Add system_server to net_admin group

This allows system_server to search/read skfilter BPF programs. Skfilter
BPF programs status were previously dumped by Netd. In Android T, the
related code are mainlined and dumped by system_server process.
system_server needs to be in net_admin group so that it can read program
status.

$ adb root; adb shell ls -l /sys/fs/bpf/
-r--r----- 1 root net_admin ... prog_netd_skfilter_allowlist_xtbpf
-r--r----- 1 root net_admin ... prog_netd_skfilter_denylist_xtbpf
-r--r----- 1 root net_admin ... prog_netd_skfilter_egress_xtbpf
-r--r----- 1 root net_admin ... prog_netd_skfilter_ingress_xtbpf

Bug: 202086915
Test: test in Ib0e935ee2b714ac61daceba6d13fa7a20f97f68f
Change-Id: I8c48230a5da6873eee7d0ba183cb83e1d92cd8f6

core/java/com/android/internal/os/ZygoteInit.java

@@ -713,7 +713,7 @@ public class ZygoteInit {
                 "--setuid=1000",
                 "--setgid=1000",
                 "--setgroups=1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1018,1021,1023,"
-                        + "1024,1032,1065,3001,3002,3003,3006,3007,3009,3010,3011,3012",
+                        + "1024,1032,1065,3001,3002,3003,3005,3006,3007,3009,3010,3011,3012",
                 "--capabilities=" + capabilities + "," + capabilities,
                 "--nice-name=system_server",
                 "--runtime-args",