Hadmut, AppArmor's stacking support was intended to allow supporting unmodified Ubuntu inside LXD containers. If you're feeling up for some experimentation, you could try to disable this feature by setting the kernel.unprivileged_userns_apparmor_policy sysctl to 0 early in a system boot, preferably before LXD starts. This should cause the attempts to set policy within LXDs to fail, and either the services will then refuse to start or they'll fall back to their old behaviour. (This reflects my lack of familiarity with LXD.)
I'll note that this is a wild guess; I'd feel more comfortable giving this advice on IRC than in a public bug tracker where it might do more harm than good. But I'm cautiously optimistic that this might give you a system you'd be happier using. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1654624 Title: dhcp apparmor profile complains about lxd client To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1654624/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs