Run a handler as a different user

I have a handler that I wish to run as a different user to the user Ansible normal logs in as.

My playbooks execute with the “—become” flag so they run as root, but this particular task needs to run as the application user.

I’m my handlers/main.yaml , I’ve got the entry:

- name: Update Rancid RCS files
command: /usr/lib/rancid/bin/rancid-cvs
become_user: rancid
become: yes

But Ansible still tries to run the command as root. (The command refuses to run as root)

If I change the handler to:

- name: Update Rancid RCS files
action: command /usr/lib/rancid/bin/rancid-cvs
remote_user: rancid
become: no

And setup the necessary SSH keys, the command runs fine as the correct user.

What am I doing wrong that’s preventing the first method from working?

I’m running Ansible 2.1.1.0

Thank you,

GTG

The difference is that in the first case you are trying to login as your ‘normal’ user and then sudo/su to the rancid user and that does not seem to work.

The second will login as the rancid user and not use sudo/su at all.

Without any errors I can only speculate that why this works/doesn’t seems to be related to how your permissions are setup.

Running Ansible with verbose:

<mgmtsrv1> ESTABLISH SSH CONNECTION FOR USER: ansible
<mgmtsrv1> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/etc/ansible/ansible_rsa"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o ControlPath=/home/gr306/.ansible/cp/ansible-ssh-%h-%p-%r mgmtsrv1 '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-reldgrhxvqzvmhecqvgicikpadbwqkct; LANG=en_GB.UTF-8 LC_ALL=en_GB.UTF-8 LC_MESSAGES=en_GB.UTF-8 /usr/bin/python'"'"'"'"'"'"'"'"' && sleep 0'"'”’'

GTG