[yocto] best way to use sudo for a long running background process

[Davis Roman]

hello,

I have a daemon called powermanager running as the non-root user, power.

In /etc/sudoers.d/power, I have the following:
power ALL=(ALL) NOPASSWD: ALL

I know that the above statement essentially gives the powermanager
process root privileges
however, in the future, I'd like to have the option to enforce certain
commands/files not be used, if needed.
My understanding is that the sudoers file would be the place to place
these rules.
( ie: disable ability to open file /dev/foobar )

Therefore on startup, I configured my systemd service file to run as
the power user however I'm trying to figure out which is better:

1. launch this process as 'sudo powermanager'

or

2.  launch my process as just 'powermanager' and let the process deal
with invoking sudo when it needs to open files in /dev/


Any feedback would be greatly appreciated.

Thank you,

Davis