docs: add package manager hook documentation and security fixes

[fly602]

Added comprehensive documentation for package manager integration to ensure automatic application list updates work correctly across different Linux distributions. The documentation explains the hook mechanism and provides configuration examples for various package managers. Additionally, security improvements were made by changing the D-Bus service ownership from root to deepin-daemon user to follow security best practices and reduce potential security risks.

Log: Added package manager hook documentation and improved D-Bus service security

Influence:

1. Test application list updates after installing/removing packages
2. Verify D-Bus service runs under deepin-daemon user instead of root
3. Check package manager hooks work correctly on supported distributions
4. Test application detection with different package managers
5. Verify systemd service configuration changes

docs: 添加包管理器钩子文档和安全修复

添加了包管理器集成的全面文档，确保在不同 Linux 发行版上自动应用程序列表
更新功能正常工作。文档解释了钩子机制，并为各种包管理器提供了配置示例。此
外，通过将 D-Bus 服务所有权从 root 更改为 deepin-daemon 用户来进行安全改 进，遵循安全最佳实践并降低潜在安全风险。

Log: 新增包管理器钩子文档并改进 D-Bus 服务安全性

Influence:

1. 测试安装/卸载软件包后应用程序列表的更新
2. 验证 D-Bus 服务在 deepin-daemon 用户而非 root 下运行
3. 检查包管理器钩子在支持的发行版上正常工作
4. 测试不同包管理器下的应用程序检测功能
5. 验证 systemd 服务配置更改 PMS: TASK-381283

Summary by Sourcery

Add comprehensive documentation for package manager hooks to enable automatic application list updates across distributions and enhance D-Bus service security by changing ownership to the deepin-daemon user.

Enhancements:

• Update D-Bus policy to run under deepin-daemon user instead of root for improved security.

Documentation:

• Add package manager integration section to README in English and Chinese.
• Introduce standalone Package Manager Hook Guide with configuration examples, workflow explanation, and troubleshooting.

[sourcery-ai]

Reviewer's Guide

Introduces comprehensive package manager hook documentation with configuration examples and enhances D-Bus service security by switching service ownership from root to the deepin-daemon user.

Sequence diagram for package manager hook triggering application list reload

sequenceDiagram
participant PackageManager
participant Hook
participant "D-Bus Service (app-update-notifier)"
participant "Application Manager"
PackageManager->>Hook: Install/Remove/Update package
Hook->>"D-Bus Service (app-update-notifier)": Trigger via busctl call
"D-Bus Service (app-update-notifier)"->>"Application Manager": Notify to reload application list
"Application Manager"->>"Application Manager": Reload application list

Loading

File-Level Changes

Change	Details	Files
Add package manager hook integration documentation	Insert hook overview and quick setup in README.md Mirror integration section in README.zh_CN.md Create detailed hook guide docs/package-manager-hook.md Add Chinese guide docs/package-manager-hook.zh_CN.md	README.md README.zh_CN.md docs/package-manager-hook.md docs/package-manager-hook.zh_CN.md
Enhance D-Bus service security by changing ownership user	Update busconfig policy to use deepin-daemon instead of root	apps/app-update-notifier/misc/dbus/org.desktopspec.ApplicationUpdateNotifier1.conf

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey there - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: BLumia, fly602

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[deepin-bot]

TAG Bot

New tag: 1.2.38
DISTRIBUTION: unstable
Suggest: synchronizing this PR through rebase #303

[deepin-ci-robot]

deepin pr auto review

我来对这个 Git diff 进行审查：

1. 代码质量改进建议：

• 在 D-Bus 配置文件中，将服务从 root 用户改为 deepin-daemon 用户是一个很好的安全实践。这遵循了最小权限原则。

• README 文件的更新非常全面，包含了中英文版本，并添加了详细的包管理器集成说明。

2. 安全性改进：

• 使用专用用户 deepin-daemon 而不是 root 来运行服务是一个重要的安全改进。

• 在包管理器钩子配置中使用了 || /bin/true 来确保钩子失败不会影响包管理操作，这是一个很好的容错机制。

3. 文档完整性：

• 新增的包管理器钩子指南文档很详细，包含了工作原理说明和具体配置示例。

• 文档同时提供了中英文版本，考虑到了国际化需求。

4. 建议改进：

• 在包管理器钩子指南中，可以添加更多发行版的具体配置示例（如 Fedora、Arch Linux 等），而不仅仅是 Debian/Ubuntu。

• 可以考虑在文档中添加一个"故障排除"部分，列出常见问题和解决方案。

• D-Bus 信号调用使用了 org.freedesktop.DBus.Peer Ping，建议添加注释说明为什么选择这个特定的接口。

• 在 systemd 服务文件中，可以考虑添加一些额外的安全选项，如 PrivateTmp=true、ProtectSystem=strict 等。

5. 架构设计：

• 使用 D-Bus 信号来通知应用管理器是一个很好的解耦设计。

• 包管理器钩子的实现方式简单有效，但需要确保在各种错误情况下的健壮性。

总体来说，这是一个很好的更新，提高了安全性，改进了文档，并保持了良好的架构设计。主要的改进空间在于完善文档和增强安全性配置。