"login" needs to adjust inheritable privs

[citrus-it]

Currently, invoking the zadm login command invokes zlogin leaving the inheritable privilege set quite restricted. That ends up with the zone shell having less privileges that one might expect:

bloody% pfexec ptree 2377
    2377   /usr/bin/perl /opt/ooce/bin/zadm login lx
          2381   /usr/sbin/zlogin lx
            2382   /bin/login -h zone:global -f root
              2388   -bash

bloody% pfexec ppriv 2377
2377:   /usr/bin/perl /opt/ooce/bin/zadm login lx
flags = PRIV_AWARE
        E: all
        I: basic,file_dac_write,!file_link_any,!net_access,!proc_info,!proc_session
        P: all
        L: all

bloody# ppriv 2381
2381:   /usr/sbin/zlogin lx
flags = PRIV_AWARE
        E: basic,!file_link_any,!proc_exec,!proc_fork,!proc_info,!proc_session
        I: basic,!file_link_any,!proc_exec,!proc_fork,!proc_info,!proc_session
        P: basic,!file_link_any,!proc_exec,!proc_fork,!proc_info,!proc_session
        L: basic,!file_link_any,!proc_exec,!proc_fork,!proc_info,!proc_session

bloody% pfexec ppriv 2388
2388:   -bash
flags = PRIV_AWARE_RESET
        E: basic,contract_event,contract_identity,contract_observer,dtrace_proc,dtrace_user,file_chown,file_chown_self,file_dac_execute,file_dac_read,file_dac_search,file_dac_write,file_owner,file_setid,ipc_dac_read,ipc_dac_write,ipc_owner,net_bindmlp,net_icmpaccess,net_mac_aware,net_privaddr,net_rawaccess,proc_audit,proc_chroot,proc_lock_memory,proc_owner,proc_prioup,proc_setid,proc_taskid,sys_acct,sys_admin,sys_audit,sys_ip_config,sys_iptun_config,sys_mount,sys_nfs,sys_ppp_config,sys_resource,sys_smb
        I: basic,file_dac_write,!file_link_any,!net_access,!proc_info,!proc_session
... P & L are the same as E