Run quota_nld service as tty group
quota_nld daemon writes to /dev/pts/N files thag has 0620 mode and
some_user:tty ownership.
If the daemon runs as a systemd service, SELinux denies DAC_OVERRIDE
capability that allows a root user to access files without matching
permissions.
We could fix it by adding a special SELinux rule, but SELinux
considers DAC_OVERRIDE harmful and prefers fixing the file permissions
instead.
We could patch quota_nld source to setgid() to tty group, but the
exact group name or ID is varies among distributions. This is not
upstreamable.
We could patch quota_nld to fork and setgid() to a group equaled to the
targeted device group. But that seems way to complicated if we can
simply patch systemd unit file to change group to "tty". Thus
I selected this approach.