Ansible is a very flexible automation tool. It can be used for a wide range of system administration task and also infrastructure administration task.
Many a times, for application administrators, there is a requirement to sudo to a different user specific to an application. The application or user may need to pull in information from the bashrc or bash_profile to execute certain tasks.
To make Ansible run as a different user, we use become_user. However, this doesn’t necessarily pull in all the information. To make Ansible read the data from the new user’s profile we should make use of the become_flag. The syntax can be written this way
tasks: - include_role: name: role-name apply: become: yes become_user: user-name become_flags: -i
The above example syntax shows how a role can be given become privileges and along with loading the values from .bashrc or .bash_profile. The step is equivalent to running the command in bash :
sudo -u user-name -i
Leave a Reply