src/libadacl.c: only update entries with matching qualifiers.

src/libadacl.c: only update entries with matching qualifiers.

This fixes the bug reported by Michał Bartoszkiewicz wherein multiple
named user/group entries clobber one another. Now, when updating an
existing ACL entry with a given one, we check that their qualifiers
match. This can mean one of three things:

  1. Both entries are named user entries, and their UIDs match.

  2. Both entries are named group entries, and their GIDs match.

  3. Both entries are neither named user or group entries, and
     their qualifiers "match vacuously." That is to say: they
     don't have any qualifiers that should match in the first
     place, so we want to update the entry regardless.

This passes the regression test case that I recently added, and (I
hope) fixes the problem entirely.