Change x11_set_auth / x11_delete_xauth to use a specific .Xauthority file.

Now that the x11_forwarding code is running under seteuid/setegid,
and not using _become_user in the stepd, the environment is not set
automatically so xauth was trying to alter /root/.Xauthority instead
of the user's. (That restriction is in place so hostkey auth can work
safely.)

While here, move the xauth cleanup into the x11 forwarding shutdown
thread and out of the stepd's mgr.c.