ncm-symlink: use CAF::Process to execute commands

[jouvin]

ncm-symlink allows to specify commands whose output are used to build symlink target path. These commands are currently executed with qx (method expand_cmds). This should be replaced by CAF::Process. Also to limit the risk of using this feature for command injection, look if the command could be executed as nobody, restricting the commands used to those involving no modification or file writing... We could also require the full path of the command to be specified and for backward compatibility assume /usr/bin for the commands without a path.

[ned21]

+1 for comprehensive NoAction support in this component, not just the command execution part!

[jouvin]

See https://github.com/quattor/configuration-modules-core/issues/683