It took me about 4 hours to debug an issue where google-drive-ocamlfuse can't mount my google drive inside an LXD container.

The root cause is that LXD *on the host* when installed as a snap, sets up an apparmor profile for the container that prevents fusermount3 from doing its thing.

Apparently nobody on the internet knows how to fix this, I sure as hell don't.