Background

I have a server that I'm looking to set up, and provide access to another web developer. I don't want to put many constraints on him, though I wouldn't mind isolating the site that he'll be developing from others on the server that I will develop.

The problem

Mainly what I want is to make sure that I retain control over the server in the future. I want to reserve the ability to create/promote/demote and other administrative functions that don't deal with web software. If I make him an admin, he can sudo su - and become root and remove root control from me, for example.

What is a good setup for the sudoers file so that he can do things like:

*install software (through apt-get) restart apache access mysql configure mysql/apache reboot edit web development configuration type files in /etc *

And can't do things like:

take away other admin permissions change the root password have control over other security/administrative functions

Example sudoer files that accomplish something like that could be useful, I'm sure that people have needed to do this before.