nspawn: block open_by_handle_at() and others via seccomp

nspawn: block open_by_handle_at() and others via seccomp

Let's protect ourselves against the recently reported docker security
issue. Our man page makes clear that we do not make any security
promises anyway, but well, this one is easy to mitigate, so let's do it.
While we are at it block a couple of more syscalls that are no good in
containers, too.