I agree that there can't be a Restriction for every config under the sun. I'm thinking more like Ian, where there can be some useful chunks with a finer grain than "needs isolation".
I think that autopkgtest will never work well for a lot of packages with such a inflexible system for specifying requirements. What if autopkgtest took a more "user generated" approach like gitlab CI runners? That means that anyone can create tags/labels for runners, and jobs can specify any label that they require. Then it is up to the people implementing the jobs/runners to make sure that they work. We can learn a lot from the various CI services out there (GitLab, Travis, Circle, etc). They are all based on containers, and they generally put few restrictions on what can be done in the containers. Containers are really well suited for CI builds since they provide an easy system for building up throwaway environments. As for the binfmt_misc module discussion, I know nothing about how that works. If you can fix this issue in the kernel, fine by me.
