一、第一种方式。
(1)
[root@infra-jyallkv-tikv-pps-7 ~]# tail /etc/sudoers
## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now
## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
%sudo ALL=NOPASSWD:ALL
(2)
[root@infra-jyallkv-tikv-pps-7 ~]# usermod -a -G sudo ansible_shell #不用从ansible_shell在其它组中移除而添加到新的sudo中
[root@infra-jyallkv-tikv-pps-7 ~]# egrep -nri "sudo" /etc/gshadow
50:sudo:!::tool.ops,ops,dev-super,dba,cideploy,ansible_shell
看到ansible_shell已经加到sudo组中了,这样su - ansible_shell中然后再执行"sudo su - root"就可以了
二、
直接在/etc/sudoers添加(未验证)
%ansible_shell ALL=NOPASSWD:ALL