Re: As seen above: use of su vs sudo
> I've long forgotten why, but I committed "sudo su -" to muscle memory
First, you execute sudo with target UID 0 (aka. root).
While doing that, sudo does all the fancy things for you, like setting or unsetting environments (eg SUDO_COMMAND, SUDO_UID, SUDO_USER) and check, if you will be granted to run $ANY_COMMAND or may be /bin/su with that target UID 0.
Next, with UID 0, you run /bin/su in order, to gain a login shell. Now '/bin/su -' runs the login process stripping all the things set before off. Just to run /bin/sh at the end.
You could have run 'sudo -c /bin/sh'.
In reality, 'sudo -i [-u TARGET_USER]' is your friend. Always.