launchd agents/daemons should apply XML escaping as needed

[lilyball]

Launchd agents/daemons that use XML special characters currently need to escape these characters. This leads to definitions like

{
  launchd.daemons.linux-builder.serviceConfig.ProgramArguments = [
    "/bin/sh" "-c"
    "/bin/wait4path /nix/store && exec ${builderWithOverrides}/bin/create-builder"
  ];
}

The need to escape these characters is very surprising. I would normally expect nix-daemon to apply any necessary escaping already.

Unfortunately we can't just turn on escaping now as it will break any existing definitions that already escape these characters, but we could look for any special characters that aren't already escaped and escape those. This might look something like

builtins.replaceStrings [
  "&" "&"
  "&lt;" "<"
] [
  "&amp;" "&amp;"
  "&lt;" "&lt;"
] s

The documentation on builtins.replaceStrings does not explicitly say that it prioritizes matching earlier values over later ones, but a quick test suggests that it does (and it's the obvious behavior).

---

This does introduce the possibility that someone wants to do something like env.ENTITY = "&", expecting the daemon to execute with ENTITY='&' but it will instead execute with ENTITY='&'. And so we might also want to add an escape hatch that makes it escape everything even if it looks like an entity, so anyone doing something weird like this can just set the option instead of having to doubly escape things. This is rather unlikely to be an issue in practice though, so we could also just skip it, although the existence of such an option would be a convenient place to document the entity escaping behavior.