Comment 20 for bug 1667016

Tested with jammy lxd container, proposed patch works WFM.

(Note that a simple "lxc launch images:ubuntu/22.04/cloud" does not exercise this issue, because this minimal image does not install apparmor; but installing "ubuntu-server" does make the problem appear, and then the fixes to apparmor/tcpdump in -proposed make the problem go away)

I can also confirm that using
#include <abstractions/consoles>
works, as per comment #13. That gives very slightly wider permissions, shown in /etc/apparmor.d/abstractions/consoles