Move $XDG_RUNTIME_DIR/flatpak-info to /.flatpak-info and make it read-only

The old location keeps working because we create a symlink.

The interesting part of this is that the sandbox now can't modify,
remove or replace the file, and it is in a fixed position. This means
that given a sandboxed pid, we can find this file as
"/proc/$pid/root/.flatpak-info".

This is very nice for two reasons:
 * We can use this instead of the cgroup to find out if a pid is
   sandboxed or not. This means we can drop the dependency on
   systemd --user for this.
 * We can get more information about the peer process that the
   app id. For instance, we can see what permissions the sandboxed
   app has.

common/flatpak-run.c

@@ -2559,7 +2559,7 @@ flatpak_run_add_app_info_args (GPtrArray      *argv_array,
       g_autoptr(GFile) files = NULL;
       g_autofree char *files_path = NULL;
       g_autofree char *fd_str = NULL;
-      g_autofree char *dest = g_strdup_printf ("/run/user/%d/flatpak-info", getuid ());
+      g_autofree char *old_dest = g_strdup_printf ("/run/user/%d/flatpak-info", getuid ());
 
       close (fd);
 
@@ -2589,7 +2589,10 @@ flatpak_run_add_app_info_args (GPtrArray      *argv_array,
       if (fd_array)
         g_array_append_val (fd_array, fd);
 
-      add_args (argv_array, "--file", fd_str, dest, NULL);
+      add_args (argv_array,
+                "--ro-bind-data", fd_str, "/.flatpak-info",
+                "--symlink", "../../../.flatpak-info", old_dest,
+                NULL);
     }
 
   return TRUE;