This looks to be caused by incus using change_profile to change confinement. AppArmor is allowing this but only to a point creating a stack of the incus policy and unconfined. We will need to investigate the specifics of exactly what is going on here. But in the mean time you should be able to work around this by disabling the apparmor_unconfined_restriction. Using
sudo sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=0 you can read more about it at https://gitlab.com/apparmor/apparmor/-/wikis/unprivileged_unconfined_restriction -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2109394 Title: AppArmor breaks Incus containers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2109394/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
