Closed issue by the-antz on void-packages repository https://github.com/void-linux/void-packages/issues/23206 Description: ### System * xuname: Void 5.6.19_1 x86_64 GenuineIntel uptodate rrFF * package: podman-2.0.0_1 maybe containers.image-5.0.0_1 ### Expected behavior Both `sudo podman run --rm -it hello-world` and `podman run --rm -it hello-world` should print some hello-world messages. ### Actual behavior #### ~~Issue 1~~ (fixed in v2.0.1 #23235 ) `sudo podman run --rm -it hello-world` fails with `Error: AppArmor profile "container-default" specified but not loaded` After loading a dummy apparmor profile in complain mode `/etc/apparmor.d/container-default.profile` ``` #include profile container-default flags=(complain) { #include } ``` running podman as root works as expected. Related: https://github.com/containers/libpod/issues/6724 We should probably add a container-default.profile to podman (or maybe containers.image?) but I didn't find any example profile in the podman repo. #### Issue 2 **edit**: https://github.com/containers/libpod/issues/6668 `podman run --rm -it hello-world` fails with `Error: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"process_linux.go:378: setting rlimits for ready process caused \\\"error setting rlimit type 7: invalid argument\\\"\"": OCI runtime error` This happens with both apparmor enabled and disabled and might be a different issue. -- I deleted all container related configs and had them recreate by podman 2 (well actually containers.image) but that didn't have any effect. ### Steps to reproduce the behavior To load the profile: `apparmor_parser /etc/apparmor.d/container-default.profile` Otherwise, on an apparmor enabled system, simply: ``` xbps-install podman podman run --rm -it hello-world sudo podman run --rm -it hello-world ``` edit: @cameronnemo (ping)