[Ansible Project] how to get the logged in username

Archives Ansible Project
1

Hi All,

I searched a quite but could able to find what I wanted
Could any pls suggest me how to get the Username in the host machine. In Linux if I run the below command I get what I suppose to get but don’t know how to do it ansible. Any code Ansible or python would be helpful

Fin Linux:
**X1234@hostname$**su -
**root@hostname#**who am i
x1234 pts/2 2023-07-29 (vxj-cyx@domain.com)

My getuser.yml:

  • debug: {{ lookup(‘env’, ‘USER’) }}
    delegate_to: localhost

  • local_action: command whoami
    register: user_name

root@hostname# ansible-playbook getuser.yml
Both returning me root. I wanted to have X1234 user instead. I want use that user ID in my from address in mail module. Any insight would be very helpfu.

Regards

2

Hi Prady,

You are running the playbook as root that is why the playbook is returning ‘root’. If you need a particular user then you may want to run the playbook using that user.
For example -

# whoami
akasurde

# ansible-playbook user.yml -v
PLAY [localhost] *************************************************************************

TASK [debug] *****************************************************************************
ok: [localhost] => {
"msg": "akasurde"
}

TASK [command] ***************************************************************************
changed: [localhost] => {"changed": true, "cmd": ["who", "am", "I"], "delta": "0:00:00.009702", "end": "2023-07-28 20:48:00.637555", "msg": "", "rc": 0, "start": "2023-07-28 20:48:00.627853", "stderr": "", "stderr_lines": [], "stdout": "akasurde 28 Jul 20:48 ", "stdout_lines": ["akasurde 28 Jul 20:48 "]}

PLAY RECAP *******************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

You can use become and become_user for escalating the privileges mentioned in https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html#become-directives

3

Thank you for your kind reply. Yes that’s what my guess also.
As there are many user who run the ansible so it unpractical to change it for all the user. I wanted to get the user details in runtime …

Regards
Prady

4

Without knowing your effective ansible config — i.e. the ansible.cfg it’s using, the environment variables that can override those settings, and command line parameters that can override everything else — it’s impossible to say. Factors include “become”, “become-user”, “become-method”, “ask-pass”, “ask-become-pass”, and probably more.

Are you gathering facts? Ansible does gather facts by default, so if you aren’t turning that off somewhere, you can use the variables containing user related facts. For example:

$ ansible localhost -m gather_facts | grep ansible_user
        "ansible_user_dir": "/home/utoddl",
        "ansible_user_gecos": "Todd Lewis",
        "ansible_user_gid": 12428,
        "ansible_user_id": "utoddl",
        "ansible_user_shell": "/bin/bash",
        "ansible_user_uid": 12428,
        "ansible_userspace_architecture": "x86_64",
        "ansible_userspace_bits": "64",

Not an Ansible thing, but: Do Not Use “who am i” for this. That’s the same a “who -m”, which shows you the user associated with the stdin stream, but only if that user is logged in AND only if the stdin stream exists and has an associated user. There’s a whole lot of subtle going on there that we don’t want to get into in an Ansible forum. The reason your “su -” followed by “who am i” is showing your id rather than root is (probably) because it’s your id associated with the tty you logged into. But that’s going to be different for Ansible, depending on how your controller connects to the target hosts, including localhost.

I gave you the python code yesterday. It’s dead simple:

import os
import pwd
userid = pwd.getpwuid(os.getuid())[0]

But if you’re gathering facts, just use the ansible_user_id variable.

If that’s “root”, and that appears to be the case, then you’ll need to understand how your controller is connecting to the target hosts. My guess is you’ll eventually need to pass the invoking user’s id as an extra variable (“-e invoking_user=${USER}”) when invoking ansible-playbook. Maybe consider a wrapper script?

5

Hi Todd,

Yeah if we pass who with any arguments it remains the same. I read it some other forum.

I tried with the python code as well as ansible_user_id both returns the same “root”. Since I m running the playbook from root user after su -.
As you suggested we need to check how we can capture the userid who run the playbook from Ansible tower.

Regards
Prady

6

If users are launching this job through Ansible tower (AWX), and not from a schedule, then you can probably get their user name through the variable “awx_user_name”.
There are additional variables specific to AWX. See “{{ lookup(‘ansible.builtin.varnames’, ‘^awx_.+’) }}” to get their names. I’m seeing “awx_inventory_id”, “awx_inventory_name”, “awx_job_id”, “awx_job_launch_type”, “awx_job_template_id”, “awx_job_template_name”, “awx_project_revision”, “awx_project_scm_branch”, “awx_user_email”, “awx_user_first_name”, “awx_user_id”, “awx_user_last_name”, and “awx_user_name”.

7

Thank you again… you are so kind …It helped a lot…yes we orchestrate servers through Tower…Still a novice in Tower …

I went through this link there they suggested to use
tower_user_id

https://groups.google.com/g/ansible-project/c/YQ_r9UaS-uw

Regards