activation: remove unsafe support for fd re-use

[lucab]

Package activation was previously offering an option to leave
environment variables untouched, in order to re-use fd at a future
point.
However, re-using fd is unsafe and results in racing against the GC
due to the way how os.File is implemented. Moreover, the Go runtime
does not (nor plan to) provide a safe interface for proper temporary
borrowing of existing fd.

Thus, this removes the unsetEnv option from all listeners (forcing
to always unset), and only keeps it where ownership can be transferred
back to the caller.

Ref: #250 (comment)
Ref: golang/go#24215

[lucab]

/cc @squeed @vincentbernat for review

This is a followup to #250 (comment). It contains a breaking change for the activation package API.

[lucab]

I also had to bump the ubuntu image we use for tests, as 16.04 comes with an ancient go compiler, and as one of our dependencies (godbus) started using context, and as we don't vendor in here (as this is a library), and as go get does not support checking out a specific tag.

[vincentbernat]

OK for me.

[vincentbernat]

Files() is always called with true. It could also loose its argument.

[lucab]

@vincentbernat yes, we only use it that way. But it is part of the public API and its usage is actually safe, so I plan to keep it as is.

[squeed]

Looks fine to me! Do you want to add something to the docstring like "you should pass unsetEnv as true unless you know what you're doing"?

[lucab]

@squeed good idea. I added a couple of lines to describe flag rationale and typical usage. Everything else kept untouched, PTAL.
I'd plan to tag v17 right after this.

[squeed]

LGTM!