Bad case:

$ ./repro.sh bad
+ '[' bad == bad ']'
+ echo 'Bad case: Using apparmor from proposed'
Bad case: Using apparmor from proposed
+ BADCASE=1
+ lxc stop --force testguest-apparmor-bad
+ lxc delete --force testguest-apparmor-bad
+ lxc launch ubuntu-daily:groovy/amd64 testguest-apparmor-bad --profile default --profile kvm
Creating testguest-apparmor-bad
Starting testguest-apparmor-bad
+ sleep 30s
+ lxc exec testguest-apparmor-bad runlevel
N 5
+ lxc exec testguest-apparmor-bad -- bash -c 'H=`cat /etc/hostname`; if [ -f /var/lib/cloud/instance/boot-finished ]; then echo "LXD container $H ready"; else echo "LXD container $H not ready yet"; exit 2; fi'
LXD container testguest-apparmor-bad ready
+ lxc exec testguest-apparmor-bad --env DEBIAN_FRONTEND=noninteractive -- bash -c 'apt-get --allow-unauthenticated --assume-yes -o Dpkg::Options::='\''--force-confdef'\'' -o Dpkg::Options::='\''--force-confold'\'' install apparmor-utils'
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following package was automatically installed and is no longer required:
  libfreetype6
Use 'apt autoremove' to remove it.
The following additional packages will be installed:
  python3-apparmor python3-libapparmor
Suggested packages:
  vim-addon-manager
The following NEW packages will be installed:
  apparmor-utils python3-apparmor python3-libapparmor
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 157 kB of archives.
After this operation, 966 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu groovy/main amd64 python3-libapparmor amd64 2.13.3-7ubuntu6 [26.7 kB]
Get:2 http://archive.ubuntu.com/ubuntu groovy/main amd64 python3-apparmor amd64 2.13.3-7ubuntu6 [78.6 kB]
Get:3 http://archive.ubuntu.com/ubuntu groovy/main amd64 apparmor-utils amd64 2.13.3-7ubuntu6 [51.4 kB]
Fetched 157 kB in 0s (385 kB/s)           
Selecting previously unselected package python3-libapparmor.
(Reading database ... 31714 files and directories currently installed.)
Preparing to unpack .../python3-libapparmor_2.13.3-7ubuntu6_amd64.deb ...
Unpacking python3-libapparmor (2.13.3-7ubuntu6) ...
Selecting previously unselected package python3-apparmor.
Preparing to unpack .../python3-apparmor_2.13.3-7ubuntu6_amd64.deb ...
Unpacking python3-apparmor (2.13.3-7ubuntu6) ...
Selecting previously unselected package apparmor-utils.
Preparing to unpack .../apparmor-utils_2.13.3-7ubuntu6_amd64.deb ...
Unpacking apparmor-utils (2.13.3-7ubuntu6) ...
Setting up python3-libapparmor (2.13.3-7ubuntu6) ...
Setting up python3-apparmor (2.13.3-7ubuntu6) ...
Setting up apparmor-utils (2.13.3-7ubuntu6) ...
Processing triggers for man-db (2.9.3-2) ...
+ lxc exec testguest-apparmor-bad -- aa-status
apparmor module is loaded.
28 profiles are loaded.
28 profiles are in enforce mode.
