Explicitly specify capabilities of root services in microdroid

This is a semi-automatic change to simply specify the capabilities that
these services have according to the sepolicy.

List of capabilities for each service was obtained by running:
`sesearch --allow -c capability,capability2 /tmp/microdroid-policy`

The policy specifies that all processes have CAP_AUDIT_CONTROL, but it
doesn't seem to be actually required, so it's omitted from the service
definitions.

Also switch tombstone_transmit to run as system user.

Test: presubmit
Test: atest --test-mapping packages/modules/Virtualization:avf-presubmit
Test: run demo app and verify capabilities of microdroid_launcher
Test: atest com.android.microdroid.test.MicrodroidTestCase#testTombstonesAreGeneratedUponCrash
Bug: 243633980
Bug: 249796710
Change-Id: I19b0cefb07fc7480b3f9dc05cb708a899489fe65

microdroid/init.rc

@@ -177,7 +177,7 @@ on post-fs-data
     mkdir /data/local/tmp 0771 shell shell
 
 service tombstone_transmit /system/bin/tombstone_transmit.microdroid -cid 2 -port 2000 -remove_tombstones_after_transmitting
-    user root
+    user system
     group system
     shutdown critical
 
@@ -186,12 +186,14 @@ service apexd-vm /system/bin/apexd --vm
     group system
     oneshot
     disabled
+    capabilities CHOWN DAC_OVERRIDE DAC_READ_SEARCH FOWNER SYS_ADMIN
 
 service ueventd /system/bin/ueventd
     class core
     critical
     seclabel u:r:ueventd:s0
     shutdown critical
+    capabilities CHOWN DAC_OVERRIDE DAC_READ_SEARCH FOWNER FSETID MKNOD NET_ADMIN SETGID SETUID SYS_MODULE SYS_RAWIO
 
 service console /system/bin/sh
     class core

microdroid_manager/microdroid_manager.rc

@@ -4,3 +4,5 @@ service microdroid_manager /system/bin/microdroid_manager
     setenv RUST_LOG info
     # TODO(jooyung) remove this when microdroid_manager becomes a daemon
     oneshot
+    # SYS_BOOT is required to exec kexecload from microdroid_manager
+    capabilities AUDIT_CONTROL SYS_ADMIN SYS_BOOT