How can I configure sudo to only allow "jdoe" to do anything he wants, but only as "jdoe" and not as "root".

I want to give root access to a select few. I don't mind them having root privs, but I want it logged so whatever is logged should show up under their name and not root. How can I do this?

I did try to just give access to /bin/sh , but once i do a "sudo sh" it will give a root shell. I want to be able to stop all ways of having a root shell so all activity is logged.

Effectively "sudo" runs the programs with root privileges, that's the point of using it. Restrict the usage of sudo to only those few exact commands you need and nothing else; the configuration is done in the /etc/sudoers file. I don't think it's possible, with sudo, to run programs that need root privileges as a regular user, because effectively the regular user seems to be root during the time the program is executed (meaning that the user gets granted root privileges for that action). That's very unclearly said, but I hope you understand.

You could probably wrap the command(s) into a script that the regular user can run, and the script runs the commands and possibly logs something. That's one way you can do it, but maybe others can give better ideas..

You probably want to go down the chroot line rather than using sudo.