Fix for backends which doesn't support capsicum.

Not all libpcap backends use the BPF compatible set
of IOCTLs. For example the mlx5 backend uses libibverbs
which is currently not capsicum compatible.

Disable sandboxing for such backends.

MFC after:		3 days
Discussed with:		emaste@
Approved by:		re (kib)
Sponsored by:		Mellanox Technologies

contrib/tcpdump/tcpdump.c

@@ -2069,6 +2069,9 @@ main(int argc, char **argv)
 #else
 	cansandbox = (cansandbox && ndo->ndo_nflag);
 #endif	/* HAVE_CASPER */
+	cansandbox = (cansandbox && (pcap_fileno(pd) != -1 ||
+	    RFileName != NULL));
+
 	if (cansandbox && cap_enter() < 0 && errno != ENOSYS)
 		error("unable to enter the capability mode");
 #endif	/* HAVE_CAPSICUM */