Binfmt_misc: Permission denied

I’m trying to run docker with qemu-user-static in an lxd container. My build environment (google coral board, mendel linux) requests qemu-user-static with Docker for some cross-compilation tasks.

Docker complains that it can’t access /proc/sys/fs/binfmt_misc.

$ docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
find: /proc/sys/fs/binfmt_misc: Permission denied

I’ve found that an apparmor policy is in place for my container (called ‘mendel’)

sudo vi /var/snap/lxd/common/lxd/security/apparmor/profiles/lxd-mendel
(...)
  # Handle binfmt
  mount fstype=binfmt_misc -> /proc/sys/fs/binfmt_misc/,
  deny /proc/sys/fs/binfmt_misc/{,**} rwklx,
(...)

Note: ‘mendel’ is configured to run nesting and privileged.

  security.nesting: "true"
  security.privileged: "true"

Also, I tried the workaround here but it didn’t work.

I can of course run docker in a virtualized environment instead, such LXD with VM support, but in this case the price I pay would be the compilation speed, I’d rather prefer a container solution for my build environment.

Any suggestions/recommendations?