Because user session daemons have same uid/gid with applications,
include them in specific gids for checking privilege.
The security-manager will drop these groups from applications.
Change-Id: I1ed91e75cb605a4c6bffa604fe992ec995ff2845
TasksMax=infinity
Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%U/dbus/user_bus_socket
Capabilities=cap_mac_admin,cap_mac_override,cap_setgid=i
+SupplementaryGroups=priv_mediastorage priv_externalstorage priv_message_read priv_mapservice priv_network_get priv_internet
SecureBits=keep-caps