[shell] Add otcli pass-through commands for direct control over the OpenThread interface.

[turon]

Problem

For testing and development scenarios, a shell app user may want to directly access the OpenThread cli in order to configure the interface.

Summary of Changes

Add an otcli pass-through option -- both for Linux and embedded (direct openthread C API calls).

fixes #1694

[mspang]

This is vulnerable to shell escapes. Do we intend to give the CHIP shell control to run arbitrary system shell commands?

[turon]

The alternative is to replicate the socket APIs used by ot-ctl itself. Perhaps those could be made available as a linkable library, but I don't think they are in that form currently.

[turon]

@mspang @rwalker-apple, updated to use fork()/exec().

[rwalker-apple]

possible to move to fork()/exec() (or equivalent) instead of system() to reduce stringops and close the shell escape hole?

[mspang]

possible to move to fork()/exec() (or equivalent) instead of system() to reduce stringops and close the shell escape hole?

Yep, that's what I had in mind too.

[mspang]

This will probably needs more configurability in the future. Could use execvp().

[turon]

I switched to execvp(), but when running sudo, it still has trouble finding simply ot-cli, even if I add export PATH=$PATH:/usr/local/sbin to /root/.bashrc.

[mspang]

That's a sudo policy biting:

sudo grep secure_path /etc/sudoers
Defaults secure_path=/usr/sbin:/usr/bin:/sbin:/bin

[mspang]

Maybe add a TODO for now to add some way to override (could just be a command line argument).

[github-actions]

Size increase report for "nrfconnect-example-build"

File	Section	File	VM

Full report output

BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-nrf52840-lock-example.elf and ./pull_artifact/chip-nrf52840-lock-example.elf:

sections,vmsize,filesize

[github-actions]

Size increase report for "esp32-example-build"

File	Section	File	VM

Full report output

BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-wifi-echo.elf and ./pull_artifact/chip-wifi-echo.elf:

sections,vmsize,filesize

[github-actions]

Size increase report for "gn_nrf-example-build"

File	Section	File	VM

Full report output

BLOAT REPORT

Files found only in the build output:
    report.csv

[github-actions]

Size increase report for "gn_linux-example-build"

File	Section	File	VM

Full report output

BLOAT REPORT

Files found only in the build output:
    report.csv

[github-actions]

Size increase report for "gn_efr32-example-build"

File	Section	File	VM

Full report output

BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-efr32-lock-example.out and ./pull_artifact/chip-efr32-lock-example.out:

sections,vmsize,filesize