Voir :

• https://docs.docker.com/engine/security/apparmor/

The nscd Apparmor profile is not prepared for that and needs some additional capabilities added.

Necessary changes are:

/etc/nscd.conf

        server-user             nobody

/etc/apparmor.d/usr.sbin.nscd

          capability setgid,
          capability setuid,

After adding these lines, restart Apparmor and subsequently nscd

source : https://www.suse.com/fr-fr/support/kb/doc/?id=000017971