Separate config entries for device mknod and cgroups
I filed a PR to keep this separate [1], but it was closed after [2]
landed. See also [3], where I point out that putting the mknod stuff
in the “control groups” section is awkward.
[1]: https://github.com/opencontainers/specs/pull/99
Add linux.resources.devices
[2]: https://github.com/opencontainers/specs/pull/94
Replace Linux.Device with more specific config
[3]: https://github.com/opencontainers/specs/pull/171#discussion_r41190655
move the description of user ns mapping and default files to proper file