Is "sudo su -" considered a bad practice?

Let's look your cases:

 su -

will run a /bin/sh as the root user using the root environment. The root password is needed and logging MAY be logged depending on syslog settings (usually is by default to /var/log/auth.log).

 sudo /bin/sh

will run shell as the root user using the current set of environment variables (with some exceptions as would be defined in the sudoers file). The password is the source user password and NOT the root user password. sudo is usually logged.

 sudo su -

will run a shell (usually /bin/sh) as the root user setting up the environment as the root user. This will require the password of the source user and this will generally be logged.

Sometimes it is necessary to have the root environment over your own environment, thus su - is an appropriate method. Remember sudo will still log the use of the shell command in either case.

Tags:

Linux

Unix

Sudo

Su