Just had the same problem (Ubuntu 22.04 on one PC, 24.04 on another), but I didn’t wish to disable the sandbox (that causes other problems for me):
Instead I did something similar as NixOS does for itself:
First the required packages:
sudo apt install binfmt-support qemu-user-static
The qemu-system-XXX and qemu-efi packages mentioned above are not necessary, those are intended for a full VM. Also note that the static version of this package is necessary and you should use that instead of the regular qemu-user (without -static) package as the non-static package is a nightmare to get working inside the sandbox.
Then add to /etc/nix/nix.conf the extra-platforms option as mentioned above. But in addition to that be sure to extend extra-sandbox-paths with /usr/libexec/qemu-binfmt and the absolute path of the symlink for every architecture you care about in that directory. This can be obtained with e.g.:
$ realpath /usr/libexec/qemu-binfmt/arm-binfmt-P
/usr/bin/qemu-arm-static
For me this leads to this snippet in /etc/nix/nix.conf:
extra-platforms = aarch64-linux armv7l-linux i686-linux
extra-sandbox-paths = /usr/libexec/qemu-binfmt /usr/bin/qemu-aarch64-static /usr/bin/qemu-aarch64-static /usr/bin/qemu-arm-static
Explanation: every single file mentioned directly and indirectly from the interpreter line in /proc/sys/fs/binfmt_misc/${your_binfmt_architecture} needs to be explicitly added to the sandbox’ permitted paths. This includes the full set of symlinks and final executable but also every used shared library (which is why static linked executables are preferred).