c/libsnap-confine-private, interfaces: account for reexec on arch

[andrewphelpsj]

On arch, snap-confine's security tag will be prefixed with /var/lib/snapd. This change accounts for that, allowing us to use SNAP_REEXEC on arch systems.

Additionally, the fix in interfaces allows us to account for where snaps are installed on non-ubuntu systems.

[zyga]

I took a while to look at the various elements and consequences and this is good and fixes an actual issue on Fedora/Arch like distributions.

Nice!

[bboozzoo]

LGTM

[bboozzoo]

Suggested change

	// detect running local local builds
	// detect running local builds

[alexmurray]

LGTM.

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 1 line in your changes missing coverage. Please review.

Project coverage is 78.97%. Comparing base (96ea7b0) to head (ba2dd67).
Report is 35 commits behind head on master.

Files with missing lines	Patch %	Lines
interfaces/system_key.go	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #14682      +/-   ##
==========================================
+ Coverage   78.95%   78.97%   +0.02%     
==========================================
  Files        1084     1085       +1     
  Lines      146638   147148     +510     
==========================================
+ Hits       115773   116207     +434     
- Misses      23667    23717      +50     
- Partials     7198     7224      +26     

Flag	Coverage Δ
unittests	78.97% <0.00%> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.