   /snap/snapd/9279/usr/lib/snapd/snap-confine
   /snap/snapd/9279/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /usr/bin/man
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper
   /usr/lib/connman/scripts/dhclient-script
   /usr/lib/snapd/snap-confine
   /usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /{,usr/}sbin/dhclient
   lsb_release
   man_filter
   man_groff
   nvidia_modprobe
   nvidia_modprobe//kmod
   snap-update-ns.lxd
   snap.lxd.activate
   snap.lxd.benchmark
   snap.lxd.buginfo
   snap.lxd.check-kernel
   snap.lxd.daemon
   snap.lxd.hook.configure
   snap.lxd.hook.install
   snap.lxd.hook.remove
   snap.lxd.lxc
   snap.lxd.lxc-to-lxd
   snap.lxd.lxd
   snap.lxd.migrate
   tcpdump
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
+ '[' 1 -eq 1 ']'
+ lxc exec testguest-apparmor-bad -- bash -c 'echo '\''deb http://archive.ubuntu.com/ubuntu/ groovy-proposed restricted main multiverse universe'\'' >> /etc/apt/sources.list'
+ lxc exec testguest-apparmor-bad --env DEBIAN_FRONTEND=noninteractive -- bash -c 'apt-get --allow-unauthenticated --assume-yes -o Dpkg::Options::='\''--force-confdef'\'' -o Dpkg::Options::='\''--force-confold'\'' update'
Hit:1 http://security.ubuntu.com/ubuntu groovy-security InRelease
Get:2 http://archive.ubuntu.com/ubuntu groovy InRelease [267 kB]
Get:3 http://security.ubuntu.com/ubuntu groovy-security/universe amd64 c-n-f Metadata [116 B]
Get:4 http://security.ubuntu.com/ubuntu groovy-security/multiverse amd64 c-n-f Metadata [116 B]
Hit:5 http://archive.ubuntu.com/ubuntu groovy-updates InRelease
Get:6 http://archive.ubuntu.com/ubuntu groovy-backports InRelease [89.2 kB]
Get:7 http://archive.ubuntu.com/ubuntu groovy-proposed InRelease [118 kB]
Get:8 http://archive.ubuntu.com/ubuntu groovy/main amd64 Packages [969 kB]
Get:9 http://archive.ubuntu.com/ubuntu groovy/main Translation-en [507 kB]
Get:10 http://archive.ubuntu.com/ubuntu groovy/main amd64 c-n-f Metadata [29.4 kB]
Get:11 http://archive.ubuntu.com/ubuntu groovy/universe amd64 Packages [8842 kB]
Get:12 http://archive.ubuntu.com/ubuntu groovy/universe Translation-en [5263 kB]
Get:13 http://archive.ubuntu.com/ubuntu groovy/universe amd64 c-n-f Metadata [271 kB]
Get:14 http://archive.ubuntu.com/ubuntu groovy/multiverse amd64 Packages [147 kB]
Get:15 http://archive.ubuntu.com/ubuntu groovy/multiverse Translation-en [106 kB]
Get:16 http://archive.ubuntu.com/ubuntu groovy/multiverse amd64 c-n-f Metadata [9284 B]
Get:17 http://archive.ubuntu.com/ubuntu groovy-updates/universe amd64 c-n-f Metadata [112 B]
Get:18 http://archive.ubuntu.com/ubuntu groovy-updates/multiverse amd64 c-n-f Metadata [116 B]
Get:19 http://archive.ubuntu.com/ubuntu groovy-backports/main amd64 c-n-f Metadata [112 B]
Get:20 http://archive.ubuntu.com/ubuntu groovy-backports/restricted amd64 c-n-f Metadata [116 B]
Get:21 http://archive.ubuntu.com/ubuntu groovy-backports/universe amd64 c-n-f Metadata [116 B]
Get:22 http://archive.ubuntu.com/ubuntu groovy-backports/multiverse amd64 c-n-f Metadata [116 B]
Get:23 http://archive.ubuntu.com/ubuntu groovy-proposed/restricted amd64 Packages [12.5 kB]
Get:24 http://archive.ubuntu.com/ubuntu groovy-proposed/restricted Translation-en [3332 B]
Get:25 http://archive.ubuntu.com/ubuntu groovy-proposed/restricted amd64 c-n-f Metadata [116 B]
Get:26 http://archive.ubuntu.com/ubuntu groovy-proposed/main amd64 Packages [57.9 kB]
Get:27 http://archive.ubuntu.com/ubuntu groovy-proposed/main Translation-en [23.7 kB]
Get:28 http://archive.ubuntu.com/ubuntu groovy-proposed/main amd64 c-n-f Metadata [2612 B]
Get:29 http://archive.ubuntu.com/ubuntu groovy-proposed/multiverse amd64 Packages [2752 B]
Get:30 http://archive.ubuntu.com/ubuntu groovy-proposed/multiverse Translation-en [5316 B]
Get:31 http://archive.ubuntu.com/ubuntu groovy-proposed/multiverse amd64 c-n-f Metadata [412 B]
Get:32 http://archive.ubuntu.com/ubuntu groovy-proposed/universe amd64 Packages [148 kB]
Get:33 http://archive.ubuntu.com/ubuntu groovy-proposed/universe Translation-en [130 kB]
Get:34 http://archive.ubuntu.com/ubuntu groovy-proposed/universe amd64 c-n-f Metadata [7308 B]
Fetched 17.0 MB in 4s (3789 kB/s) 
Reading package lists... Done
+ lxc exec testguest-apparmor-bad --env DEBIAN_FRONTEND=noninteractive -- bash -c 'apt-get --allow-unauthenticated --assume-yes -o Dpkg::Options::='\''--force-confdef'\'' -o Dpkg::Options::='\''--force-confold'\'' install apparmor'
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following package was automatically installed and is no longer required:
  libfreetype6
Use 'apt autoremove' to remove it.
