Add rootwrap daemon mode support

https://review.openstack.org/158805
commit 0df884ac931c99f50ce020b18fd42a1b94d96481
Author: Terry Wilson <email address hidden>
Date: Mon Feb 23 14:56:44 2015 -0600

    Add rootwrap daemon mode support

    This patch introduces support for rootwrap daemon mode. It adds
    a new config option, AGENT.root_helper_daemon with no default. To
    enable, set to something like:

    root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf

    The patch currently assumes that the root_helper_daemon value, and specifically
    the rootwrap config, will not change once calls to execute() happen. While it
    would not be hard to generate a rootwrap daemon client for each new config, I
    couldn't think of a legitimate reason to support it and left it out as YAGNI.

    This patch does change the behavior of the addl_env argument to create_process
    and execute. Previously, an environment dict would be passed to Popen. If
    a root helper was used, this environemnt would actually be passed to 'sudo'
    which would filter it before passing it to the underlying command. In the case
    of daemon mode, this would cause a problem as the enviornment is filtered by
    sudo only once, at daemon startup. Any environment variables added at execute
    time would then just be passed directly to the underyling command unfiltered.

    oslo.rootwrap 1.6.0 fixes this issue by denying the passing of environment
    variables to the daemon altogether. Instead, anything using rootwrap and needing
    to pass additional environment variables should define an EnvFilter and run the
    command with env var=val cmd. utils.execute/create_process have been modified to
    run code in this way (which netns.execute already did).

    No code in neutron currently uses both run_as_root=True and addl_env, so this
    change does not require any change in code or filters.

    DocImpact
    Implements: blueprint rootwrap-daemon-mode
    Change-Id: I567334bb611253c7b9d830d50c5be308a5153baf