tests/multi-server: run the kafka broker privileged

seccomp:unconfined + apparmor:unconfined wasn't enough to get
redpanda past seastar's reactor init on the self-hosted CI runners
(close() still failed with EINVAL on an internal fd).  Replace the
narrow security_opt overrides with `privileged: true`, which turns
off seccomp + AppArmor + capability bounding + /dev restrictions in
one go - the minimum that reliably starts the broker across DinD
runner configurations.  Test-only scope, compose-network-only
exposure.

Author: arr2036

src/tests/multi-server/environments/kafka.yml.j2

@@ -31,18 +31,11 @@ x-common-config: &id001
 services:
   kafka:
     image: docker.redpanda.com/redpandadata/redpanda:latest
-    # Redpanda's seastar reactor opens io_uring / eventfd / perf_event
-    # fds during startup; the default Docker seccomp AND AppArmor
-    # profiles on the self-hosted CI runners between them block enough
-    # of those that close() fails with EINVAL on a stale handle and the
-    # broker aborts during init.  (Local Docker Desktop's profiles are
-    # looser and don't hit this.)  Opting the kafka service out of both
-    # sandboxes unblocks CI without giving the broker any broader host
-    # access - it only talks to the two other containers on the compose
-    # network.
-    security_opt:
-    - seccomp:unconfined
-    - apparmor:unconfined
+    # Redpanda's seastar reactor aborts during init under the default
+    # Docker sandbox on self-hosted CI runners (close() EINVAL on an
+    # internal fd).  Run privileged so the broker starts reliably; it's
+    # only exposed on this compose network.
+    privileged: true
     # Override the default command to advertise the broker under its
     # compose service name.  Without this the broker tells clients to
     # reconnect at 127.0.0.1:9092 which only works when client and