Suggested packages:
  apparmor-profiles-extra
The following packages will be upgraded:
  apparmor
1 upgraded, 0 newly installed, 0 to remove and 37 not upgraded.
Need to get 528 kB of archives.
After this operation, 111 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu groovy-proposed/main amd64 apparmor amd64 3.0.0~beta1-0ubuntu5 [528 kB]
Fetched 528 kB in 1s (563 kB/s)   
Preconfiguring packages ...
(Reading database ... 31792 files and directories currently installed.)
Preparing to unpack .../apparmor_3.0.0~beta1-0ubuntu5_amd64.deb ...
Unpacking apparmor (3.0.0~beta1-0ubuntu5) over (2.13.3-7ubuntu6) ...
Setting up apparmor (3.0.0~beta1-0ubuntu5) ...
Installing new version of config file /etc/apparmor.d/abstractions/X ...
Installing new version of config file /etc/apparmor.d/abstractions/apache2-common ...
Installing new version of config file /etc/apparmor.d/abstractions/apparmor_api/change_profile ...
Installing new version of config file /etc/apparmor.d/abstractions/apparmor_api/examine ...
Installing new version of config file /etc/apparmor.d/abstractions/apparmor_api/find_mountpoint ...
Installing new version of config file /etc/apparmor.d/abstractions/apparmor_api/introspect ...
Installing new version of config file /etc/apparmor.d/abstractions/apparmor_api/is_enabled ...
Installing new version of config file /etc/apparmor.d/abstractions/aspell ...
Installing new version of config file /etc/apparmor.d/abstractions/audio ...
Installing new version of config file /etc/apparmor.d/abstractions/authentication ...
Installing new version of config file /etc/apparmor.d/abstractions/base ...
Installing new version of config file /etc/apparmor.d/abstractions/bash ...
Installing new version of config file /etc/apparmor.d/abstractions/consoles ...
Installing new version of config file /etc/apparmor.d/abstractions/cups-client ...
Installing new version of config file /etc/apparmor.d/abstractions/dbus ...
Installing new version of config file /etc/apparmor.d/abstractions/dbus-accessibility ...
Installing new version of config file /etc/apparmor.d/abstractions/dbus-accessibility-strict ...
Installing new version of config file /etc/apparmor.d/abstractions/dbus-session ...
Installing new version of config file /etc/apparmor.d/abstractions/dbus-session-strict ...
Installing new version of config file /etc/apparmor.d/abstractions/dbus-strict ...
Installing new version of config file /etc/apparmor.d/abstractions/dconf ...
Installing new version of config file /etc/apparmor.d/abstractions/dovecot-common ...
Installing new version of config file /etc/apparmor.d/abstractions/dri-common ...
Installing new version of config file /etc/apparmor.d/abstractions/dri-enumerate ...
Installing new version of config file /etc/apparmor.d/abstractions/enchant ...
Installing new version of config file /etc/apparmor.d/abstractions/fcitx ...
Installing new version of config file /etc/apparmor.d/abstractions/fcitx-strict ...
