Just using {{ ansible_ssh_user }} works for me - probably that got improved
meanwhile.
Am Montag, 15. April 2013 19:37:27 UTC+2 schrieb Steve Weber:
>
> I found this workaround
>
>
>> # fill fact $ansible_user_id while not sudo as root
>> - hosts: any
>> sudo: no
>> gather_facts: yes
>>
>
>
>> - name: scm
>> hosts: any
>> gather_facts: no
>> tasks:
>> - shell: echo before running sudo the user was- $ansible_user_id now
>> as sudo you are- $USER
>
>
>
>
>
> On Wednesday, 27 March 2013 10:30:00 UTC-4, Steve Weber wrote:
>>
>> issue:
>> https://github.com/ansible/ansible/issues/2516
>>
>>
>> On Wednesday, 27 March 2013 10:21:46 UTC-4, Steve Weber wrote:
>>>
>>> sure ill file the ticket on git hub.
>>>
>>>
>>> On Wed, Mar 27, 2013 at 8:48 AM, Michael DeHaan
>>> <[email protected]<javascript:>
>>> > wrote:
>>>
>>>> I see.
>>>>
>>>> So we want to just basically expose $ansible_ssh_user as a variable
>>>> before we call tasks about it.
>>>>
>>>> This is not difficult at all -- Please file a ticket so we don't forget
>>>> this.
>>>>
>>>> We're past the feature freeze date for 1.1 (which was Monday), so this
>>>> will happen on 1.2's development branch after Tuesday...
>>>>
>>>> A simple workaround now would just be to set the variable in the play,
>>>> prompt for it via vars_prompt, or pass it in with --extra-vars.
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Mar 26, 2013 at 10:43 PM, Steve Weber
>>>> <[email protected]<javascript:>>
>>>> wrote:
>>>> > Ah yes a patch.. But i`m not after the sudo_user.
>>>> > im looking for the user name that is connecting through 'ssh' before
>>>> sudo
>>>> >
>>>> >> ansible-playbook -i localhost install.yml --user=$USER
>>>> >> --extra-vars="ssh_user=$USER" --ask-sudo-pass
>>>> >
>>>> > Currently i'm creating the the variable ssh_user as a work around...
>>>> so I
>>>> > can then pass it to a template.
>>>> >
>>>> > # install.yml would be something like...
>>>> >>
>>>> >> - name render php-fpm file
>>>> >> sudo: yes
>>>> >> task:
>>>> >> - template: src=php-fpm.j2
>>>> >> dest=/etc/php/php-fpm/pool.d/pool-${ssh_user}.conf
>>>> >
>>>> >
>>>> > # php-fpm.j2 would be something like
>>>> >>
>>>> >> [pool-{{ ssh_user }}]
>>>> >> user = {{ ssh_user }}
>>>> >> group = {{ ssh_user }}
>>>> >
>>>> >
>>>> > is there a way to do the same thing but without creating an extra
>>>> variable
>>>> > for ssh_user?
>>>> >
>>>> >
>>>> > On Tuesday, 26 March 2013 18:46:18 UTC-4, Michael DeHaan wrote:
>>>> >>
>>>> >> He's suggesting a patch to the application to make this variable
>>>> >> available.
>>>> >>
>>>> >> Curious why the fact username isn't good enough though.
>>>> >>
>>>> >> On Tue, Mar 26, 2013 at 2:51 PM, Steve Weber <[email protected]>
>>>> wrote:
>>>> >> > thanks Mathieu but im not in a python file.. im in a playbook..
>>>> >> > Also im not trying to get the sudo user im trying to get the user
>>>> that
>>>> >> > is
>>>> >> > connecting to the host...
>>>> >> >
>>>> >> > here is some more background on the issue.
>>>> >> >
>>>> >> >
>>>> >> >>
>>>> >> >> [14:04] <s8weber> how do i access the ansible_ssh_user , or user
>>>> >> >> variable?
>>>> >> >> [14:05] <s8weber> I cant use ansible_user_id because my playbook
>>>> >> >> changes
>>>> >> >> to root
>>>> >> >> [14:06] <s8weber> I was able to do hacks passing the ssh username
>>>> like
>>>> >> >> extra-vars="default_ssh_user=$USER'
>>>> >> >> [14:06] <s8weber> or even under a top level playbook that
>>>> registers a
>>>> >> >> var
>>>> >> >> for echo "$USER"
>>>> >> >>
>>>> >> >> [14:07] <s8weber> but I dont want to do this task indirectly....
>>>> any
>>>> >> >> help?
