Quadlet does not allow setting apparmor profiles (or unconfined)

[mstud]

Issue Description

Since podman uses the --security-opt=option parameter for several separate things, and Quadlet decided not to introduce a single SecurityOpt option but instead multiple options like SeccompProfile, SecurityLabel*, Mask, that all lead to different --security-opt parameters, I am not able to set --security-opt=apparmor=unconfined, because there just doesn't seem to be a corresponding Quadlet option for AppArmor.

Steps to reproduce the issue

write quadlet .container unit with AppArmor=unconfined

Describe the results you received

the generated podman run call in the service unit does not contain the parameter --security-opt=apparmor=unconfined

Describe the results you expected

the generated podman run call in the service unit should contain the parameter --security-opt=apparmor=unconfined

podman info output

not really relevant, the latest documentation does not list the setting either, so it just does not seem to exist in any version.

Podman in a container

No

Privileged Or Rootless

None

Upstream Latest Release

Yes

Additional environment details

No response

Additional information

No response

[Luap99]

Contributions welcome to add this field. Note as workaround there is always PodmanArgs= which can be used to pass arbitrary cli arguments to the podman command.

[tusharrrr1]

I would like to work on this

[ygalblum]

@tusharrrr1 thanks, I've assigned the issue to you

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[givensuman]

I would like to take a stab at this issue if it has gone stale.