Comment 1 for bug 1219644

The attached branch is a WIP with the changes on the Online Accounts part.

I added the apparmor-easyprof-ubuntu project to the bug because I think we'll need some changes there:

- There should be a way to specify an apparmor policy file for an account plugin, in the manifest file. This policy will typically contain the "accounts" policy, and then often also the "networking" and "webview" policies; but I'd rather let the developer explicitly declare all of the needed policies.

- The account plugin should have access to a unix socket: /run/user/<user-id>/online-accounts-ui/ui-<random-number>
  This is probably not really necessary with the current WIP code, since we call aa_change_profile() after connecting to that socket; we'll understand this better when we can test the whole thing.

- The account plugin should be able to send method calls on this D-Bus service (on the session bus):
  service=com.google.code.AccountsSSO.Accounts.Manager
  path=/com/google/code/AccountsSSO/Accounts/Manager
  interface=com.google.code.AccountsSSO.Accounts.Manager
  (the service then will itself check the apparmor label of the peer and decide whether to process the request or not)