fix(snix/build): Don't enable cgroup namespace in oci build.

While we want it long term, disabing it for now as it causes runc
startup failure when it runs inside nested cgroup namespaces.

Change-Id: I121f1d79c6a02e68e7883e0edeba7f57627c20ed
Reviewed-on: https://cl.snix.dev/c/snix/+/30236
Reviewed-by: Florian Klink <flokli@flokli.de>
Tested-by: besadii

snix/build/src/oci/spec.rs

@@ -172,7 +172,10 @@ fn configure_linux(
             LinuxNamespaceType::Ipc,
             LinuxNamespaceType::Uts,
             LinuxNamespaceType::Mount,
-            LinuxNamespaceType::Cgroup,
+            // We want to create a cgroup namespace in the future to be able to trace resource usage
+            // For now it's disabled as it causes issues in cases where the host machine is running in a
+            // messed up cgroup
+            // LinuxNamespaceType::Cgroup,
         ];
         if !allow_network {
             namespace_types.push(LinuxNamespaceType::Network)