PIDs can be recycled, so when possible it is best to try and use PIDFDs,
which are pinned. Change polkitd's unixprocess class so that, if the
PIDFD syscall is available, it does not store a PID but only the PIDFD,
and gets the PID when required on the fly (which will intentionally fail
if the process has disappeared, so that we avoid recycling races).

In the future we will be able to get the PIDFD directly from D-Bus'
GetConnectionCredentials() call, but for now get the FD from the PID.
It does not completely close the window, but makes things significantly
better already.