Xrdp as unprivileged user

[matt335672]

Fixes #2965

Parameters are added to xrdp.ini and sesman.ini to allow running as a non-privileged user.

The following issues were found in implementing this:-

1. PID files either need to be made alterable and deleteable by the non-privileged user, or just left to be deleted elsewhere. It seems current best-practice is the second of these. I've gone with that approach.

2. ~~A problem was found with #2731 which is fixed in commit 44710129317744d32d90199c2ab890b9265da4b2. This should probably be factored out as a separate PR.~~ Edit 2024-3-22: See #3011

3. We know it's tricky to get permissions right for non-privileged xrdp - there's a constant theme of users who don't understand why TLS doesn't work out-of-the-box on Debian/Ubuntu (see Debian BTS #860890). To address this I've provided a script which checks file permissions are correct when the parameters in xrdp.ini are entered or changed. This is referred to from the xrdp.ini manpage.

By default, xrdp runs as root. User interaction is required to address this. I've done this more for porting than anything else.

I've completed initial testing on Ubuntu and FreeBSD. The permissions check script may not work on some more oddball systems like Alpine Linux.

This is a complex area and I may well have omitted something. Feedback most welcome!

BTW: As I write this, Github CI is broken. Hopefully it will be working by Monday.

[metalefty]

Thanks! I'll look into this soon.