Update libcap-ng capability handling

There is a change coming in libcap-ng-0.8.1 that causes gnome-keyring to not work correctly. The capng_apply function now returns an error if it cannot change the bounding set. Previously this was ignored. Which means now gnome-keyring exits when it shouldn't.

The new patch adds troubleshooting info to the error message. And it checks to see if we have CAP_SETPCAP. If we do not, then we cannot change the capabilities so we just bypass the whole thing that was causing an error. On the setuid side, it now drops the bounding set and clears any supplemental groups that may be left over as an accident.