tests: Actually remove capabilities after dropping them

tests.sh

@@ -35,22 +35,25 @@ if [ -t 1 ]; then
 fi
 
 if command -v capsh &>/dev/null; then
-    if capsh --has-p=CAP_DAC_OVERRIDE &>/dev/null || capsh --has-p=CAP_DAC_READ_SEARCH &>/dev/null; then
+    if capsh --has-p=cap_dac_override &>/dev/null || capsh --has-p=cap_dac_read_search &>/dev/null; then
 	if [ -n "$BFS_TRIED_DROP" ]; then
             cat >&2 <<EOF
-${RED}error: ${RST} Failed to drop capabilities.
+${RED}error:${RST} Failed to drop capabilities.
 EOF
 
 	    exit 1
 	fi
 
         cat >&2 <<EOF
-${YLW}warning:${RST} Running as ${BLD}$(id -un)${RST} is not recommended.  Dropping ${BLD}CAP_DAC_OVERRIDE${RST} and
-${BLD}CAP_DAC_READ_SEARCH${RST}.
+${YLW}warning:${RST} Running as ${BLD}$(id -un)${RST} is not recommended.  Dropping ${BLD}cap_dac_override${RST} and
+${BLD}cap_dac_read_search${RST}.
 
 EOF
 
-        BFS_TRIED_DROP=y exec capsh --drop=CAP_DAC_OVERRIDE,CAP_DAC_READ_SEARCH -- "$0" "$@"
+        BFS_TRIED_DROP=y exec capsh \
+            --drop=cap_dac_override,cap_dac_read_search \
+            --caps=cap_dac_override,cap_dac_read_search-eip \
+            -- "$0" "$@"
     fi
 elif [ "$EUID" -eq 0 ]; then
     UNLESS=