Package: liblxc-common
Version: 1:6.0.3-2
Severity: normal

I'm seeing the following error message when booting.

Starting System container and VM manager: incusAppArmor parser error for /etc/apparmor.d/lxc-containers in profile /etc/apparmor.d/abstractions/lxc/start-container at line 1: syntax error, unexpected TOK_END_OF_RULE, expecting TOK_MODE

Installing incus pulls in incus-base and eventually liblxc-common.
The package liblxc-common it installs:
/etc/apparmor.d/abstractions
/etc/apparmor.d/abstractions/lxc /etc/apparmor.d/abstractions/lxc/container-base /etc/apparmor.d/abstractions/lxc/start-container
/etc/apparmor.d/lxc
/etc/apparmor.d/lxc/lxc-default
/etc/apparmor.d/lxc/lxc-default-cgns /etc/apparmor.d/lxc/lxc-default-with-mounting /etc/apparmor.d/lxc/lxc-default-with-nesting
/etc/apparmor.d/lxc-containers
/etc/apparmor.d/usr.bin.lxc-copy
/etc/apparmor.d/usr.bin.lxc-start

There are two problems:
1) the app apparmor configuration for lxc-containers is broken
2) apparmor configuration for lxc is not needed for incus

Kind regards,
Duncan Webb

-- System Information:
Debian Release: trixie/sid
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-32-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: runit (via /run/runit.stopit)
LSM: AppArmor: enabled

Versions of packages liblxc-common depends on:
ii libapparmor1 4.1.0~beta5-4
ii libc6 2.40-6
ii libcap2 1:2.66-4
ii libdbus-1-3 1.14.10-1~deb12u1devuan1
ii libgcc-s1 14.2.0-17
ii liblxc1t64 1:6.0.3-2
ii libseccomp2 2.5.4-1+deb12u1
ii libselinux1 3.4-1+b6

liblxc-common recommends no packages.

liblxc-common suggests no packages.

-- Configuration Files:
/etc/apparmor.d/abstractions/lxc/container-base [Errno 2] No such file or directory: '/etc/apparmor.d/abstractions/lxc/container-base'
/etc/apparmor.d/abstractions/lxc/start-container [Errno 2] No such file or directory: '/etc/apparmor.d/abstractions/lxc/start-container'
/etc/apparmor.d/lxc-containers [Errno 2] No such file or directory: '/etc/apparmor.d/lxc-containers'
/etc/apparmor.d/lxc/lxc-default [Errno 2] No such file or directory: '/etc/apparmor.d/lxc/lxc-default'
/etc/apparmor.d/lxc/lxc-default-cgns [Errno 2] No such file or directory: '/etc/apparmor.d/lxc/lxc-default-cgns'
/etc/apparmor.d/lxc/lxc-default-with-mounting [Errno 2] No such file or directory: '/etc/apparmor.d/lxc/lxc-default-with-mounting'
/etc/apparmor.d/lxc/lxc-default-with-nesting [Errno 2] No such file or directory: '/etc/apparmor.d/lxc/lxc-default-with-nesting'
/etc/apparmor.d/usr.bin.lxc-copy [Errno 2] No such file or directory: '/etc/apparmor.d/usr.bin.lxc-copy'
/etc/apparmor.d/usr.bin.lxc-start [Errno 2] No such file or directory: '/etc/apparmor.d/usr.bin.lxc-start'

-- no debconf information

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi Mathias,

Sorry that you could not reproduce the problem. I was building ffmpeg
with avisynth and BlackMagic support and need some trixie packages. The
goal was a stable base system with just the testing packages that were
needed.

What I was thinking is that the apparmor rules belong to with the
binaries rather than in a common package. The common package is being
pulled in when installing incus so you are getting redundant apparmor
rules for binaries that don't exist.

Kind regards,
Duncan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)