That’s likely because of the switch to the snap.
The LXD snap maintains a mount namespace to keep things hidden away from the host. This improves performance by keeping the mount table shorter, avoids confusion for various pieces of userspace software and makes it more likely that we can cleanly shutdown and delete containers without there being some open file blocking things.
You can see the inside of the LXD mount namespace through /var/snap/lxd/common/mntns, so when things are mounted, you should see them inside /var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/custom/.
If I “cd” (with root user) into the path, it work:
cd /var/snap/lxd/common/mntns/var/snap/lxd/common/lxd/storage-pools/default/custom/vm647566/
sudo -u lxdroot mkdir test
ls test
test
The problem since to be the access on /proc/7040/root/ (symlink to /) :
root@cpu-5195:~# sudo -u lxdroot ls /proc/7040/root/
ls: cannot access ‘/proc/7040/root/’: Permission denied
root@cpu-5195:~# sudo -u lxdroot ls /proc/7040/
attr coredump_filter gid_map mountinfo oom_score schedstat status
autogroup cpuset io mounts oom_score_adj sessionid syscall
auxv cwd limits mountstats pagemap setgroups task
cgroup environ loginuid net personality smaps timers
clear_refs exe map_files ns projid_map stack timerslack_ns
cmdline fd maps numa_maps root stat uid_map
comm fdinfo mem oom_adj sched statm wchan
sudo -u lxdroot ls /
bin data etc initrd.img lib media opt root sbin srv tmp var vmlinuz.old
boot dev home initrd.img.old lib64 mnt proc run snap sys usr vmlinuz