Drop root privs, use capabilities

[acooks]

This is the current set of capabilities to get things working:

sudo setcap "cap_sys_admin,cap_sys_resource,cap_syslog,cap_sys_nice,cap_block_suspend,cap_net_bind_service,cap_net_raw,cap_net_admin+eip" server/jt-server

This is quite a lot!

Plan:

1. This might be more than the minimum caps required. Find the absolute minimum set of capabilities needed to run right now.
2. Fix checking of the return codes for the calls that require caps.
3. Comment the code so that it's clear what calls need what caps.
4. Drop caps when no longer needed.