Consumer namespaces isolate person and group ID range spaces. This enables a course of action to have root privileges within a namespace without having owning them exterior. The IPC namespace is just not relevant to many use scenarios, but it is enabled by default on container runtimes to supply isolation https://bibisoutherncontainers.com/shop-2/
