Classic confinement request for cot

There has been some discussion on lifting this restriction and allowing the docker interface to be provided by the system snap (i.e. core or snapd snaps), which would allow using non-snap versions of docker. See Request for "classic" confinement for package Wilfred - #27 by jdstrand

Does podman also listen on the docker socket at the normal location? If so, then changing the docker interface to be implicit would satisfy this use case.

A potential solution for this to be able to work with strict confinement would be to just fail if the user is not in the docker group and print a message saying they should add themselves to the group or they should run cot with sudo.

This isn’t true, environment variables are still forwarded to snap apps.