Installing new version of config file /etc/apparmor.d/abstractions/fonts ...
Installing new version of config file /etc/apparmor.d/abstractions/freedesktop.org ...
Installing new version of config file /etc/apparmor.d/abstractions/gnome ...
Installing new version of config file /etc/apparmor.d/abstractions/gnupg ...
Installing new version of config file /etc/apparmor.d/abstractions/ibus ...
Installing new version of config file /etc/apparmor.d/abstractions/kde ...
Installing new version of config file /etc/apparmor.d/abstractions/kde-globals-write ...
Installing new version of config file /etc/apparmor.d/abstractions/kde-icon-cache-write ...
Installing new version of config file /etc/apparmor.d/abstractions/kde-language-write ...
Installing new version of config file /etc/apparmor.d/abstractions/kerberosclient ...
Installing new version of config file /etc/apparmor.d/abstractions/ldapclient ...
Installing new version of config file /etc/apparmor.d/abstractions/libpam-systemd ...
Installing new version of config file /etc/apparmor.d/abstractions/likewise ...
Installing new version of config file /etc/apparmor.d/abstractions/mdns ...
Installing new version of config file /etc/apparmor.d/abstractions/mesa ...
Installing new version of config file /etc/apparmor.d/abstractions/mir ...
Installing new version of config file /etc/apparmor.d/abstractions/mozc ...
Installing new version of config file /etc/apparmor.d/abstractions/mysql ...
Installing new version of config file /etc/apparmor.d/abstractions/nameservice ...
Installing new version of config file /etc/apparmor.d/abstractions/nis ...
Installing new version of config file /etc/apparmor.d/abstractions/nvidia ...
Installing new version of config file /etc/apparmor.d/abstractions/opencl ...
Installing new version of config file /etc/apparmor.d/abstractions/opencl-common ...
Installing new version of config file /etc/apparmor.d/abstractions/opencl-intel ...
Installing new version of config file /etc/apparmor.d/abstractions/opencl-mesa ...
Installing new version of config file /etc/apparmor.d/abstractions/opencl-nvidia ...
Installing new version of config file /etc/apparmor.d/abstractions/opencl-pocl ...
Installing new version of config file /etc/apparmor.d/abstractions/openssl ...
Installing new version of config file /etc/apparmor.d/abstractions/orbit2 ...
Installing new version of config file /etc/apparmor.d/abstractions/p11-kit ...
Installing new version of config file /etc/apparmor.d/abstractions/perl ...
Installing new version of config file /etc/apparmor.d/abstractions/php ...
Installing new version of config file /etc/apparmor.d/abstractions/php5 ...
Installing new version of config file /etc/apparmor.d/abstractions/postfix-common ...
Installing new version of config file /etc/apparmor.d/abstractions/private-files ...
Installing new version of config file /etc/apparmor.d/abstractions/private-files-strict ...
Installing new version of config file /etc/apparmor.d/abstractions/python ...
Installing new version of config file /etc/apparmor.d/abstractions/qt5 ...
Installing new version of config file /etc/apparmor.d/abstractions/qt5-compose-cache-write ...
Installing new version of config file /etc/apparmor.d/abstractions/qt5-settings-write ...
Installing new version of config file /etc/apparmor.d/abstractions/recent-documents-write ...
Installing new version of config file /etc/apparmor.d/abstractions/ruby ...
Installing new version of config file /etc/apparmor.d/abstractions/samba ...
Installing new version of config file /etc/apparmor.d/abstractions/smbpass ...
Installing new version of config file /etc/apparmor.d/abstractions/ssl_certs ...
Installing new version of config file /etc/apparmor.d/abstractions/ssl_keys ...
Installing new version of config file /etc/apparmor.d/abstractions/svn-repositories ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-bittorrent-clients ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/java ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/kde ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/mailto ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/multimedia ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/plugins-common ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/productivity ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/text-editors ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/ubuntu-integration-xul ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-browsers.d/user-files ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-console-browsers ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-console-email ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-email ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-feed-readers ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-gnome-terminal ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-helpers ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-konsole ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-media-players ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-unity7-base ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-unity7-launcher ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-unity7-messaging ...
