The existing set of shell scripts do hard-to-debug things and mess
with the root filesystem. We can make it better.

First, not to play with the system / the process that will be run in
a new mount namespace is statically compiled .c file. And this "init"
does a very simple thing -- waits for SIGTERM and check that the
given filepath contains the given string.

Second, the namespace's root will be some subdir, instead of system
/ bind-mount-ed into a subdir. This makes it easier to keep things
together and makes 100% sure the external bind mount cannot be
accessed by custom path.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>