test: adapt to the new capsh format

Since libcap v2.29 the format of cap_to_text() has been changed which
makes certain `test-execute` subtest fail. Let's remove the offending
part of the output (dropped capabilities) to make it compatible with
both the old and the new libcap.

test/test-execute/exec-capabilityboundingset-invert.service

@@ -2,6 +2,7 @@
 Description=Test for CapabilityBoundingSet
 
 [Service]
-ExecStart=/bin/sh -x -c '! capsh --print | grep "^Bounding set .*cap_chown"'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep "^Bounding set .*cap_chown"'
 Type=oneshot
 CapabilityBoundingSet=~CAP_CHOWN

test/test-execute/exec-privatedevices-no-capability-mknod.service

@@ -3,5 +3,6 @@ Description=Test CAP_MKNOD capability for PrivateDevices=no
 
 [Service]
 PrivateDevices=no
-ExecStart=/bin/sh -x -c 'capsh --print | grep cap_mknod'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_mknod'
 Type=oneshot

test/test-execute/exec-privatedevices-no-capability-sys-rawio.service

@@ -3,5 +3,6 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=no
 
 [Service]
 PrivateDevices=no
-ExecStart=/bin/sh -x -c 'capsh --print | grep cap_sys_rawio'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_rawio'
 Type=oneshot

test/test-execute/exec-privatedevices-yes-capability-mknod.service

@@ -3,5 +3,6 @@ Description=Test CAP_MKNOD capability for PrivateDevices=yes
 
 [Service]
 PrivateDevices=yes
-ExecStart=/bin/sh -x -c '! capsh --print | grep cap_mknod'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_mknod'
 Type=oneshot

test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service

@@ -3,5 +3,6 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=yes
 
 [Service]
 PrivateDevices=yes
-ExecStart=/bin/sh -x -c '! capsh --print | grep cap_sys_rawio'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_rawio'
 Type=oneshot

test/test-execute/exec-protectkernellogs-no-capabilities.service

@@ -3,5 +3,6 @@ Description=Test CAP_SYSLOG for ProtectKernelLogs=no
 
 [Service]
 ProtectKernelLogs=no
-ExecStart=/bin/sh -x -c 'capsh --print | grep cap_syslog'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_syslog'
 Type=oneshot

test/test-execute/exec-protectkernellogs-yes-capabilities.service

@@ -3,5 +3,6 @@ Description=Test CAP_SYSLOG for ProtectKernelLogs=yes
 
 [Service]
 ProtectKernelLogs=yes
-ExecStart=/bin/sh -x -c '! capsh --print | grep cap_syslog'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_syslog'
 Type=oneshot

test/test-execute/exec-protectkernelmodules-no-capabilities.service

@@ -3,5 +3,6 @@ Description=Test CAP_SYS_MODULE ProtectKernelModules=no
 
 [Service]
 ProtectKernelModules=no
-ExecStart=/bin/sh -x -c 'capsh --print | grep cap_sys_module'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_module'
 Type=oneshot

test/test-execute/exec-protectkernelmodules-yes-capabilities.service

@@ -3,5 +3,6 @@ Description=Test CAP_SYS_MODULE for ProtectKernelModules=yes
 
 [Service]
 ProtectKernelModules=yes
-ExecStart=/bin/sh -x -c '! capsh --print | grep cap_sys_module'
+# sed: remove dropped capabilities (cap_xxx-[epi]) from the output
+ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_module'
 Type=oneshot