Comment # 2 on bug 1225608 from Felix Niederwanger

It looks to me like we're missing the Apparmor profile for crun
(https://gitlab.com/apparmor/apparmor/-/blob/master/profiles/apparmor.d/crun).
On the test system I couldn't find any apparmor rules for crun.

Perhaps we're just missing those rules in the crun package?

At least on Ubuntu 24.04 there is a crun profile present

> root@ubuntu24-04:/etc/apparmor.d# grep -ir 'crun' .
> ./crun:profile crun /usr/bin/crun flags=(unconfined) {
> ./crun:  include if exists <local/crun>

The same profile is not present on Tumbleweed.