Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Edit current user's shell with ansible

Tags:

linux

bash

shell

ansible

system-administration

I'm trying to push my dot files and some personal configuration files to a server (I'm not root or sudoer). Ansible connects as my user in order to edit files in my home folder.

I'd like to set my default shell to usr/bin/fish. I am not allowed to edit /etc/passwd so

user:
  name: shaka
  shell: /usr/bin/fish

won't run.

I also checked the chsh command but the executable prompt for my password.

How could I change my shell on such machines ? (Debian 8, Ubuntu 16, Opensuse)

like image 265
hugoShaka Avatar asked Feb 15 '26 08:02

hugoShaka

2 Answers

I know this is old, but I wanted to post this in case anyone else comes back here looking for advise like I did:

If you're running local playbooks, you might not be specifying the user and expecting to change the shell of user you're running the playbook as.

The problem is that you can't change the shell without elevating the privileges (become: yes), but when you do - you're running things as root. Which just changes the shell of the root user. You can double check that this is the case by looking at /etc/passwd and seeing what the root shell is.

Here's my recipe for changing the shell of the user running the playbook:

- name: set up zsh for user
  hosts: localhost
  become: no
  vars:
    the_user: "{{ ansible_user_id }}"
  tasks:
    - name: change user shell to zsh 
      become: yes
      user:
        name: "{{ the_user }}"
        shell: /bin/zsh

This will set the variable the_user to the current running user, but will change the shell of that user using root.

like image 150
Shon Avatar answered Feb 18 '26 00:02

Shon

I ended up using two ansible modules :

  • ansible expect
  • ansible prompt

First I record my password with a prompt : 

vars_prompt:
  - name: "my_password"
    prompt: "Enter password"
    private: yes

And then I use the module expect to send the password to the chsh command :

tasks:
  - name: Case insensitve password string match
    expect:
      command: "chsh -s /usr/bin/fish"
      responses:
        (?i)password: "{{ my_password }}"
      creates: ".shell_is_fish"

The creates sets a lock file avoiding this task to be triggered again. This may be dangerous because the shell could be changed after and ansible will not update it (because of the lock still present). You may want to avoid this behaviour.

like image 36
hugoShaka Avatar answered Feb 18 '26 02:02

hugoShaka
Sign in to Comment

Related questions

Which vscode config files to restore on new system to duplicate setup?
How check fast, if database reachable? (Qt, QML, C++)- Linux
Allow Legacy Renegotiation for NodeJs
create a new environment variable in linux [openwrt]
List of all devices connected to a network [closed]
exec not found (because of the file descriptor)
How to use connector of mysql

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!