Adopt capability drop explanations from other distros on Gentoo, drop setpcap,sys_nice caps
Documents setpcap,sys_admin,sys_resources as breaking systemd, but does not drop them from lxc.cap.drop, as the default init system on Gentoo is OpenRC, thus stuff breaking systemd can be blocked anyway.
This also drops setpcap and sys_nice caps, as these are also dropped in other non-systemd distros.
Most of the explanatory blurb was copied from other distros' configs.
projects / thirdparty / lxc.git / commit
