Background: Virtual Private Server

I have a virtual private server that I'm looking to host multiple websites on, and provide access to another web developer. I don't care about putting too many constraints on him, though I wouldn't mind isolating the site that he'll be developing from other sites on the server that I will develop.

The problem: retain control

Mainly what I want is to make sure that I retain control over the server in the future. I want to reserve the ability to create/promote/demote and other administrative functions that don't deal with web software. If I make him an admin, he can sudo su - and become root and remove root control from me, for example.

I need him not to be able to:

• take away other admin permissions
• change the root password
• have control over other security/administrative functions

I would like him to still be able to:

• install software (through apt-get)
• restart apache
• access mysql
• configure mysql/apache
• reboot
• edit web development configuration type files in /etc/

Other Standard Setups would be happily considered

I've never really set up a good sudoers file, so simple example setups would be very useful, even if they're only somewhat similar to the settings that I'm hoping for above.

Edit: I have not yet finalized permissions, standard, useful sudo setups are certainly an option, the lists above are more what I'm hoping I can do, I don't know that that setup can be done.