In “/etc/sudoers”
#allow user "user1" to become root via "sudo su -" user1 ALL=(ALL) NOPASSWD: ALL #allow user "nagios" to execute the script "check_fail2ban" with root privileges nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/check_fail2ban
Be aware of which binarys you allow for specific users, some of them can be abused to get a rootshell.