Docker AppArmor Enabled But Default Profile Could Not Be Loaded

I was attempting to run Docker within a LXC container on a host running Ubuntu 20.04.

I kept getting the following error when attempting to run a container, in spite of adding:

lxc.apparmor.profile = unconfined

.. to my LXC container’s config file:

$ docker run -ti ubuntu:latest /bin/bash
docker: Error response from daemon: AppArmor enabled on system but the docker-default profile could not be loaded: running `/usr/sbin/apparmor_parser apparmor_parser -Kr /var/lib/docker/tmp/docker-default752380479` failed with output: apparmor_parser: Unable to replace "docker-default".  Permission denied; attempted to load a profile while confined?

error: exit status 243.
ERRO[0000] error waiting for container: context canceled

The easiest solution for me was to simply uninstall apparmor from my LXC container’s (not the host’s) operating system:

$ sudo apt-get remove apparmor

Docker OCI Runtime Create Failed – Executable File Not Found

I attempted to run a docker container for the first time:

$ docker run ubuntu:latest -ti /bin/bash
docker: Error response from daemon: OCI runtime create failed: container_linux.go:370: starting container process caused: exec: "-ti": executable file not found in $PATH: unknown.
ERRO[0001] error waiting for container: context canceled 

The key was in this part of the message:

exec: "-ti"

The Docker command was attempting to execute -ti when really we wanted to execute /bin/bash.

To fix just put the command line arguments -ti before the name of the image:

$ docker run -ti ubuntu:latest /bin/bash
root@f302a2547b2e:/#