pinger: drop capabilities on Linux

pinger: drop capabilities on Linux

On linux, it is possible to install pinger helper with only CAP_NET_RAW
raised instead of full setuid-root:

 (setcap cap_net_raw+ep /path/to/pinger && chmod u-s /path/to/pinger) || :

However, pinger only drops setuid/setgid, and won't drop capabilities
after sockets are opened (when it is setuid-root, setuid(getuid()) also
drops capabilities, no code changes necessary; however, if it is only
setcap'ed, setuid() is no-op).

Fix is minimally tested, seems to work fine with both/either `setcap`
and `chmod u+s`; non-linux/non-libcap configurations should not be
affected).

* Also fixes errno debug outputs.