允许多个用户组无需密码即可“su”给多个其他用户

这里有一个很好的描述如何做到这一点：https://www.howtoing.com/switch-user-account-without-password/ 我测试成功了（Rocky Linux 9）。 PAM 相当……复杂（对我来说）。您还必须注意配置行在文件中的位置。当我的用户是 test_group 的成员时，我可以无需密码切换到 test_user

cat /etc/pam.d/su
#%PAM-1.0
auth        required    pam_env.so
auth        sufficient  pam_rootok.so
##### START 
auth       [success=ignore default=1] pam_succeed_if.so user = test_user
auth       sufficient   pam_succeed_if.so use_uid user ingroup test_group
##### END
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth       sufficient  pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth       required    pam_wheel.so use_uid
auth        substack    system-auth
auth        include     postlogin
account     sufficient  pam_succeed_if.so uid = 0 use_uid quiet
account     include     system-auth
password    include     system-auth
session     include     system-auth
session     include     postlogin
session     optional    pam_xauth.so

希望有帮助。