Comment 30 for bug 2017980

This is a new feature* in Mantic (23.10) and is working as intended. It is unfortunate that applications like chrome are not handling the failed syscall in a graceful manner but application error handling, especially for applications outside of the archive, is beyond our control.

Unprivileged user namespaces going forward will be restricted as they are a security issue. They been used as part of the exploit chain in most privilege escalation attacks against Ubuntu over the last several years.

There are several workarounds available, and it is possible to disable locally if a user so desires. For more information please see the Mantic release notes https://discourse.ubuntu.com/t/mantic-minotaur-release-notes/35534

* This is actually available in Lunar (23.04) but is disabled by default and must be manually enabled with the sysctl.