add GetSeUserByName, fallback to failsafe context in GetDefaultContextWithLevel

[capnspacehook]

Ported getseuserbyname (https://github.com/SELinuxProject/selinux/blob/main/libselinux/src/seusers.c#L188) to Go, and added failsafe_context parsing to GetDefaultContextWithLevel as that's what libselinux's get_default_context_with_level does (https://github.com/SELinuxProject/selinux/blob/main/libselinux/src/get_context_list.c#L488).

getseuserbyname reads theseusers file (https://www.man7.org/linux/man-pages/man5/seusers.5.html) to find the SELinux user and the MLS level for a given Linux user.

get_default_context_with_level takes a SELinux user, MLS level, and an SELinux context (combination of SELinux user, role, domain, and MLS level, in many cases this context is the context of the caller) and returns the SELinux context that should be used when creating processes as a certain Linux user.

get_default_context_with_level attempts to find a suitable context for the specific SELinux user that was passed first, then searches in the list of global context mappings if no match was found, and finally just returns the failsafe context if no match was found anywhere else. GetDefaultContextWithLevel previously returned an error if no context could be found for the SELinux user or globally.

Man page for failsafe_context: https://www.man7.org/linux//man-pages/man5/failsafe_context.5.html