dockerTools.fakeNss: add /etc/nsswitch.conf (#134958)

Apparently, a non-existent nsswitch.conf causes a very misleading host
resolution, differing from the defaults people are used to.

According to
https://github.com/golang/go/issues/22846#issuecomment-346377144, glibc
says the default is "dns [!UNAVAIL=return] files".

This means, `/etc/hosts` isn't really honored, causing all sorts of
unexpected behaviour.

Let's prevent this, and first ask `/etc/hosts` before querying DNS, like
we do on NixOS too.

pkgs/build-support/docker/default.nix

@@ -750,6 +750,9 @@ rec {
         root:x:0:
         nobody:x:65534:
       '')
+      (writeTextDir "etc/nsswitch.conf" ''
+        hosts: files dns
+      '')
       (runCommand "var-empty" { } ''
         mkdir -p $out/var/empty
       '')