Installing new version of config file /etc/apparmor.d/abstractions/ubuntu-xterm ...
Installing new version of config file /etc/apparmor.d/abstractions/user-download ...
Installing new version of config file /etc/apparmor.d/abstractions/user-mail ...
Installing new version of config file /etc/apparmor.d/abstractions/user-manpages ...
Installing new version of config file /etc/apparmor.d/abstractions/user-tmp ...
Installing new version of config file /etc/apparmor.d/abstractions/user-write ...
Installing new version of config file /etc/apparmor.d/abstractions/video ...
Installing new version of config file /etc/apparmor.d/abstractions/vulkan ...
Installing new version of config file /etc/apparmor.d/abstractions/wayland ...
Installing new version of config file /etc/apparmor.d/abstractions/web-data ...
Installing new version of config file /etc/apparmor.d/abstractions/winbind ...
Installing new version of config file /etc/apparmor.d/abstractions/wutmp ...
Installing new version of config file /etc/apparmor.d/abstractions/xad ...
Installing new version of config file /etc/apparmor.d/abstractions/xdg-desktop ...
Installing new version of config file /etc/apparmor.d/local/README ...
Installing new version of config file /etc/apparmor.d/lsb_release ...
Installing new version of config file /etc/apparmor.d/nvidia_modprobe ...
Installing new version of config file /etc/apparmor.d/tunables/apparmorfs ...
Installing new version of config file /etc/apparmor.d/tunables/global ...
Installing new version of config file /etc/apparmor.d/tunables/home ...
Installing new version of config file /etc/apparmor.d/tunables/multiarch ...
Installing new version of config file /etc/apparmor.d/tunables/xdg-user-dirs ...
Installing new version of config file /etc/apparmor/parser.conf ...
Reloading AppArmor profiles 
Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Processing triggers for man-db (2.9.3-2) ...
Processing triggers for systemd (246.4-1ubuntu1) ...
+ lxc exec testguest-apparmor-bad -- aa-status
apparmor module is loaded.
28 profiles are loaded.
28 profiles are in enforce mode.
   /snap/snapd/9279/usr/lib/snapd/snap-confine
   /snap/snapd/9279/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /usr/bin/man
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper
   /usr/lib/connman/scripts/dhclient-script
   /usr/lib/snapd/snap-confine
   /usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /{,usr/}sbin/dhclient
   lsb_release
   man_filter
   man_groff
   nvidia_modprobe
   nvidia_modprobe//kmod
   snap-update-ns.lxd
   snap.lxd.activate
   snap.lxd.benchmark
   snap.lxd.buginfo
   snap.lxd.check-kernel
   snap.lxd.daemon
   snap.lxd.hook.configure
   snap.lxd.hook.install
   snap.lxd.hook.remove
   snap.lxd.lxc
   snap.lxd.lxc-to-lxd
   snap.lxd.lxd
   snap.lxd.migrate
   tcpdump
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.
+ lxc exec testguest-apparmor-bad -- dpkg -l apparmor
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version              Architecture Description
+++-==============-====================-============-======================================
ii  apparmor       3.0.0~beta1-0ubuntu5 amd64        user-space parser utility for AppArmor
+ lxc stop --timeout 300 testguest-apparmor-bad
+ lxc snapshot testguest-apparmor-bad orig
+ lxc restore testguest-apparmor-bad orig
+ lxc start testguest-apparmor-bad
+ sleep 30s
+ lxc exec testguest-apparmor-bad runlevel
N 5
+ lxc exec testguest-apparmor-bad -- bash -c 'H=`cat /etc/hostname`; if [ -f /var/lib/cloud/instance/boot-finished ]; then echo "LXD container $H ready"; else echo "LXD container $H not ready yet"; exit 2; fi'
LXD container testguest-apparmor-bad ready
+ lxc exec testguest-apparmor-bad -- aa-status
apparmor module is loaded.
15 profiles are loaded.
15 profiles are in enforce mode.
