test container: Add DAC_READ_SEARCH capability

SSSD 2.10+ runs under non-privileged user 'sssd' and relies on system
capabilities to get access to certain resources like /etc/krb5.keytab.
Not having these capabilities result in SSSD not starting.

Podman has reduced the capabilities granted to containers, and to be
able to start SSSD it is needed to add DAC_READ_SEARCH back.

This patch adds file infra/images/shdefaults to store the defaults used
by ansible-freeipa shell utilities in a contral location.

See:  https://github.com/containers/podman/discussions/24904#discussioncomment-11718823



Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>