[Virtio-fs] [virtiofsd-rs] MR opened: libcap-ng failed because calling capng::apply without CAP_SETPCAP

[virtiofs-bot at sinrega.org]

Inside drop_child_capabilities() there is a call to capng:apply() that clears the bounding set. It causes libcap-ng to fail when calling virtiofsd-rs with '--sandbox none' by an unprivileged user, because it doesn't have the CAP_SETPCAP capability.
---
https://gitlab.com/virtio-fs/virtiofsd-rs/-/merge_requests/49