Also on Arch, for the record I see some of the denials even without installing anything under LXD, simply launching a container is enough:

sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.310:1706): apparmor="DENIED" operation="file_inherit" class="net" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="/snap/snapd/20671/usr/lib/snapd/snap-confine" pid=3225810 comm="snap-confine" family="netlink" sock_type=
"raw" protocol=15 requested_mask="send receive" denied_mask="send receive"                                                                                                                                                                                                                                                     
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.320:1707): apparmor="DENIED" operation="file_inherit" class="file" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="snap-update-ns.lxd" name="/apparmor/.null" pid=3225828 comm="6" requested_mask="wr" denied_mask="wr" fsu
id=1000000 ouid=0                                                                                                                                                                                                                                                                                                              
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.457:1708): apparmor="DENIED" operation="file_inherit" class="file" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="snap.lxd.hook.install" name="/apparmor/.null" pid=3225810 comm="snap-exec" requested_mask="wr" denied_ma
sk="wr" fsuid=1000000 ouid=0
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.820:1709): apparmor="DENIED" operation="file_inherit" class="net" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="/snap/snapd/20671/usr/lib/snapd/snap-confine" pid=3225872 comm="snap-confine" family="unix" sock_type="st
ream" protocol=0 requested_mask="send receive" denied_mask="send receive"
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.820:1710): apparmor="DENIED" operation="file_inherit" class="net" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="/snap/snapd/20671/usr/lib/snapd/snap-confine" pid=3225872 comm="snap-confine" family="unix" sock_type="st
ream" protocol=0 requested_mask="send receive" denied_mask="send receive"
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.820:1711): apparmor="DENIED" operation="file_inherit" class="file" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="snap.lxd.activate" name="/apparmor/.null" pid=3225872 comm="snap-exec" requested_mask="wr" denied_mask="
wr" fsuid=1000000 ouid=0
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.820:1712): apparmor="DENIED" operation="file_inherit" class="file" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="snap.lxd.activate" name="/apparmor/.null" pid=3225872 comm="snap-exec" requested_mask="wr" denied_mask="
wr" fsuid=1000000 ouid=0
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.830:1713): apparmor="DENIED" operation="file_inherit" class="file" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="/snap/snapd/20671/usr/lib/snapd/snap-confine" name="/apparmor/.null" pid=3225872 comm="aa-exec" requeste
d_mask="wr" denied_mask="wr" fsuid=1000000 ouid=0
sty 26 09:03:27 galeon kernel: audit: type=1400 audit(1706256207.830:1714): apparmor="DENIED" operation="file_inherit" class="file" namespace="root//lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>" profile="/snap/snapd/20671/usr/lib/snapd/snap-confine" name="/apparmor/.null" pid=3225872 comm="aa-exec" requeste
d_mask="wr" denied_mask="wr" fsuid=1000000 ouid=0
sty 26 09:03:28 galeon kernel: audit: type=1400 audit(1706256208.027:1715): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" label="lxd-snapcraft_classic-meerkat_</var/snap/lxd/common/lxd>//&:lxd-snapcraft_classic-meerkat_<var-snap-lxd-common-lxd>:unconfined" name="/snap/snapd/206
71/usr/lib/snapd/snap-confine" pid=3225947 comm="apparmor_parser"

Looking at the apparmor namespace, I'd say this is triggered by processes executing already inside the container. AFAIU the image (say ubuntu:22.04) contains a seed which installs lxd inside and so there may be hooks and services of lxd being run inside the container.