Code review comment for lp:~xavi-garcia-mena/mediascanner2/ms-dbus-wal

Now we need to do the AppArmor bits and for that we need Jamie's help, so I subscribed him.

What we are trying to do here is the following:

Currently users of Mediascanner (media scopes and music-app) have read-only access to Mediascanner's media storage dir ~/.cache/mediascanner-2.0. This MR changes it so that they no longer may access the file directly, instead they call a small dbus server binary instead.

This means that we need the following Apparmor changes:

- remove read access from existing users
- grant them access to the dbus server instead
- create new daemon that is allowed to own the service name and has r/w access to the media directory

Does this seem like a suitable approach, security-wise?