In my disco container they really start without apparmor isolation nowadays. After startign a guest with uvtool I checked what was auto-labelled.
Classic: <seclabel type='dynamic' model='apparmor' relabel='yes'> <label>libvirt-6400c017-06af-4ef4-a483-93380dae261c</label> <imagelabel>libvirt-6400c017-06af-4ef4-a483-93380dae261c</imagelabel> </seclabel> <seclabel type='dynamic' model='dac' relabel='yes'> <label>+64055:+115</label> <imagelabel>+64055:+115</imagelabel> </seclabel>
Disco: <seclabel type='dynamic' model='dac' relabel='yes'> <label>+64055:+108</label> <imagelabel>+64055:+108</imagelabel> </seclabel>
In my disco container they really start without apparmor isolation nowadays.
After startign a guest with uvtool I checked what was auto-labelled.
Classic: libvirt- 6400c017- 06af-4ef4- a483-93380dae26 1c</label> >libvirt- 6400c017- 06af-4ef4- a483-93380dae26 1c</imagelabel> +64055: +115</label> >+64055: +115</imagelabe l>
<seclabel type='dynamic' model='apparmor' relabel='yes'>
<label>
<imagelabel
</seclabel>
<seclabel type='dynamic' model='dac' relabel='yes'>
<label>
<imagelabel
</seclabel>
Disco: +64055: +108</label> >+64055: +108</imagelabe l>
<seclabel type='dynamic' model='dac' relabel='yes'>
<label>
<imagelabel
</seclabel>