Comment 4 for bug 1654624

Removing the LXD task, this is yet another apparmor bug from the apparmor stacking/namespacing change which was backported to Xenial.

Basically, dhclient is now being confined by apparmor inside the container, unfortunately, apparmor doesn't behave in the exact same way when it's interpreting a profile as part of a stack vs as the single profile in the stack (on the host).

We've seen a number of file_perm and related issue show up, typically related to permissions to access the failing binary itself. Though in this case, the path does seem a bit weirder?

Anyway, not a LXD bug but an apparmor one. I'm sure John will have an idea of what's going on here :)