diff --git a/.gitignore b/.gitignore
index 0d266c200..45377714c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -111,6 +111,7 @@ config/ltmain.sh
 config/missing
 config/libtool.m4
 config/lt*.m4
+config/apparmor/abstractions/start-container
 config/bash/lxc
 config/init/common/lxc-containers
 config/init/common/lxc-net
diff --git a/config/apparmor/Makefile.am b/config/apparmor/Makefile.am
index 71dbe1586..858f58dde 100644
--- a/config/apparmor/Makefile.am
+++ b/config/apparmor/Makefile.am
@@ -19,7 +19,7 @@ install-apparmor:
 	$(MKDIR_P) $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/lxc/
 	$(MKDIR_P) $(DESTDIR)$(sysconfdir)/apparmor.d/lxc/
 	$(INSTALL_DATA) $(srcdir)/abstractions/container-base $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/lxc/
-	$(INSTALL_DATA) $(srcdir)/abstractions/start-container $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/lxc/
+	$(INSTALL_DATA) abstractions/start-container $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/lxc/
 	$(INSTALL_DATA) $(srcdir)/profiles/lxc-default $(DESTDIR)$(sysconfdir)/apparmor.d/lxc/
 	$(INSTALL_DATA) $(srcdir)/profiles/lxc-default-cgns $(DESTDIR)$(sysconfdir)/apparmor.d/lxc/
 	$(INSTALL_DATA) $(srcdir)/profiles/lxc-default-with-mounting $(DESTDIR)$(sysconfdir)/apparmor.d/lxc/
diff --git a/config/apparmor/abstractions/start-container b/config/apparmor/abstractions/start-container.in
similarity index 95%
rename from config/apparmor/abstractions/start-container
rename to config/apparmor/abstractions/start-container.in
index 3df9883e3..f2b48235d 100644
--- a/config/apparmor/abstractions/start-container
+++ b/config/apparmor/abstractions/start-container.in
@@ -11,6 +11,7 @@
   # currently blocked by apparmor bug
   mount -> /usr/lib*/*/lxc/{**,},
   mount -> /usr/lib*/lxc/{**,},
+  mount -> @LXCROOTFSMOUNT@/{,**},
   mount fstype=devpts -> /dev/pts/,
   mount options=bind /dev/pts/ptmx/ -> /dev/ptmx/,
   mount options=bind /dev/pts/** -> /dev/**,
@@ -38,6 +39,7 @@
   pivot_root /usr/lib*/*/lxc/,
   pivot_root /usr/lib*/lxc/**,
   pivot_root /usr/lib*/*/lxc/**,
+  pivot_root @LXCROOTFSMOUNT@/{,**},
 
   change_profile -> lxc-*,
   change_profile -> lxc-**,
diff --git a/configure.ac b/configure.ac
index 92d6601d7..a54bc3321 100644
--- a/configure.ac
+++ b/configure.ac
@@ -714,6 +714,7 @@ AC_CONFIG_FILES([
 
 	config/Makefile
 	config/apparmor/Makefile
+	config/apparmor/abstractions/start-container
 	config/selinux/Makefile
 	config/bash/Makefile
 	config/bash/lxc