contrib/dnsmasq: Add CAP_NET_RAW, CAP_SETUID, CAP_SETGUID

* Allow dnsmasq to be run as a daemon (without -d flag)
* Bump coreos.com/dnsmasq to v0.3.0

contrib/dnsmasq/build-aci

@@ -16,7 +16,7 @@ trap "{ export EXT=$?; acbuild --debug end && exit $EXT; }" EXIT
 acbuild --debug set-name coreos.com/dnsmasq
 
 # Add a version label
-acbuild --debug label add version v0.2.0
+acbuild --debug label add version v0.3.0
 
 # Add alpine base dependency
 acbuild --debug dep add quay.io/coreos/alpine-sh
@@ -33,7 +33,7 @@ acbuild --debug port add dhcp udp 67
 acbuild --debug port add dns udp 53
 
 # Elevate network admin capabilities
-echo "{\"set\": [\"CAP_NET_ADMIN\", \"CAP_NET_BIND_SERVICE\"]}" | acbuild --debug isolator add os/linux/capabilities-retain-set -
+echo "{\"set\": [\"CAP_NET_ADMIN\", \"CAP_NET_BIND_SERVICE\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_NET_RAW\"]}" | acbuild --debug isolator add os/linux/capabilities-retain-set -
 
 # Set the exec command
 acbuild --debug set-exec -- /usr/sbin/dnsmasq -d