>>>> >> >> [14:24] <ilj> s8weber, mm could you be a little more specific,
>>>> please?
>>>> >> >> [14:25] <ilj> s8weber, sounds like you want to control what user
>>>> >> >> ansible
>>>> >> >> uses to establish SSH connections?
>>>> >> >> [14:27] <s8weber> ilj: im trying render a template to a root
>>>> protected
>>>> >> >> file with the username of the ssh_user in the file.
>>>> >> >> [14:28] <s8weber> ilj: im trying to do this as directly as
>>>> possible.
>>>> >> >> so I
>>>> >> >> have a playbook that has sudo: yes and it renders a template to a
>>>> >> >> /etc/area
>>>> >> >> [14:28] <s8weber> ilj: in the templat im trying to include the
>>>> name of
>>>> >> >> the
>>>> >> >> user that started the ssh_connection
>>>> >> >> [14:29] <s8weber> ilj: I want to run the playbook like
>>>> ansible-playbook
>>>> >> >> -i
>>>> >> >> localhost render-template.yml -K
>>>> >> >> [14:30] <s8weber> ilk: or run like ansible-playbook -i localhost
>>>> >> >> render-template.yml --user=meme -K
>>>> >> >> [14:32] <s8weber> this seems to me something that would be common?
>>>> >> >> [14:33] <ilj> s8weber, one way to do this would be to set a
>>>> variable
>>>> >> >> for
>>>> >> >> user: in vars_files:, say sys_user, then use this variable for
>>>> user: in
>>>> >> >> a
>>>> >> >> playbook and template as {{ sys_user }}
>>>> >> >> [14:34] <ilj> s8weber, it's preconfigured obviously
>>>> >> >> [14:35] <s8weber> ily: im currently doing somthing like that but
>>>> yes
>>>> >> >> its
>>>> >> >> preconfigured and thats no good.
>>>> >> >> [14:37] <s8weber> ilj: ill kate a look at ohai/facter but I still
>>>> think
>>>> >> >> this var should be in core.
>>>> >> >> [14:38] <ilj> s8weber, as a dirty hack you could run shell:
>>>> command
>>>> >> >> where
>>>> >> >> you would use bash one-liner, like id + sed, to update your
>>>> template in
>>>> >> >> /etc/*
>>>> >> >> [14:38] <s8weber> ilj: in my group_vars, it would be nice to have
>>>> >> >> somthing
>>>> >> >> like this resolve user: $ssh_remote_user
>>>> >> >> [14:39] <ilj> s8weber, but yeah, it would be interesting to know
>>>> if it
>>>> >> >> is
>>>> >> >> possible to use ssh connection user name the way you want
>>>> >> >> [14:39] <s8weber> ilj: a hack already was to in a playbook with
>>>> sudo:
>>>> >> >> no
>>>> >> >> do a shell echo $USER and then register the var
>>>> >> >> [14:40] <ilj> or that
>>>> >> >> [14:40] <ilj> right
>>>> >> >> [14:40] <ilj> let's see if someone more knowledgeable weighs in
>>>> on this
>>>> >> >> question :)
>>>> >> >> [14:42] <s8weber> sometimes a shell call would look like ...
>>>> >> >> ansible-playbook -i localhost render-template.yml --user=meme
>>>> >> >> extra-vars="save_user=meme' -K
>>>> >> >> [14:43] <s8weber> that just seems ugly.
>>>> >> >> [14:44] <ilj> yeah, I'm not a fan on excessive use of command line
>>>> >> >> options
>>>> >> >> myself
>>>> >> >> [14:44] <ilj> I'd rather keep everything in the playbooks/vars
>>>> files
>>>> >> >> [14:44] <s8weber> ilj: and thats what im doing...
>>>> >> >> [14:45] <s8weber> thanks ilj, ill go bug the developer :)
>>>> >> >> [14:46] <ilj> s8weber, np man, it would be awesome if you let me
>>>> know
>>>> >> >> of
>>>> >> >> the solution you find (if any)
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > On Tuesday, 26 March 2013 14:31:36 UTC-4, Mathieu Guillaume wrote:
>>>> >> >>
>>>> >> >> The sudo_user could also be made accessible in the host vars with
>>>> (I
>>>> >> >> think, not tested):
>>>> >> >>
>>>> >> >> diff --git a/lib/ansible/playbook/play.py
>>>> >> >> b/lib/ansible/playbook/play.py
>>>> >> >> index e59912c..f1f94ea 100644
>>>> >> >> --- a/lib/ansible/playbook/play.py
>>>> >> >> +++ b/lib/ansible/playbook/play.py
>>>> >> >> @@ -94,6 +94,7 @@ class Play(object):
>>>> >> >> self.tags = []
>>>> >> >>
>>>> >> >> if self.sudo_user != 'root':
>>>> >> >> + self.vars['sudo_user'] = self.sudo_user
>>>> >> >> self.sudo = True
>>>> >> >>
>>>> >> >> # *************************************************
>>>> >> >>
>>>> >> >>
>>>> >> >>
>>>> >> >> On Tuesday, March 26, 2013 7:27:49 PM UTC+1, Mathieu Guillaume
>>>> wrote:
>>>> >> >>>
>>>> >> >>> At which point do you need this?
