Daniel, Currently it is expected that manually deleting a profile also requires manual profile removal from the kernel, using an of - aa-remove-unknown - apparmor_parser -R <profile before file deletion> - sudo bash -c "echo -n '<profile_name>' > /sys/kernel/security/apparmor/.remove"
However this does indeed currently leave behind the cache file, cluttering the file system. However once the profile is removed from the kernel the cached file should not be applied. Can you clarify whether you removed the profile from the kernel? Can you clarify if when you were developing the new profile whether you changed the filename from the original profile to a different filename when developing the new profile? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1878333 Title: AppArmor cache entries not removed when profile is deleted Status in apparmor package in Ubuntu: Confirmed Bug description: This concerns apparmor 2.13.3-7ubuntu5 in Ubuntu focal. If I delete a profile from /etc/apparmor.d/, reboot the system, and then look in /var/cache/apparmor/XXXXXXXX.0/, I still see a file for the compiled form of the profile. The same occurs if the profile is "deleted" by other means, such as symlinking it from /etc/apparmor.d/disable/. This behavior caused me some consternation as I was developing an alternate profile for a program that already had one, and I continued to see old behavior even though I had removed the old profile. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1878333/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
