Ansible中成为和成为_用户之间的区别 [英] Difference between become and become_user in Ansible
问题描述
最近,我开始研究Ansible并编写自己的剧本.但是,我很难理解become
和become_user
之间的区别.
据我了解,become_user
与su <username>
类似,并且become
表示类似sudo su
或以sudo用户身份执行所有命令"之类的东西.但是有时这两个指令是混杂的.
Recently I started digging into Ansible and writing my own playbooks. However, I have a troubles with understanding difference between become
and become_user
.
As I understand it become_user
is something similar to su <username>
, and become
means something like sudo su
or "perform all commands as a sudo user". But sometimes these two directives are mixed.
您能解释一下它们的正确含义吗?
Could you explain the correct meaning of them?
推荐答案
become_user
定义用于特权升级.
become
只是一个用于激活或停用它的标志.
become
simply is a flag to either activate or deactivate the same.
这里有三个例子应该清楚说明:
Here are three examples which should make it clear:
-
此任务将以
root
的身份执行,因为root
是特权升级的默认用户:
This task will be executed as
root
, becauseroot
is the default user for privilege escalation:
- do: something
become: yes
此任务将以用户someone
的身份执行,因为用户被明确设置:
This task will be executed as user someone
, because the user is explciitly set:
- do: something
become: yes
become_user: someone
此任务对become_user
不会执行任何操作,因为未设置become
且默认为false
/no
:
This task will not do anything with become_user
, because become
is not set and defaults to false
/no
:
- do: something
become_user: someone
...除非在更高级别上将``变得''设置为true
,否则块,剧本,组或主机变量等.
...unless become was set to true
on a higher level, e.g. a block, the playbook, group or host-vars etc.
以下是带有阻止的示例:
- become: yes
block:
- do: something
become_user: someone
- do: something
第一个以用户someone
的身份运行,第二个以root
的身份运行.
The first 1st is ran as user someone
, the 2nd as root
.
据我了解,begin_user与su相似,并且变为意味着类似于sudo su或以sudo用户身份执行所有命令".
As I understand it become_user is something similar to su , and become means something like sudo su or "perform all commands as a sudo user".
默认become_method
是sudo
,因此sudo do something
或sudo -u <become_user> do something
Fineprint:当然," do:某事"是伪代码.将实际的Ansible模块放在那里.
Fineprint: Of course "do: something" is pseudocode. Put you actual Ansible module there.
这篇关于Ansible中成为和成为_用户之间的区别的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!