temporary root accounts and expiring them after a certain time

[brent harding <bharding greenbaynet com>]

		Is it possible to make an account that can do root functions that has a
temporary life that it eventually expires? I know you can do expiring
passwords, but how can you make the account disable for example after a
week or so? For example, if I had someone install DSL or something and the
provider uses unusual setups, and I need to give someone access to my
computer temporarily, how would I make it so their access terminates close
to after it's done to maintain security don't have permanent telnet access
to the main root login? I would probably want to have backups that aren't
close to the computer just to have something recoverable if one day I'd
come home and not have anything on my system because someone told a friend
a password that the friend shouldn't have access to. More accurately,
likely, I'd not want stale privileged accounts laying on the system that
are no longer needed for the task they were made for. What if I set the max
days for the password to exist lower than the minimum amount to change the
password? Will a user still be able to change the password if it's set to
expire before they are allowed to change it?