--domainname doesn't work with rootless

[AkihiroSuda]

Description

--domainname doesn't work with rootless due to EPERM.

Steps to reproduce the issue:
docker run -it --rm --domainname foo alpine

Describe the results you received:

docker: Error response from daemon: OCI runtime create failed: 
container_linux.go:349: starting container process caused "process_linux.go:449: 
container init caused \"write sysctl key kernel.domainname: open 
/proc/sys/kernel/domainname: permission denied\"": unknown.

Describe the results you expected:
It should work.

To avoid EPERM, runc should use setdomainname(2) rather than writing to /proc/sys/kernel/domainname.
We may need to amend OCI Runtime Spec.

Additional information you deem important (e.g. issue happens only occasionally):

--hostname works .

Output of docker version:

Client:
 Version:           20.03.0-dev
 API version:       1.41
 Go version:        go1.13.8
 Git commit:        7d407207
 Built:             Fri Mar  6 12:06:03 2020
 OS/Arch:           linux/amd64
 Experimental:      true

Server:
 Engine:
  Version:          dev
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.8
  Git commit:       8d0b2a044f
  Built:            Fri Mar  6 12:03:10 2020
  OS/Arch:          linux/amd64
  Experimental:     true
 containerd:
  Version:          v1.3.0-367-g936b7b00
  GitCommit:        936b7b0043e4b90a7f4810ed91ce066257117178
 runc:
  Version:          1.0.0-rc10+dev
  GitCommit:        6503438fd6b0415bc146403b30b8a248b3346f52
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Output of docker info:

Client:
 Debug Mode: false
 Plugins:
  buildx: Build with BuildKit (Docker Inc., v0.3.1-31-g891d355)

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 2
 Server Version: dev
 Storage Driver: overlay2
  Backing Filesystem: <unknown>
  Supports d_type: true
  Native Overlay Diff: false
 Logging Driver: json-file
 Cgroup Driver: none
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 936b7b0043e4b90a7f4810ed91ce066257117178
 runc version: 6503438fd6b0415bc146403b30b8a248b3346f52
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
  rootless
 Kernel Version: 5.3.0-40-generic
 Operating System: Ubuntu 19.10
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 7.748GiB
 Name: suda-ws01
 ID: CWVR:KJQU:3CNT:IJF7:FMME:22Y7:GKFW:AFKJ:IVLQ:JOVW:3KZY:S25M
 Docker Root Dir: /home/suda/.local/share/docker
 Debug Mode: false
 Username: akihirosuda
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: true
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional environment details (AWS, VirtualBox, physical, etc.):