Allow pasta to take a command to execute

When not given an existing PID or network namspace to attach to, pasta
spawns a shell.  Most commands which can spawn a shell in an altered
environment can also run other commands in that same environment, which can
be useful in automation.

Allow pasta to do the same thing; it can be given an arbitrary command to
run in the network and user namespace which pasta creates.  If neither a
command nor an existing PID or netns to attach to is given, continue to
spawn a default shell, as before.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>

passt.1

@@ -15,7 +15,10 @@
 [\fIOPTION\fR]...
 .br
 .B pasta
-[\fIOPTION\fR]... [\fIPID\fR]
+[\fIOPTION\fR]... [\fICOMMAND\fR [\fIARG\fR]...]
+.br
+.B pasta
+[\fIOPTION\fR]... \fIPID\fR
 .br
 .B pasta
 [\fIOPTION\fR]... \fB--netns\fR [\fIPATH\fR|\fINAME\fR]
@@ -62,10 +65,11 @@ or with the \fBqrap\fR(1) wrapper.
 equivalent functionality to network namespaces, as the one offered by
 \fBpasst\fR for virtual machines.
 
-If PID or --netns are given, \fBpasta\fR associates to an existing user and
-network namespace. Otherwise, \fBpasta\fR creates a new user and network
-namespace, and spawns an interactive shell within this context. A \fItap\fR
-device within the network namespace is created to provide network connectivity.
+If PID or --netns are given, \fBpasta\fR associates to an existing
+user and network namespace. Otherwise, \fBpasta\fR creates a new user
+and network namespace, and spawns the given command or a default shell
+within this context. A \fItap\fR device within the network namespace
+is created to provide network connectivity.
 
 For local TCP and UDP traffic only, \fBpasta\fR also implements a bypass path
 directly mapping Layer-4 sockets between \fIinit\fR and target namespaces,