   /snap/snapd/9279/usr/lib/snapd/snap-confine
   /snap/snapd/9279/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   snap-update-ns.lxd
   snap.lxd.activate
   snap.lxd.benchmark
   snap.lxd.buginfo
   snap.lxd.check-kernel
   snap.lxd.daemon
   snap.lxd.hook.configure
   snap.lxd.hook.install
   snap.lxd.hook.remove
   snap.lxd.lxc
   snap.lxd.lxc-to-lxd
   snap.lxd.lxd
   snap.lxd.migrate
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.
+ lxc exec testguest-apparmor-bad -- systemctl status apparmor
● apparmor.service - Load AppArmor profiles
     Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor preset: enabled)
     Active: active (exited) since Tue 2020-09-22 10:39:38 UTC; 30s ago
       Docs: man:apparmor(7)
             https://gitlab.com/apparmor/apparmor/wikis/home/
    Process: 107 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, status=0/SUCCESS)
   Main PID: 107 (code=exited, status=0/SUCCESS)

Sep 22 10:39:38 testguest-apparmor-bad apparmor.systemd[107]: Not starting AppArmor in container
Sep 22 10:39:38 testguest-apparmor-bad systemd[1]: Finished Load AppArmor profiles.


Good case:
$ ./repro.sh good
+ '[' good == bad ']'
+ '[' good == good ']'
+ echo 'Good case: Keeps apparmor as-is'
Good case: Keeps apparmor as-is
+ BADCASE=0
+ lxc stop --force testguest-apparmor-good
+ lxc delete --force testguest-apparmor-good
+ lxc launch ubuntu-daily:groovy/amd64 testguest-apparmor-good --profile default --profile kvm
Creating testguest-apparmor-good
Starting testguest-apparmor-good
+ sleep 30s
+ lxc exec testguest-apparmor-good runlevel
N 5
+ lxc exec testguest-apparmor-good -- bash -c 'H=`cat /etc/hostname`; if [ -f /var/lib/cloud/instance/boot-finished ]; then echo "LXD container $H ready"; else echo "LXD container $H not ready yet"; exit 2; fi'
LXD container testguest-apparmor-good ready
+ lxc exec testguest-apparmor-good --env DEBIAN_FRONTEND=noninteractive -- bash -c 'apt-get --allow-unauthenticated --assume-yes -o Dpkg::Options::='\''--force-confdef'\'' -o Dpkg::Options::='\''--force-confold'\'' install apparmor-utils'
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following package was automatically installed and is no longer required:
  libfreetype6
Use 'apt autoremove' to remove it.
The following additional packages will be installed:
  python3-apparmor python3-libapparmor
Suggested packages:
  vim-addon-manager
The following NEW packages will be installed:
  apparmor-utils python3-apparmor python3-libapparmor
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 157 kB of archives.
After this operation, 966 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu groovy/main amd64 python3-libapparmor amd64 2.13.3-7ubuntu6 [26.7 kB]
Get:2 http://archive.ubuntu.com/ubuntu groovy/main amd64 python3-apparmor amd64 2.13.3-7ubuntu6 [78.6 kB]
Get:3 http://archive.ubuntu.com/ubuntu groovy/main amd64 apparmor-utils amd64 2.13.3-7ubuntu6 [51.4 kB]
Fetched 157 kB in 0s (389 kB/s)           
Selecting previously unselected package python3-libapparmor.
(Reading database ... 31714 files and directories currently installed.)
Preparing to unpack .../python3-libapparmor_2.13.3-7ubuntu6_amd64.deb ...
Unpacking python3-libapparmor (2.13.3-7ubuntu6) ...
Selecting previously unselected package python3-apparmor.
Preparing to unpack .../python3-apparmor_2.13.3-7ubuntu6_amd64.deb ...
Unpacking python3-apparmor (2.13.3-7ubuntu6) ...
Selecting previously unselected package apparmor-utils.
Preparing to unpack .../apparmor-utils_2.13.3-7ubuntu6_amd64.deb ...
Unpacking apparmor-utils (2.13.3-7ubuntu6) ...
