I don’t think there is a better option to add just dac_override at present.
It might be worth filing a bug report with upstream explaining the problem you ran into, to see if there is a reason for what they’re doing. If there isn’t, perhaps it can be fixed.
With all that said, perhaps this is the kind of service where classic confinement would be appropriate. The purpose of the agent is to run arbitrary commands on a VM that is part of a larger cluster. It’s not clear any collection of interfaces is going to describe everything a user might want to use the tool for. We’ve granted classic confinement to other similar tools (e.g. slurm). This would have its own approval/vetting process, but might be the right option for something like this.