Native OverlayFS in unprivileged container

Hello,
I am trying to use native OverlayFS with Podman in an unprivileged Incus container. The instance options I have currently set are:

security.nesting: "true"
security.syscalls.intercept.mknod: "true"
security.syscalls.intercept.setxattr: "true"

With them it is only possible to run OverlayFS with FUSE. When I set security.privileged: "true", I can use native OverlayFS without any problems.

I am using the container with the dir storage driver on ext4.

Is there a safe way to accomplish native OverlayFS without running privileged containers?

Thanks

Maybe it’s AppArmor? You can try this command inside container:

sudo sed -i s/lxd/incus/g /lib/apparmor/rc.apparmor.functions

Thanks for your reply, sadly your suggested solution did not work.
But because I had some other problems with Incus on Ubuntu 22.04 with the stock Ubuntu kernel, I reinstalled my host system with Debian 12 and the Zabbly kernel and it works now. I used the same instance options I had before. It probably had to do something with AppArmor on the host system.