Comment 4 for bug 1991141

so some potential low level interfaces you can try probing for more info.

   /sys/module/apparmor/parameters/enabled

with the aa-status reporting apparmor module is loaded. I expect you have access to this directory. Which means you can also check

  /sys/module/apparmor/parameters/mode

to verify the mode apparmor is in. In addition you still might be able to get access to

  /sys/kernel/security/lsm

which would indicate that securityfs is available in the container. You could then check

  /sys/kernel/security/apparmor/

which would indicate the apparmorfs interface is available in the container. If that is available you can try

  /sys/kernel/security/apparmor/policy/profiles/