Fine-grained API security

Fine grained mandatory access control and/or role based access control for the libvirt daemon / API. As an example to be able to control permissions on (object,user,operation) triple ie. domain 'foo', user 'joe', operation 'start'. May involve PolicyKit or SELinux.