Remote_user is declared in playbook file and ansible_user is declared in inventory file

Get Help
1

remote_user is declared in playbook file and ansible_user is declared in inventory file. Which user is used to run playbook file?
become: true and remote_user always go tother?

2

remote_user is declared in playbook file and ansible_user is declared in inventory file. Which user is used to run playbook file?

Variables take precedence over playbook keywords, see Controlling how Ansible behaves: precedence rules — Ansible Documentation.

If a connection plugin accepts multiple variables (or multiple cli/ini/env options), for example, the ssh connection uses the variables ansible_ssh_user or ansible_user, whichever is listed last has higher priority.

Given that, the configuration options for the ssh remote_user option ansible.builtin.ssh connection – connect via SSH client binary — Ansible Documentation have the precedence (lowest to highest):

  • INI entry: [defaults] remote_user = VALUE
  • Environment variable: ANSIBLE_REMOTE_USER
  • CLI argument: --user
  • Keyword: remote_user
  • Variable: ansible_user
  • Variable: ansible_ssh_user

become: true and remote_user always go tother?

This would depend on the become plugin., but at least for the ansible.builtin become plugins, none of them use the remote_user keyword.

Use ansible-doc --list -t become to list become plugins, and ansible-doc -t ansible.builtin.sudo to see the options for the specific plugin.

In the case of the ansible.builtin.sudo plugin (it is the default), it has the option:

... snip for brevity ...
- become_user
        User you 'become' to execute the task
        set_via:
          env:
          - name: ANSIBLE_BECOME_USER
          - name: ANSIBLE_SUDO_USER
          ini:
          - key: become_user
            section: privilege_escalation
          - key: user
            section: sudo_become_plugin
          keyword:
          - name: become_user
          vars:
          - name: ansible_become_user
          - name: ansible_sudo_user
        default: root

In the order of lowest to highest priority:

  • INI entry: [privilege_escalation] become_user = VALUE
  • INI entry: [sudo_become_plugin] user = VALUE
  • Environment variable: ANSIBLE_BECOME_USER
  • Environment variable: ANSIBLE_SUDO_USER
  • Playbook keyword: become_user
  • Variable: ansible_become_user
  • Variable: ansible_sudo_user
1 Like