plugincontainer: Drop all capabilities from plugin containers

[tomhjp]

This makes several breaking API changes, so will necessitate a bump to v0.2.0, but should provide us with a better API in the longer term.

Builds on the additions in https://github.com/hashicorp/go-plugin/pull/277 to enable dropping all default capabilities from the plugin container. We now let go-plugin set the PLUGIN_UNIX_SOCKET_GROUP env var, and override the value it sets for PLUGIN_UNIX_SOCKET_DIR because the plugin's view of that directory is different. As a result, renamed UnixSocketGroup as GroupAdd to more accurately reflect that it now only controls the container's GroupAdd setting.

As that requires a breaking change, I also updated the API for creating a RunnerFunc to make it a bit cleaner and reduce unnecessarily exported API surface like ContainerRunner which was useless anyway when directly created from outside the package - the best place to see the result of this is in container_runner_test.go or example/bidirectional/main.go.

Lastly this PR also removes the container's env from the Diagnose output, as it could reasonably include secrets. I'm planning to re-add that capability in a separate PR but behind a Debug configurable.

[tomhjp]

Thanks!