Change the way SUID bits are managed

The kcheckpass binary only needs the SUID bit set when building
without PAM. If PAM is available (and "recent enough", i.e., younger
than ten years so that it has a /usr/bin/unix_chkpwd), then there's no
point in having a SUID bit set. This is also how, e.g., Gentoo builds
this code anyway.

Also change the way how the SUID bits are managed. Turns out that cmake
has a feature for this, and I think that using this feature is better
than attempting to call chown & chmod manually.

I don't see a potential for regressions here. The chown was previously
attempted as a poor man's UID detection, so if the build was running as
non-root, it wasn't possible to add a proper SUID bit, anyway.

Reviewed-By: David Edmundson <david@davidedmundson.co.uk>
REVIEW: 127341