We want to retain *some* of the full paths in order to test more code paths.
But the default should be to use the command name only. This makes the tests
less visually cluttered.
When starting a service with a non-root user and a SystemCallFilter and
other settings (like ProtectClock), the no_new_privs flag should not be set.
Also, test that CapabilityBoundingSet behaves correctly, since we need
to preserve some capabilities to do the seccomp filter and restore the
ones set by the service before executing.