016_把普通用戶免秘鑰加入root用戶的幾種方式
一、第一種方式。
(1)
[root@infra-jyallkv-tikv-pps-7 ~]# tail /etc/sudoers
## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now
## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
%sudo ALL=NOPASSWD:ALL
(2)
[root@infra-jyallkv-tikv-pps-7 ~]# usermod -a -G sudo ansible_shell #不用從ansible_shell在其它組中移除而添加到新的sudo中
[root@infra-jyallkv-tikv-pps-7 ~]# egrep -nri "sudo" /etc/gshadow
50:sudo:!::tool.ops,ops,dev-super,dba,cideploy,ansible_shell
看到ansible_shell已經加到sudo組中了,這樣su - ansible_shell中然後再執行"sudo su - root"就可以了
二、
直接在/etc/sudoers添加(未驗證)
%ansible_shell ALL=NOPASSWD:ALL
016_把普通用戶免秘鑰加入root用戶的幾種方式