Docu review done: Mon 03 Jul 2023 17:09:33 CEST

Change Modes / Disabling AppArmor

Put the application in compalin mode:

$ aa-complain /path/to/program

check the logs (e.g. /var/log/syslog) for the program you have placed in compalin mode and adopt the aa-profile

Now enable the changed profile for the application again:

$ aa-enforce /path/to/program

if it is still not working, you can completly disable apparmor for the program like that:

$ aa-disable /path/to/program

Applying Profiles to AA

sample location of profiles: /etc/apparmor.d/

After you have modified/added a profile, you can either reload the full service:

$ systemctl reload apparmor.service

or you just reload the specific profile:

$ apparmor_parser -r /etc/apparmor.d/<profile_name>