detect unsupported seccomp architecture

[reidpr]

Closes #1771.

[reidpr]

@wiene, does this PR work for you in your s390x environment?

[wiene]

@reidpr, thanks for this PR. I do not have direct access to a host with this architecture. The issue reported in #1771 showed up on an s390x node which is part of the post-upload Debian CI infrastructure. Nevertheless to test the change introduced by this PR I followed a two step procedure:

1. Apply this PR and run the hello example on x86-64 -> Works as expected.
2. Apply this PR, remove x86-64 architecture from list of supported seccomp architectures and test the hello example on x86-64 -> Fails as expected with a helpful error message:

   $ ch-image build .
   initializing storage directory: v7 /var/tmp/root.ch
   initializing empty build cache
   inferred image name: hello
   2. FROM almalinux:8
   [...]
   image arch: amd64
   copying image from cache ...
   4. RUN.S dnf install -y --setopt=install_weak_deps=false openssh-clients  && dnf clean all
   copying image from cache ...
   ch-run[6793]: error: seccomp root emulation failed (is your architecture supported?): Operation not permitted (ch_core.c:602 1)
   something went wrong, rolling back ...
   HEAD is now at 0bc098b PULL almalinux:8
   error: build failed: RUN command exited with 1

   So from my point of view this change looks fine. :+1: