[agent/docker] add suport for additional container capabilities

[anthonygego]

Is your feature request related to a problem? Please describe. If we want to use perf, for instance, we need to expose more information from the host. SYS_ADMIN capability is required at the launch of the container. However, it's a risky operation to add these capabilities for everyone without control.

Describe the solution you'd like A good compromise is to allow the INGInious administrator to run a Docker agent with additional capabilities for the containers it runs. This ensures only selected hosts are more exposed than others, and that this choice is made by the platform administrator.

This could be an inginious-agent-docker command line argument or stored in a config file (in this case it could be worth moving all the agent arguments, such as problem plugins, in that file).

The remaining question is to know whether this feature should be announced back to the queue so that the jobs are correctly routed to the right agent or if this should remain an obscure feature used with specificly designed environments for that host.