Cleanup kcheckpass

kcheckpass existed because historically we needed to be root to check
passwords. This hasn't been true for tens of years. There are no
security benefits, all authentication is based on the exit status of the
greeter application.

This patch drops kcheckpass and brings everything in process, but in
another thread.

This also reports back more fine grained PAM control at the same time
(following on from !29) forwarding all prompts and messages.

The unit test has been replaced with one that actually checks against a
real PAM using pam_wrapper to force a fake user.
3 jobs for !59 with work/big_cleanup in 4 minutes and 8 seconds (queued for 52 seconds)
latest merge request