Support for minimising required privileges when activating target machine

[hauleth]

Currently activation script will be ran using its full path, which mean, that there is no feasible way to limit what script can be ran by sudo using sudoers file. It would be interesting to somehow support activating machine without such requirement, as passwordless sudo for some user may be non-safe.

Possible solutions I see are:

• symlinking activation script to some fixed and known location, however that opens possibility for attacker to symlink anything to that location and then ran it however they want
• running additional daemon that will accept the path and will run activation script after validating user permissions, however that causes chicken-egg problem

My goal there would be to allow user to run activation script with higher privileges, but only activation script.