Note that if you are using ssh transport (not sure about Paramiko), and you have a matching host in ssh_config with a User line, that will be used.
So given that ~you/.ssh/config contains Host myhost User root and you invoke the following as you… ansible myhost -a whoami …Ansible will connect as root On 21 January 2015 at 21:28, Stuart Budd <[email protected]> wrote: > Got it. > > Thank you tkuratomi for the very informative answer. > Cheers > > > > > On Wednesday, 21 January 2015 16:25:06 UTC, Stuart Budd wrote: >> >> I do not understand how this example works for user *foo* >> >> If I have not stated the user account to use for the ssh connection >> within the command line using: *ansible_ssh_user=foo* >> or the Ansible host file: * /etc/ansible/hosts* >> >> Is the current user account used as the ssh connection to a remote server >> if not specified on the command line or within the file*: >> /etc/ansible/hosts* ? >> >> If so, does the logic for which user account to use for the ssh >> connection go like this: >> >> Use the current user account, unless specified in the command line using >> command: * ansible_ssh_user=foo* >> and if not specified in the * /etc/ansible/hosts* file as: >> * ansible_ssh_user=foo* >> >> Ansible Local Server Remote server >> *local-01* * remote-01* >> --------------------------- -------------------- >> Local User foo --> ssh --> Remote user foo >> >> So in this example: >> (1) Local user running */usr/bin/ansible* is *foo* >> (2) Remote user is an account on the remote box *remote-01 *which is >> also named foo >> (3) sudoing will sudo to the remote account foo. Which as you say is a >> no-op. >> >> >> *Server local-01* >> [root@local-01 /]# *grep sudo_user /etc/ansible/ansible.cfg* >> sudo_user = root >> [root@local-01 /]# *cat /etc/ansible/hosts* >> [servers] >> remote-01 >> [root@local-01 /]# >> >> >> Ansible command >> [root@local-01 ~]# *su - foo* >> [foo@local-01 ~]$ *ssh foo@remote-01 whoami* >> foo >> [foo@local-01 ~]$ *ansible remote-01 -m command -a "whoami"* >> >> *remote-01 | success | rc=0 >>foo* >> [foo@local-01 ~]$ >> >> >> Question >> How does the above Ansible command work if I have not specified the user >> account for the SSH connection or the local user account either within >> the command line, * /etc/ansible/ansible.cfg* or within the file* >> /etc/ansible/hosts* ? >> >> Is this not the function of the parameters *ansible_ssh_user *and >> *ansible_sudo_user* ? >> >> Should I not need to specify this: * ansible_ssh_user=foo* ? >> Even if I do not need this: * ansible_sudo_user=foo* ? >> >> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/dd4acdd0-fd8c-432d-8b71-7ba6b9d6b08e%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/dd4acdd0-fd8c-432d-8b71-7ba6b9d6b08e%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAAnNz0MsPWGmPj8E71TD2qiV7vvdnHdZqhEpORJ%2BcRX5JT4mPw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
