Use polkit with Tails Server

Originally created by @segfault on #12255 (Redmine)

Tails Server does a lot of things that require higher privileges. Currently, the backend is executed as root. We should consider running it as its own user, and write polkit actions and policies to allow privileged actions.

Actions that require higher privileges:
- apt update, apt install
- systemctl start/stop
- write to service config files (e.g. sshd_config)
- rw access to /var/lib/tor and /var/lib/tails
- copy to persistent volume
- mount —bind, umount

Parent Task: #5688 (closed)

Edited May 15, 2020 by segfault

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information