Whilst 'lxc.apparmor.profile: unconfined' appears the only way to keep unprivileged lxc guests with systemd v240 alive it defeats the purpose of AppArmor.
Notwithstanding, the tail riding on this bug
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1813622 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=030919ba5e4931d6ee576d0259fae67fe4ed9770
Whilst 'lxc.apparmor. profile: unconfined' appears the only way to keep unprivileged lxc guests with systemd v240 alive it defeats the purpose of AppArmor.
Notwithstanding, the tail riding on this bug
https:/ /bugs.launchpad .net/ubuntu/ +source/ systemd/ +bug/1813622 /git.launchpad. net/~ubuntu- core-dev/ ubuntu/ +source/ systemd/ commit/ ?id=030919ba5e4 931d6ee576d0259 fae67fe4ed9770
https:/