RFE: lift root requirements for some bootc commands

[mrguitar]

Feel free to push back on this, but there are a number of rpm-ostree commands that can be run w/o sudo access. rpm-ostree status is what comes to mind. I believe we have policykit (or something like that!) to enable certain commands from non-privileged users. It would be nice if we could do the same for bootc.

I think we want any user w/ shell access to be able to querry:

$ bootc status
ERROR Status: Querying root privilege: This command requires root privileges

Thoughts?

[cgwalters]

Yeah, this one is a bit harder as it heavily intersects with #2 which is a big change.

An issue with rpm-ostree in general is I think not all use cases will want to necessarily make the system state accessible to unprivileged users - especially as we're likely to expand what data is there.

My offhand instinct here is the easiest thing would be:

• Add a bootc-readonly-unprivileged.{path,service} unit that, when enabled, monitors for changes in e.g. /ostree (for which we bump the mtime on changes) and basically just does bootc status --json > /run/bootc/status.json that is world-readable
• Teach bootc status when run unprivileged to just parse that JSON

Obviously whether it's enabled by default would be an important property. I could get behind it being on by default upstream.