Use bindfs to create bind mounts for directories instead of symlinking
them. This should be less problematic for many applications, since
bind mounts are much more transparent.
This sets up the bind mounts in the activation script, before any
writes are done by home-manager, then tears them down again
afterwards. The bind mounts are then handled by individual systemd
services, since they're long-running fuse processes and need to be
managed as such. This also means we leverage home-manager's mechanism
for deciding which user services should be active after a switch to a
new generation, and don't have to bother with cleaning up old leftover
fuse processes.
NOTE: All unmounts done in the activation script are put into a
function which is run either on error, or right before home-manager
starts / reloads systemd units. This will conflict with other attempts
to add traps on ERR, but this isn't currently done upstream.
