Problem:
Running Ansible roles via REX ignores become_user
We have roles that run various tasks as non root users.
Our Ansible roles are ran via the “Ansible Roles - Ansible Default” job template. Any task that contains become with become_user are being being ran as root.
We have the below host parameters:
remote_execution_ssh_user = rexuser
We have the below global settings:
SSH User: root
Effective User: root
Effective User Method: sudo
The same roles execute as expected when ran independently of Foreman Job Templates.
Expected outcome:
We expect Foreman to run the tasks using the become and become_user
Foreman and Proxy versions:
3.1.1.3
Foreman and Proxy plugin versions:
tfm-rubygem-smart_proxy_ansible-3.3.1-4
Distribution and version:
Red Hat 7.9
Other relevant data:
This is a test task ran inside an imported role
cat /etc/ansible/roles/testrole/tasks/main.yml
---
- name: Test Role
command: id
register: output
become: true
become_user: test01
- debug:
msg: "{{ output.stdout }}"
When executed, the id output shows as the root user, not test01 user:
ok: [myhost.mydomain] => {
"msg": "uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023"
}
How can we used become_user inside Ansible Roles when ran via Job Templates.