This system call is used to reassociate the current thread with a Linux
namespace (e.g. a network namespace or a mount namespace).  This system
call is key to interacting with the primitives enabling Linux containers.
The users of this system call will most likely want to wrap their calls
with a pair of LockOSThread / UnlockOSThread calls.  Here is an example
that is a reasonably close approximation of the `ns_exec' program given
as an example in `man 2 setns':

	package main

	import (
		"log"
		"os"
		"os/exec"
		"runtime"

		"golang.org/x/sys/unix"
	)

	func main() {
		if len(os.Args) < 3 {
			log.Fatalf("%s /proc/PID/ns/FILE cmd args...", os.Args[0])
		}
		fd, err := unix.Open(os.Args[1], unix.O_RDONLY, 0)
		if err != nil {
			log.Fatalf("open: %s", err)
		}
		runtime.LockOSThread()
		defer runtime.UnlockOSThread()
		if err = unix.Setns(fd, 0); err != nil {
			log.Fatalf("setns: %s", err)
		}
		cmd := exec.Command(os.Args[2], os.Args[3:]...)
		cmd.Stdin = os.Stdin
		cmd.Stdout = os.Stdout
		cmd.Stderr = os.Stderr
		err = cmd.Run()
		if err != nil {
			log.Fatalf("exec: %s", err)
		}
	}

Fixes golang/go#5968.

Change-Id: I78dc54667cfaef4f9e99a08d48f6e423686f1b22
Reviewed-on: https://go-review.googlesource.com/20054Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>