diff --git a/.github/workflows/cli_release.yaml b/.github/workflows/cli_release.yaml
index aaa3bc935f6..e81f2e895f8 100644
--- a/.github/workflows/cli_release.yaml
+++ b/.github/workflows/cli_release.yaml
@@ -59,6 +59,7 @@ jobs:
         export TAG_NAME="${REF#*/tags/}"
         mkdir -p "artifacts/"
         export ARTIFACTS_DIR="$(realpath artifacts/)"
+        sysctl -w kernel.unprivileged_userns_clone=1
         ./ci/save_version_info.sh
         ./ci/cli_build_release.sh
     - name: Upload Github Artifacts
diff --git a/ci/cli_build_release.sh b/ci/cli_build_release.sh
index 3fe43d7ed0a..e19660eda8d 100755
--- a/ci/cli_build_release.sh
+++ b/ci/cli_build_release.sh
@@ -53,11 +53,7 @@ bazel run -c opt --config=stamp //src/pixie_cli:push_px_image
 
 if [[ ! "$release_tag" == *"-"* ]]; then
   # Create rpm package.
-
-  # podman package depends on golang-github-containers-common, which
-  # provides the following seccomp profile.
   podman run -i --rm \
-    --security-opt seccomp=/usr/share/containers/seccomp.json \
     -v "${binary_dir}:/src/" \
     -v "$(pwd):/image" \
     docker.io/cdrx/fpm-fedora:24 \
@@ -73,7 +69,6 @@ if [[ ! "$release_tag" == *"-"* ]]; then
 
   # Create deb package.
   podman run -i --rm \
-    --security-opt seccomp=/usr/share/containers/seccomp.json \
     -v "${binary_dir}:/src/" \
     -v "$(pwd):/image" \
     docker.io/cdrx/fpm-ubuntu:18.04 \