Drop SYS_ADMIN capability.
According to this article it is not needed if we use 'STOPSIGNAL SIGRTMIN+3' https://developers.redhat.com/blog/2016/09/13/running-systemd-in-a-non-privileged-container/
According to this article it is not needed if we use 'STOPSIGNAL SIGRTMIN+3' https://developers.redhat.com/blog/2016/09/13/running-systemd-in-a-non-privileged-container/