我如何得到一个变量的名称与用户运行可视？

小开

最佳答案

If you mean the username on the host system, there are two options:

You can run a local action (which runs on the host machine rather than the target machine):

- name: get the username running the deploy
become: false
local_action: command whoami
register: username_on_the_host


- debug: var=username_on_the_host

In this example, the output of the whoami command is registered in a variable called "username_on_the_host", and the username will be contained in username_on_the_host.stdout.

(the debug task is not required here, it just demonstrates the content of the variable)

The second options is to use a "lookup plugin":

\{\{ lookup('env', 'USER') }}

Read about lookup plugins here: docs.ansible.com/ansible/playbooks_lookups.html

小开

If you gather_facts, which is enabled by default for playbooks, there is a built-in variable that is set called ansible_user_id that provides the user name that the tasks are being run as. You can then use this variable in other tasks or templates with \{\{ ansible_user_id }}. This would save you the step of running a task to register that variable.

See: https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variables-discovered-from-systems-facts

小开

I put something like the following in all templates:

# Placed here by \{\{ lookup('env','USER') }} using Ansible, \{\{ ansible_date_time.date }}.

When templated over it shows up as:

# Placed here by staylorx using Ansible, 2017-01-11.

If I use \{\{ ansible_user_id }} and I've become root then that variable indicates "root", not what I want most of the time.

小开

This reads the user name from the remote system, because it is not guaranteed, that the user names on the local and the remote system are the same. It is possible to change the name in the SSH configuration.

- name: Run whoami without become.
command: whoami
changed_when: false
become: false
register: whoami


- name: Set a fact with the user name.
set_fact:
login_user: "\{\{ whoami.stdout }}"

小开

if you want to get the user who run the template in ansible tower you could use this var \{\{tower_user_name}} in your playbook but it´s only defined on manually executions

tower_user_name :The user name of the Tower user that started this job. This is not available for callback or scheduled jobs.

check this docs https://docs.ansible.com/ansible-tower/latest/html/userguide/job_templates.html

小开

This seems to work for me (ansible 2.9.12):

- name: get the non root remote user
set_fact:
remote_regular_user: "\{\{ ansible_env.SUDO_USER or ansible_user_id }}"

You can also simply set this as a variable - e.g. in your group_vars/all.yml:

remote_regular_user: "\{\{ ansible_env.SUDO_USER or ansible_user_id }}"

小开

When you use the "become" option to launch Ansible or run a task, the logged in user will change to the user you are changing to (typically root). To get the name of the original user used to log in to the remote host with (ie: before escalating) you can use the ansible_user special variable. In addition, if you want to gather facts for a specific user other than the one currently running a task, you can use the user built-in module by doing something like this:

- user
name: "username"
register: user_data

Now the user_data fact contains a bunch of useful information about that user, including their uid, gid, home folder, and a bunch of other stuff. See the return value for this task in the docs for details. Using this technique, you can get details about the original user Ansible was launched with by doing something like this:

- user
name: "\{\{ ansible_user }}"
register: user_data

Conversely, if all you want is the name of the active user that is running a specific task (ie: which accounts for any user-switches that occur with the "become" operation) you can use the ansible_user_id fact instead.