pam: implement a zfs_key pam module

Implements a pam module for automatically loading zfs encryption keys
for home datasets. The pam module:

• loads a zfs key and mounts the dataset when a session opens.
• unmounts the dataset and unloads the key when the session closes.
• when the user is logged on and changes the password, the module changes the encryption key.

Reviewed-by: Richard Laager <rlaager@wiktel.com>
Reviewed-by: @jengelh <jengelh@inai.de>
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Felix Dörre <felix@dogcraft.de>
Closes #9886
Closes #9903