Support file capabilities/extended attributes

[Snaipe]

Packaging a directory where binaries have capabilities set seem to strip these capabilities (tested so far with RPM).

The workaround is to call setcap in a post-install script, but this adds an unwelcome dependency on whatever package provides setcap.

[jlagermann]

Running setcap in a post-install script will rendered the rpm unverifiable - I.E. a file on the filesystem is different to its representation in the package manifest.