Just a quick note to let you know that I've had a patch accepted into AppArmor (and have a similar one awaiting review for snapd) to support running under WSL:

https://gitlab.com/apparmor/apparmor/-/merge_requests/812

As suggested in the comments there, there's a potential issue with AppArmor profiles leaking from distro to distro and/or from container to container because of WSL's architecture, so to avoid this problem in genie, I've arranged for it to create an AppArmor namespace before starting systemd (if AppArmor support is detected in the kernel) to prevent potential leakage.

Thought I'd let the other authors of WSL systemd hacks know in case you wish to take similar measures. In case it might be useful, my implementation of this can be found here, called from here.

Regards,

Alistair
genie developer