Comment # 2 on bug 1233410 from Matthias Gerstner

Thanks for creating the AUDIT bug.

Back when I looked into the lxc sysctl file I already wondered whether there
wouldn't be a better way to do this. As it is, as soon as incus is installed,
major system settings are altered permanently. I would find it better to
perform these settings only when the containers are actually used e.g. via
a systemd unit or something. Just a thought.

What happens when incus and lxc are installed in parallel now? Then there will
be conflicting settings. We'll have "60-lxd.conf" and "60-incus.conf", so LXD
will probably win, appearing later in the alphabet. But some settings on top
of the LXD settings done by the incus file will remain.

Security wise I guess the file is okay, though.