Hello Ansible experts, your help is requested on this small script. --- - name: . . .

Hello Ansible experts, your help is requested on this small script.

  • name: ‘hosts’
    hosts: all
    become: yes
    • name: ‘Execute a script’
      script: ‘install_script.sh’

Currently my user-id = student1 and execute the above program on server1
Manually, I can “ssh sudent1@server99” without any passwords (with ssl keys) and “sudo su - teacher1”

I want the above script statement to run as ID = teacher1 on server99
In other words, I want to connect as Student1 but run all tasks as teacher1
I guess I have to use the following but not successful
become_user: teacher1
become_method: su
in ansible,cfg file, I tried using become_exe=‘sudo su -’
============== below is from ansible documentation ================
For example, if you want to run all tasks as root on a server named webserver, but you can only connect as the manager user, you could use an inventory entry like this:

webserver ansible_user=manager ansible_become=yes


Al West:
So become method should be sudo - this is that the user is checked so see if they can run commands (or certain commands) as root.

# playbook.yml
- name: 'Become'
  become: true
  become_method: sudo
  become_user: teacher1
  hosts: all
  gather_facts: False

    - name: Run whoami
        cmd: 'whoami'
      register: who

    - name: Print who I am
        msg: "{{ who.stdout }}"

al@CORSAIRONE:~/kodekloud/ansible-become$ ansible-playbook -i tiny, playbook.yaml -K
BECOME password:

PLAY [Become] ***************************************************************************************
TASK [Run whoami] ***********************************************************************************
changed: [tiny]

TASK [Print who I am] *******************************************************************************
ok: [tiny] => {
    "msg": "teacher1"

PLAY RECAP ******************************************************************************************
tiny                       : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Thanks. it worked for whoamI command as it looked for command in /bin/sh. But other commands that teacher1 can find in its path, it could not execute saying “stderr:”/bin/sh: db2level: not found." Means, it could source profile of teacher1. Could you kindly help me to achieve this? Thanks in advance.

Al West:
You can specify the full path, or add your cmd to the paths being search already.

Al West:
also I think you might be able to use this cmd: 'bash -ilc "db2level"'

Thank you,. cmd: bash -ilc worked. Is there anyway to avoid this bash -ilc? The reason is , I will be writing many tasks and for every cmd, I have to use bash -ilc. When I could manually “ssh as ID student1” and “sudo su - teacher1” , the whole PATH and environment variables are available. I am trying to explore equivalent code in yaml. I guess, “become_method: sudo” is not exactly equival to “sudo su - teacher1”.

Al West:
If you have multiple commands put them into a shell script, upload it and execute it.

Thank you. That would do it.