>>>> >> >>>
>>>> >> >>> If this is when the runner is executing the tasks on the
>>>> different
>>>> >> >>> hosts,
>>>> >> >>> I think it depends on the shell, but with bash I have a
>>>> $SUDO_USER
>>>> >> >>> variable.
>>>> >> >>> You should be able to access it in Ansible with $LOOKUP(env,
>>>> >> >>> SUDO_USER)
>>>> >> >>> (or something close to that, never used lookups myself).
>>>> >> >>>
>>>> >> >>>
>>>> >> >>> On Tuesday, March 26, 2013 7:15:48 PM UTC+1, Steve Weber wrote:
>>>> >> >>>>>
>>>> >> >>>>> [14:04] <s8weber> how do i access the ansible_ssh_user , or
>>>> user
>>>> >> >>>>> variable?
>>>> >> >>>>> [14:05] <s8weber> I cant use ansible_user_id because my
>>>> playbook
>>>> >> >>>>> changes to root
>>>> >> >>>>> [14:06] <s8weber> I was able to do hacks passing the ssh
>>>> username
>>>> >> >>>>> like
>>>> >> >>>>> extra-vars="default_ssh_user=$USER'
>>>> >> >>>>> [14:06] <s8weber> or even under a top level playbook that
>>>> registers
>>>> >> >>>>> a
>>>> >> >>>>> user var for echo "$USER"
>>>> >> >>>>> [14:07] <s8weber> but I dont want to do this task
>>>> indirectly.... any
>>>> >> >>>>> help?
>>>> >> >>>>
>>>> >> >>>>
>>>> >> >>>> -u REMOTE_USER, --user=REMOTE_USER
>>>> >> >>>> connect as this user (default=s8weber)
>>>> >> >>>>
>>>> >> >>>> I cant use $ansible_user_id in playbooks that sudo because the
>>>> user
>>>> >> >>>> is
>>>> >> >>>> /root/ not /s8weber/.
>>>> >> >>>>
>>>> >> >>>> How do I get the REMOTE_USER variable?
>>>> >> >>>>
>>>> >> >>>> thanks.
>>>> >> >
>>>> >> > --
>>>> >> > You received this message because you are subscribed to the Google
>>>> >> > Groups
>>>> >> > "Ansible Project" group.
>>>> >> > To unsubscribe from this group and stop receiving emails from it,
>>>> send
>>>> >> > an
>>>> >> > email to [email protected].
>>>> >> > For more options, visit https://groups.google.com/groups/opt_out.
>>>> >> >
>>>> >> >
>>>> >>
>>>> >>
>>>> >>
>>>> >> --
>>>> >> Michael DeHaan <[email protected]>
>>>> >> CTO, AnsibleWorks, Inc.
>>>> >> http://www.ansibleworks.com/
>>>> >
>>>> > --
>>>> > You received this message because you are subscribed to the Google
>>>> Groups
>>>> > "Ansible Project" group.
>>>> > To unsubscribe from this group and stop receiving emails from it,
>>>> send an
>>>> > email to [email protected] <javascript:>.
>>>> > For more options, visit https://groups.google.com/groups/opt_out.
>>>> >
>>>> >
>>>>
>>>>
>>>>
>>>> --
>>>> Michael DeHaan <[email protected] <javascript:>>
>>>> CTO, AnsibleWorks, Inc.
>>>> http://www.ansibleworks.com/
>>>>
>>>> --
>>>> You received this message because you are subscribed to a topic in the
>>>> Google Groups "Ansible Project" group.
>>>> To unsubscribe from this topic, visit
>>>> https://groups.google.com/d/topic/ansible-project/ETVSHYDJE_Y/unsubscribe?hl=en
>>>> .
>>>> To unsubscribe from this group and all its topics, send an email to
>>>> [email protected] <javascript:>.
>>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>>
>>>>
>>>>
>>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
