This is not exactly what you want, but did you consider changing the
uid
used in the container?
so, we run images that are supported and built by the vendor, who recommend against this
(ticket:
https://bugzilla.redhat.com/show_bug.cgi?id=1565929#c12).
maybe tools like top should not try to resolve user names for processes running within a
user namespace to start with.
I poke around and it should nevertheless be quite straightforward (for a prototype at
least) to filter users by uid with something like
https://github.com/freedge/sssd/commit/576340edf8e041bd1a17da52880fe84695...
Thank you!