I am running a job/playbook (git source) from AWX GUI, but it keeps connecting over ssh to managed hosts as a root user.

In credentials I filled SSH PRIVATE KEY, USERNAME is blank and the default configuration /etc/ansible/ansible.cfg has not been changed, meaning default remote_user is commented out.

It is a standard AWX installation and there are no additional ansible.cfg files for awx user. My understanding is that when no user is specified, it should try to connect as current user, i.e. awx.

(ansible 2.9.6) (AWX 9.3.0)

Where did it pick the root user from?

Hi Karol,

If AWX is connecting to the remote server as “root” user then check whether you have set “ansible_user=root” or “ansible_ssh_user=root” either in Inventory Hosts/groups vars or in “Extra Variables” text box of the job template. Also, if you have project-specific ansible.cfg file try looking into it as well.

Regards,

Ompragash
Ansibler

Hello Ompragash.

This is the thing, there are no extra variables used, I did not set any user in Host/Groups and do not have additional ansible.cfg.

In debugging mode, it says it takes default cfg from /etc/ansible/ansible.cfg and in there is remote_user = root line commented out.
When I specify USERNAME in Credentials it takes this specified user as it should, but when I leave it blank it is connecting as root, I cannot figure it out why is it so…

pi 29. 5. 2020 o 11:26 Ompragash <om.sandhiya@gmail.com> napísal(a):

Hi Karol,

If no user is specified in inventory host/group vars or in extra vars or even in Credentials then Ansible will use “root” user which is also called out in the ansible.cfg file as you can see below. So it is an expected ansible behaviour.

Thank you for your response.

I have noticed that earlier, but:

default user to use for playbooks if user is not specified

# (/usr/bin/ansible will use current user as default) << THIS
#remote_user = root

The remote_user is commented out, plus it says that the current user will be used.
And this works exactly as described when I run ansible playbooks from server (not from AWX)

Only when I run job from AWX it always picks root user, even when I comment out remote_user and change it to another user!

I would expect to pick the remote_user form ansible.cfg if it is specified or if the user is not specified

it should be the current user.

Which means the user that is logged in to AWX and running the playbook or the awx user or whatever user under which AWX is running…
But the behavior I am seeing now does not make any sense to me…

pi 29. 5. 2020 o 13:30 Ompragash <om.sandhiya@gmail.com> napísal(a):

Hello,

Why dont you create a credential (machine type) within AWX and use that in the Job Templates? I think it’s the AWX way of using multiple users and credentials (ssh key, passwords, etc…) within AWX.

Regards

Hello Nuno.

Thank you for your reply.
I do have credentials created - using ssh private key and no username specified.

My concern is why AWX is using root user, when I did not fill in any username.

Where did it come from?

so 30. 5. 2020 o 21:15 Nuno Jordão <nuno.jordao@gmail.com> napísal(a):