Further restrict become_user drop of privileges.
    
    We never need to regain root after we call become_user() so tighten up even
    further our privilege drop.
    
    Add a setgroups() call to remove all secondary groups root may have been given
    for whateve reason. Then use the setres[ug]id function to also drop the saved
    uid/gid so the process cannot regain back root id.
    Capabilities are also implicitly dropped here, no more CAP_SETUID so this is a
    Point of No Return, once changed to non-root the process can't get back.
    
    Remove redefinition of sys/types.h and unistd.h, they are already defined in
    util.h and they need to be included after _GNU_SOURCE/_BSD_SOURCE is defined
    or the prototypes for setres[ug]id will not be found.
    Add grp.h after util.h for the same reason.