remote_user is declared in playbook file and ansible_user is declared in inventory file. Which user is used to run playbook file?
become: true and remote_user always go tother?
remote_user is declared in playbook file and ansible_user is declared in inventory file. Which user is used to run playbook file?
Variables take precedence over playbook keywords, see Controlling how Ansible behaves: precedence rules — Ansible Documentation.
If a connection plugin accepts multiple variables (or multiple cli/ini/env options), for example, the ssh connection uses the variables ansible_ssh_user
or ansible_user
, whichever is listed last has higher priority.
Given that, the configuration options for the ssh remote_user
option ansible.builtin.ssh connection – connect via SSH client binary — Ansible Documentation have the precedence (lowest to highest):
- INI entry:
[defaults] remote_user = VALUE
- Environment variable:
ANSIBLE_REMOTE_USER
- CLI argument: --user
- Keyword: remote_user
- Variable: ansible_user
- Variable: ansible_ssh_user
become: true and remote_user always go tother?
This would depend on the become plugin., but at least for the ansible.builtin
become plugins, none of them use the remote_user
keyword.
Use ansible-doc --list -t become
to list become plugins, and ansible-doc -t ansible.builtin.sudo
to see the options for the specific plugin.
In the case of the ansible.builtin.sudo
plugin (it is the default), it has the option:
... snip for brevity ...
- become_user
User you 'become' to execute the task
set_via:
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_SUDO_USER
ini:
- key: become_user
section: privilege_escalation
- key: user
section: sudo_become_plugin
keyword:
- name: become_user
vars:
- name: ansible_become_user
- name: ansible_sudo_user
default: root
In the order of lowest to highest priority:
- INI entry:
[privilege_escalation] become_user = VALUE
- INI entry:
[sudo_become_plugin] user = VALUE
- Environment variable: ANSIBLE_BECOME_USER
- Environment variable: ANSIBLE_SUDO_USER
- Playbook keyword: become_user
- Variable: ansible_become_user
- Variable: ansible_sudo_user