Check the status of apparmor:
sudo systemctl status apparmorCheck all the loaded profiles:
sudo aa-statusInstall aa-genprof and other utility packages:
sudo apt install apparmor-utilsGenerate a profile for nano text editor:
sudo aa-genprof nanoRestart apparmor to load the profile:
sudo systemctl restart apparmorDisable nano profile:
sudo aa-disable /etc/apparmor.d/usr.bin.nano
# sudo ln -s /etc/apparmor.d/usr.bin.nano /etc/apparmor.d/disable/usr.bin.nanoEnable nano profile:
sudo rm /etc/apparmor.d/disable/usr.bin.nanoMove nano profile to complain mode:
sudo aa-complain /etc/apparmor.d/usr.bin.nanoMove nano profile to enforce mode:
sudo aa-enforce /etc/apparmor.d/usr.bin.nanoReload apparmor config to kernal:
sudo apparmor_parser -r /etc/apparmor.d/usr.bin.nanoRemove the nano profile:
sudo apparmor_parser -R /etc/apparmor.d/usr.bin.nano