Could the LXD team instead just read /sys/kernel/security/apparmor/features/policy/unconfined_restrictions/userns since this has the same value as the sysctl /proc/sys/kernel/apparmor_restrict_unprivileged_userns
Could the LXD team instead just read /sys/kernel/ security/ apparmor/ features/ policy/ unconfined_ restrictions/ userns since this has the same value as the sysctl /proc/sys/ kernel/ apparmor_ restrict_ unprivileged_ userns