diff --git a/docs/incus_lxd_lxc_kvm.md b/docs/incus_lxd_lxc_kvm.md
index abcb5ce..289de4f 100644
--- a/docs/incus_lxd_lxc_kvm.md
+++ b/docs/incus_lxd_lxc_kvm.md
@@ -77,6 +77,40 @@ root@incus:/home/test# dd if=/dev/random of=./test2.img bs=1G count=1 oflag=dsyn
 
 To be able to create unprivileged (rootless) containers with incus inside the jail, you need to increase the amount of UIDs available inside the jail. Please refer to the [Podman instructions](rootless_podman_in_rootless_jail.md) for more information. If you don't increase the UIDs you can only create privileged containers. You'd have to change `Privileged` to `Allow` in `Security policies` in this case.
 
+## Canonical LXD install via snap
+
+Installing the lxd snap is an alternative to Incus. But out of the box running `snap install lxd` will cause AppArmor issues when running inside a jailmaker jail on SCALE.
+
+### Workaround 1: Disable AppArmor kernel module
+
+[To my knowledge AppArmor is not uses on SCALE](https://github.com/truenas/charts/pull/428#issuecomment-1113936420). The AppArmor related packages aren't even installed.
+
+Ensure to add --bind=/dev/fuse and ensure using bridge or macvlan networking:
+
+```
+# On the host
+cat /sys/module/apparmor/parameters/enabled
+Y
+midclt call system.advanced.update '{"kernel_extra_options": "apparmor=0"}'
+reboot
+cat /sys/module/apparmor/parameters/enabled
+
+# In Ubuntu jail
+apt update
+ln -s /bin/true /usr/local/bin/udevadm
+apt install -y --no-install-recommends snapd
+snap install lxd
+lxd init
+snap set lxd ui.enable=true
+systemctl reload snap.lxd.daemon
+
+# Check out: https://example:8443
+```
+
+### Workaround 2: inaccessible /sys/module/apparmor
+
+If I don't want to mess with kernel parameters, I can trick the jail into thinking the apparmor module is not loaded by mounting over /sys/module/apparmor: `mount -v -r -t tmpfs -o size=50m test /sys/module/apparmor`. Then `snap install lxd` completes! Best way to do this is to add `--inaccessible=/sys/module/apparmor` to the systemd_nspawn_user_args.
+
 ## References
 
 - [Running QEMU/KVM Virtual Machines in Unprivileged LXD Containers](https://dshcherb.github.io/2017/12/04/qemu-kvm-virtual-machines-in-unprivileged-lxd.html)
\ No newline at end of file