In case a rule with the action that equals to the default one was added,
libseccomp used to return EPERM, and libseccomp-golang converted it into
a more user-friendly "requested action matches default action of
filter" error.

From various bug reports I have noticed this is no longer a case.

The cause is libseccomp commit 83989be02 (appeared in v2.5.0), which
changes EPERM to EACCES.

Since we still support libseccomp < 2.5.0, check for either EPERM or
EACCES. Add a TODO item to remove the former.

Add a test case, which fails like this before the fix:

> seccomp_test.go:580: expected error to contain "matches default action", got "permission denied"

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>