Raw.lxc load error on Ubuntu VM ... same loads fine on Ubuntu PC

I using following setup for profile on my Ubuntu machine and it works fine.
But, it failed loading profile on Ubuntu VM which I am guessing may have virtualization reasons for it. UFW is disabled/inactive for both machines.
*****************************************************
raw.lxc: |-
lxc.apparmor.profile = unconfined
lxc.cgroup.devices.allow = a
lxc.mount.auto=proc:rw sys:rw cgroup:rw
lxc.cap.drop =
*****************************************************
After trial and error, I found that commenting “lxc.apparmor.profile = unconfined”, fixes the issue on Ubuntu VM.

But I am not sure what the future consequences might be of disabling that option. Thoughts?

Try using lxc.aa_profile instead, that’s the old name for that configuration option and the one you should use if you’re on the older 2.0.x liblxc

Works well now with updated parameter. Thanks.

Forgot to mention I am using LXC/LXD 2.21 … upgraded it using artful backports. Is there any other process I have to go through after upgrade. I recall apparmor worked earlier (v2.19).

The image I am packaging is Ubuntu 16.04.

If you use one of the official Ubuntu Linux kernels, then AppArmor should work fine for LXD and you would not need to set lxd.aa_profile. Do you compile your own kernel?

No. i don’t. That was @20 years back. I have been off Linux for @10 years :slight_smile: