pam_namespace: don't use bashisms in default namespace.init script

pam_namespace: don't use bashisms in default namespace.init script

* modules/pam_namespace/pam_namespace.c: call setuid() before execing the
namespace init script, so that scripts run with maximum privilege regardless
of the shell implementation.
* modules/pam_namespace/namespace.init: drop the '-p' bashism from the
shebang line

This is not a POSIX standard option, it's a bashism.  The bash manpage says
that it's used to prevent the effective user id from being reset to the real
user id on startup, and to ignore certain unsafe variables from the
environment.

In the case of pam_namespace, the -p is not necessary for environment
sanitizing because the PAM module (properly) sanitizes the environment
before execing the script.

The stated reason given in CVS history for passing -p is to "preserve euid
when called from setuid apps (su, newrole)."  This should be done more
portably, by calling setuid() before spawning the shell.

Signed-off-by: Steve Langasek <vorlon@debian.org>
Bug-Debian: http://bugs.debian.org/624842
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1081323