I'd like to test some basic containers functionality of a toolsuite. This would require unsharing the user namespace (unshare -U). This requires no capability, your kernel sysctl and apparmor policy allow it, but the default docker seccomp policy denies it.
Would it be possible to allow it?
Without this, I basically can't use pipelines for these tests, so will have to hook in my external jenkins.
Thanks for considering!