@gtronix I recently stumbled upon this as well in the context of #bitbake which also unshares to isolate tasks from each other (that's a security feature), which broke on #ubuntu 24.04. My fix was similar to what now is claimed as exploit (I'm using a more suitable profile though). The whole thing is just not thought through by Canonical.
https://github.com/siemens/kas/commit/a4055b04f735c58e55e740a984a53c0ac5b8c1f5#diff-b016dfce94047f5de14fc635f7fdf1da479f731263dac20c5ab946b5854c2de7R145
kas-container: add support for Ubuntu 24.04 hosts · siemens/kas@a4055b0
On Ubuntu 24.04 the default apparmor profile restricts unprivileged user
namespaces. This breaks the bitbake execution, as bitbake uses this
mechanism for network and uid isolation, resulting in th...
Felix Moessbauer