Quick Reference (Cheat Sheet)
| Action | Command |
|---|---|
| Check AppArmor status | sudo aa-status |
| Reload a profile | sudo apparmor_parser -r /etc/apparmor.d/profile.name |
| Troubleshoot (Allow & Log) | sudo aa-complain profile_name |
| Secure (Block & Log) | sudo aa-enforce profile_name |
| Show denials in a GUI | aa-notify -pm |
| Live View | sudo journalctl -fx (Look for apparmor="DENIED") |
| Files | /var/log/syslog or /var/log/kern.log |