Replace nsenter with reexec

[apostasie]

What is the problem you're trying to solve

We currently depend on the nsenter binary.

Although working, this is problematic for a couple of reasons:

• different distro (busybox) may have different syntax
• different versions may or may not support different flags
• nsenter is a bit of a blackbox, and it is not trivial to figure out what happens when you pass -w vs. -W for example

Linking ticket #3385 for example.

Describe the solution you'd like

An alternative solution would be to reexec instead, possibly leveraging docker reexec package.

This is certainly a somewhat complex endeavor, and definitely impactful from a security standpoint. It has to be done right.

Additional context

No response