11:50:25 PM7/28/23
to ansible...@googlegroups.com
Hi Prady,
You are running the playbook as root that is why the playbook is returning 'root'. If you need a particular user then you may want to run the playbook using that user.
For example -
```
# whoami
akasurde
akasurde
# ansible-playbook user.yml -v
PLAY [localhost] *************************************************************************
TASK [debug] *****************************************************************************
ok: [localhost] => {
"msg": "akasurde"
}
TASK [command] ***************************************************************************
changed: [localhost] => {"changed": true, "cmd": ["who", "am", "I"], "delta": "0:00:00.009702", "end": "2023-07-28 20:48:00.637555", "msg": "", "rc": 0, "start": "2023-07-28 20:48:00.627853", "stderr": "", "stderr_lines": [], "stdout": "akasurde 28 Jul 20:48 ", "stdout_lines": ["akasurde 28 Jul 20:48 "]}
PLAY RECAP *******************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
```
PLAY [localhost] *************************************************************************
TASK [debug] *****************************************************************************
ok: [localhost] => {
"msg": "akasurde"
}
TASK [command] ***************************************************************************
changed: [localhost] => {"changed": true, "cmd": ["who", "am", "I"], "delta": "0:00:00.009702", "end": "2023-07-28 20:48:00.637555", "msg": "", "rc": 0, "start": "2023-07-28 20:48:00.627853", "stderr": "", "stderr_lines": [], "stdout": "akasurde 28 Jul 20:48 ", "stdout_lines": ["akasurde 28 Jul 20:48 "]}
PLAY RECAP *******************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
```
You can use become and become_user for escalating the privileges mentioned in https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html#become-directives
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEuB3Ao1t7Wi%3DjcoBVezKwUiz_-EyaZ6%2BF_Gjb8EYRK8PusGjg%40mail.gmail.com.
--
Thanks,
Abhijeet Kasurde
Prady A
Jul 29, 2023, 12:57:08 AM7/29/23
to ansible...@googlegroups.com
Thank you for your kind reply. Yes that’s what my guess also.
As there are many user who run the ansible so it unpractical to change it for all the user. I wanted to get the user details in runtime ..
Regards
Prady
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAFwWkHrBZU%2B3yVhRA93vALu%2Bc7AEQbtieeWeHSfeNB0Ni_iU1A%40mail.gmail.com.
Todd Lewis
Jul 29, 2023, 12:23:08 PM7/29/23
to ansible...@googlegroups.com, uto...@gmail.com
Without knowing your effective ansible config — i.e. the ansible.cfg
it's using, the environment variables that can override those
settings, and command line parameters that can override everything
else — it's impossible to say. Factors include "become",
"become-user", "become-method", "ask-pass", "ask-become-pass", and
probably more.
Are you gathering facts? Ansible does gather facts by default, so if you aren't turning that off somewhere, you can use the variables containing user related facts. For example:
I gave you the python code yesterday. It's dead simple:
If that's "root", and that appears to be the case, then you'll need to understand how your controller is connecting to the target hosts. My guess is you'll eventually need to pass the invoking user's id as an extra variable ("-e invoking_user=${USER}") when invoking ansible-playbook. Maybe consider a wrapper script?
--
Todd
Are you gathering facts? Ansible does gather facts by default, so if you aren't turning that off somewhere, you can use the variables containing user related facts. For example:
$ ansible localhost -m gather_facts | grep ansible_user
"ansible_user_dir": "/home/utoddl",
"ansible_user_gecos": "Todd Lewis",
"ansible_user_gid": 12428,
"ansible_user_id": "utoddl",
"ansible_user_shell": "/bin/bash",
"ansible_user_uid": 12428,
"ansible_userspace_architecture": "x86_64",
"ansible_userspace_bits": "64",
Not an Ansible thing, but: Do Not Use "who am
i" for this. That's the same a "who
-m", which shows you the user associated with the stdin stream, but only if that user is
logged in AND only if the stdin
stream exists and has an associated user. There's a whole lot of
subtle going on there that we don't want to get into in an Ansible
forum. The reason your "su -" followed
by "who am i" is showing your id
rather than root is (probably) because it's your id associated with
the tty you logged into. But that's
going to be different for Ansible, depending on how your controller
connects to the target hosts, including localhost.I gave you the python code yesterday. It's dead simple:
But if you're gathering facts, just use the ansible_user_id variable.import os import pwd userid = pwd.getpwuid(os.getuid())[0]
If that's "root", and that appears to be the case, then you'll need to understand how your controller is connecting to the target hosts. My guess is you'll eventually need to pass the invoking user's id as an extra variable ("-e invoking_user=${USER}") when invoking ansible-playbook. Maybe consider a wrapper script?
--
Todd
Prady A
Jul 29, 2023, 11:51:15 PM7/29/23
to ansible...@googlegroups.com
Hi Todd,
Yeah if we pass who with any arguments it remains the same. I read it some other forum.
I tried with the python code as well as ansible_user_id both returns the same “root”. Since I m running the playbook from root user after su -.
As you suggested we need to check how we can capture the userid who run the playbook from Ansible tower.
Regards
Prady
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5eeb8d90-f325-54b3-1032-73052fad4713%40gmail.com.
Todd Lewis
Jul 31, 2023, 10:11:10 AM7/31/23
to Ansible Project
If users are launching this job through Ansible tower (AWX), and not from a schedule, then you can probably get their user name through the variable "awx_user_name".
There are additional variables specific to AWX. See "{{ lookup('ansible.builtin.varnames', '^awx_.+') }}" to get their names. I'm seeing "awx_inventory_id", "awx_inventory_name", "awx_job_id", "awx_job_launch_type", "awx_job_template_id", "awx_job_template_name", "awx_project_revision", "awx_project_scm_branch", "awx_user_email", "awx_user_first_name", "awx_user_id", "awx_user_last_name", and "awx_user_name".
Prady A
Jul 31, 2023, 10:27:51 AM7/31/23
to ansible...@googlegroups.com
Thank you again.. you are so kind ..It helped a lot..yes we orchestrate servers through Tower..Still a novice in Tower ..
I went through this link there they suggested to use
tower_user_id
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c2c3bab4-5a26-4f4c-99c7-2edf14022ea2n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages