podman - Podman is a daemonless, open source, Linux native tool designed to make it easy to find, run, build, share and deploy applications using OCI Containers and Container Images. QEMU - A generic machine & userspace emulator and virtualizer. quickemu - Quickly create and run optimized ...
As rugk found out (thanks), themknodcapability is fixing the issue (but still I agree with the security caveat). $ podman run --rm -it collabora/code /usr/bin/coolforkit {"msg":"exec container process `/usr/bin/coolforkit`: Operation not permitted","level":"error","time":"2024-...