Hi, I am trying to set /sys to rw, I created a profile nsmount and added to it:
printf ‘lxc.apparmor.profile=unconfined\nlxc.mount.auto=proc:rw sys:rw’ | lxc profile set nsmount raw.lxc -

The whole thing looks like that, I applied it to the container using assign:

lxc profile show nsmount

name: nsmount
description: “”
config:
raw.lxc: |-
lxc.apparmor.profile=unconfined
lxc.mount.auto=proc:rw sys:rw
security.nesting: “1”
devices:
fuse:
path: /dev/fuse
type: unix-char
loop0:
path: /dev/loop0
type: unix-block
used_by:

• /1.0/instances/mycontainer

Then after container restart I get:

echo Y > /sys/module/fuse/parameters/userns_mounts

bash: /sys/module/fuse/parameters/userns_mounts: Permission denied

Same occurs when I do: lxc profile set nsmount raw.lxc lxc.mount.auto=“proc:rw sys:rw”

But when I do only: lxc profile set nsmount raw.lxc lxc.apparmor.profile=unconfined

echo Y > /sys/module/fuse/parameters/userns_mounts

bash: /sys/module/fuse/parameters/userns_mounts: Read-only file system

Looks like both of these options together do not work.