Enforce running dist test suite in CI when unprivileged

[Xanewok]

After #128 will be merged, we can run the dist test suite in a new user Linux namespace, effectively gaining capabilities to run bubblewrap but still isolated from the parent namespace.

It'd be good to test that against both our GHA and GitLab test suite.

• ~GHA seems to be blocked by not being able to write a mapping to gid_map~ (#128 was buggy, fixed in 67bfbee96318b66c88dc57e7516cd4b68acbf7b8)

Couldn't set up a build environment for bubblewrap: Failed writing to gid_map

• On GitLab we get operation not permitted when mounting overlayfs

Couldn't set up a build environment for bubblewrap: Failed to mount overlay FS: (...) Operation not permitted (os error 1)

This, however, will probably be mitigated once we either migrate to fuse-overlayfs or upgrade to kernel 5.15.x series (link)