I use su
I have sudo installed, but I never bothered to configure it.

Shouldn't you use kdesu or gksu for that?

I very rarely use sudo, particularly in some scripts launched from a normal user console.

David

I like ktsuss as a lightweight replacement for kdesu. :)

I rarely use su. My sudo was compiled to allow non-password use by myself as a member of group root. If I need to make large changes I will sudo to init 3, log in as root, and proceed to do the work needed from the ASCII console. Otherwise it's sudo to burn, sudo to read restricted files, etc.; any time I am restricted as a user from doing what I then wish to do in a "normal" functional manner.
Any time temporary root privileges are sufficient to do what I want, the rational restrictions of sudo are my safe way to use root. I figure if you need the graphic terminal to do what you want done, sudo is the preferred application to gain root; su is overkill, and VERY dangerous in a graphics environment. It's so easy to get it wrong.

ditto on that for me. So I had to vote that I used it. With a password required, I'm the only user but didn't want to forget what I actually was opening up :)

As others have said, the point of sudo is to enable users other than root to run certain, SPECIFIC commands. The way I do it is to allow un/mounting and shutdown for all users without a password, but then to have sudo require a password to run other commands, but to still run them.

Here's the way to do it:
http://www.ducea.com/2006/06/18/linu...sswd-nopasswd/

With sudo you can specify every & each command allowed per user and / or per group, requiring or not the users password to confirm.

I am not a big fan of sudo, as it might create security holes and I *HATE* configurations where ALL users can execute ALL commands on ALL hosts just by using sudo. If you set up your system like this you might as well let everybody log in as root.

In some situations, you will need sudo.
Sometimes you need to allow users to execute some commands in a shell script and without typing passwords. In this case, I think it's best to specify the full command with parameters in sudoers (like "killall xxxx", not just "killall") so that permissions are as limited as possible.
I also prefer to allow groups to execute commands, not users, but this goes for most system administration tasks.

For instance, if you need users of department "xyz" to execute a "killall abc" command, put them in a group like "dept_xyz" and give permission to this group to execute "killall abc" - not to ALL users and not the "killall" command in general.

Used with caution sudo can be an ally, without, it can become your grave.

you don't really need to be root for burning disks. For e.g. in k3b you can specify a group that has privileges to burn discs and include your username as memeber of that group.

I agree, if you choose to use sudo, make sure to configure it properly, otherwise it could do exactly the opposite of what you want ... make your system less secure ... I think this is what they've do with it in Ubuntu.

Same goes for SELinux. If you don't configure it properly you can seriously mess up your system.

Moral: If you're looking to make your system more secure, make sure you configure the tools you are using properly or you may be doing the opposite.

For some tasks I use su and for some I use sudo.

When I want to start root’s session in terminal or xterm I use “su -”.

When I want to run as root some graphical application I use “su”. It’s possible because I set in my .xinitrc the command “xhost `hostname`”:

$ cat ~/.xinitrc
In /etc/sudoers I registered a bunch of commands concerning killing, halting, mounting, and printing. I took into consideration two groups of users: having full access to these commands and having partial access to them:

# cat /etc/sudoers
As you see john has full access to all these commands and mary have to use password for killing, halting, and mounting commands.

To make usage of sudo painless I put in my .bashrc a bunch of aliases:

$ cat ~/.bashrc
To start and stop PPPOE I still use commands “su -c /usr/sbin/pppoe-start” and “su -c /usr/sbin/pppoe-stop”. It’s good idea to put them in /etc/sudoers and ~/.bashrc to make things easier.