Setting up python3-libapparmor (2.13.3-7ubuntu6) ...
Setting up python3-apparmor (2.13.3-7ubuntu6) ...
Setting up apparmor-utils (2.13.3-7ubuntu6) ...
Processing triggers for man-db (2.9.3-2) ...
+ lxc exec testguest-apparmor-good -- aa-status
apparmor module is loaded.
28 profiles are loaded.
28 profiles are in enforce mode.
   /snap/snapd/9279/usr/lib/snapd/snap-confine
   /snap/snapd/9279/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /usr/bin/man
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper
   /usr/lib/connman/scripts/dhclient-script
   /usr/lib/snapd/snap-confine
   /usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /{,usr/}sbin/dhclient
   lsb_release
   man_filter
   man_groff
   nvidia_modprobe
   nvidia_modprobe//kmod
   snap-update-ns.lxd
   snap.lxd.activate
   snap.lxd.benchmark
   snap.lxd.buginfo
   snap.lxd.check-kernel
   snap.lxd.daemon
   snap.lxd.hook.configure
   snap.lxd.hook.install
   snap.lxd.hook.remove
   snap.lxd.lxc
   snap.lxd.lxc-to-lxd
   snap.lxd.lxd
   snap.lxd.migrate
   tcpdump
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
+ '[' 0 -eq 1 ']'
+ lxc exec testguest-apparmor-good -- dpkg -l apparmor
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version         Architecture Description
+++-==============-===============-============-======================================
ii  apparmor       2.13.3-7ubuntu6 amd64        user-space parser utility for AppArmor
+ lxc stop --timeout 300 testguest-apparmor-good
+ lxc snapshot testguest-apparmor-good orig
+ lxc restore testguest-apparmor-good orig
+ lxc start testguest-apparmor-good
+ sleep 30s
+ lxc exec testguest-apparmor-good runlevel
N 5
+ lxc exec testguest-apparmor-good -- bash -c 'H=`cat /etc/hostname`; if [ -f /var/lib/cloud/instance/boot-finished ]; then echo "LXD container $H ready"; else echo "LXD container $H not ready yet"; exit 2; fi'
LXD container testguest-apparmor-good ready
+ lxc exec testguest-apparmor-good -- aa-status
apparmor module is loaded.
28 profiles are loaded.
28 profiles are in enforce mode.
   /snap/snapd/9279/usr/lib/snapd/snap-confine
   /snap/snapd/9279/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /usr/bin/man
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper
   /usr/lib/connman/scripts/dhclient-script
   /usr/lib/snapd/snap-confine
   /usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /{,usr/}sbin/dhclient
   lsb_release
   man_filter
   man_groff
   nvidia_modprobe
   nvidia_modprobe//kmod
   snap-update-ns.lxd
   snap.lxd.activate
   snap.lxd.benchmark
   snap.lxd.buginfo
   snap.lxd.check-kernel
   snap.lxd.daemon
   snap.lxd.hook.configure
   snap.lxd.hook.install
   snap.lxd.hook.remove
   snap.lxd.lxc
   snap.lxd.lxc-to-lxd
   snap.lxd.lxd
   snap.lxd.migrate
   tcpdump
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
+ lxc exec testguest-apparmor-good -- systemctl status apparmor
● apparmor.service - Load AppArmor profiles
     Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor preset: enabled)
     Active: active (exited) since Tue 2020-09-22 10:39:10 UTC; 30s ago
       Docs: man:apparmor(7)
             https://gitlab.com/apparmor/apparmor/wikis/home/
    Process: 107 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, status=0/SUCCESS)
   Main PID: 107 (code=exited, status=0/SUCCESS)

Sep 22 10:39:10 testguest-apparmor-good apparmor.systemd[107]: Restarting AppArmor
Sep 22 10:39:10 testguest-apparmor-good apparmor.systemd[107]: Reloading AppArmor profiles
Sep 22 10:39:11 testguest-apparmor-good apparmor.systemd[124]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Sep 22 10:39:10 testguest-apparmor-good systemd[1]: Finished Load AppArmor profiles.