Add `chroot()` support

[sisungo]

Introduction

Many services use chroot() to improve security. Supporting specifying root directory in Airup service manifest could make the system more secure.

Unresolved Questions

• Rust standard library haven't supported chroot-ing for child processes yet. However, when using pre_exec to reach the goal, setuid() is earlier called, causing user switching to be conflicted with chroot-ing (that's also why we commented setgroup()). Should we switch to use pre_exec for setuid(), too, in order to keep the order?