How do I get a variable with the name of the user running ansible?

85
votes

I'm scripting a deployment process that takes the name of the user running the ansible script (e.g. tlau) and creates a deployment directory on the remote system based on that username and the current date/time (e.g. tlau-deploy-2014-10-15-16:52).

You would think this is available in ansible facts (e.g. LOGNAME or SUDO_USER), but those are all set to either "root" or the deployment id being used to ssh into the remote system. None of those contain the local user, the one who is currently running the ansible process.

How can I script getting the name of the user running the ansible process and use it in my playbook?

6
variablesansible

6 Answers

81
votes

If you mean the username on the host system, there are two options:

You can run a local action (which runs on the host machine rather than the target machine):

- name: get the username running the deploy
  become: false
  local_action: command whoami
  register: username_on_the_host

- debug: var=username_on_the_host

In this example, the output of the whoami command is registered in a variable called "username_on_the_host", and the username will be contained in username_on_the_host.stdout.

(the debug task is not required here, it just demonstrates the content of the variable)

The second options is to use a "lookup plugin":

{{ lookup('env', 'USER') }}

Read about lookup plugins here: docs.ansible.com/ansible/playbooks_lookups.html

120
votes

If you gather_facts, which is enabled by default for playbooks, there is a built-in variable that is set called ansible_user_id that provides the user name that the tasks are being run as. You can then use this variable in other tasks or templates with {{ ansible_user_id }}. This would save you the step of running a task to register that variable.

See: https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variables-discovered-from-systems-facts

51
votes

I put something like the following in all templates:

# Placed here by {{ lookup('env','USER') }} using Ansible, {{ ansible_date_time.date }}.

When templated over it shows up as:

# Placed here by staylorx using Ansible, 2017-01-11.

If I use {{ ansible_user_id }} and I've become root then that variable indicates "root", not what I want most of the time.

3
votes

This reads the user name from the remote system, because it is not guaranteed, that the user names on the local and the remote system are the same. It is possible to change the name in the SSH configuration.

- name: Run whoami without become.
  command: whoami
  changed_when: false
  become: false
  register: whoami

- name: Set a fact with the user name.
  set_fact:
    login_user: "{{ whoami.stdout }}"
0
votes

if you want to get the user who run the template in ansible tower you could use this var {{tower_user_name}} in your playbook but it´s only defined on manually executions

tower_user_name :The user name of the Tower user that started this job. This is not available for callback or scheduled jobs.

check this docs https://docs.ansible.com/ansible-tower/latest/html/userguide/job_templates.html

0
votes

This seems to work for me (ansible 2.9.12):

- name: get the non root remote user
  set_fact:
    remote_regular_user: "{{ ansible_env.SUDO_USER or ansible_user_id }}"

You can also simply set this as a variable - e.g. in your group_vars/all.yml:

remote_regular_user: "{{ ansible_env.SUDO_USER or ansible_user_id }}"