Try to configure runners as no-provileged (or try to onfigure them with less privileged as possible)

So far, what we know is needed:

• Ability to mount (CAP_SYS_ADMIN)
• Ability to create namespaces (some syscalls necessary are blocked by default seccomp policy)
• KVM access (without it VM's are really slow)