Best practice non privilege postgres-user

Hi folks,

I'm looking for some kind of best practice for a non-privilege postgres
user. As not all operations can be done within psql you might need
access to postgres- on command line from time to time. Currently this is
done via root-privvileges and »su - postgres« directly on database
server - which is might not the best idea. Therefor our goal is to limit
access to a little number of people on the first hand and don't
necessary give them root-privileges on the databse server. We
experimented a bit with sudo but had issues with some of the
environmental variables. So my question is: do you have any best
practice how to manage this? Is there any golden rule for this?

Cheers,
Frank