Add VPN and Keystore services and data directories.

-- changed the default mode to 0770 for keystore with the new user 'keystore'.
-- add the keystore service providing the basic key lookup/install/remove, but
  only keystore user can access the key content.