I hope somebody can help me as my experience with Linux is very limited.
I have a LAMP (Fedora 12) webserver to which I would like to give access to an external consultant. He needs to have pretty much unlimited access, but I would not like to give him the root password so I was thinking of doing the following:
- Create a user account to which I would give pretty much all permissions root has
- Create a log file which logs all keystrokes of such user so I can check nothing funny is bing done
- Ensure that such user cannot become root or in any way tamper with this log
As my experience is limited I would like to ask if what I have suggested makes sense (and if so, how to do this, I have no clue) or if there are better ways.