revert to container

Signed-off-by: Hi120ki <12624257+hi120ki@users.noreply.github.com>

rules/falco_rules.yaml

@@ -3222,8 +3222,7 @@
 - rule: Read environment variable from /proc files
   desc: An attempt to read process environment variables from /proc files
   condition: >
-    open_read and (fd.name glob /proc/*/environ)
-    and not proc.name in (systemctl, systemd-detect-, cloud-id, systemd-sysctl)
+    container and open_read and (fd.name glob /proc/*/environ)
   enabled: true
   output: >
     Environment variables were retrieved from /proc files (user=%user.name user_loginuid=%user.loginuid program=%proc.name