I'm running 10.04.
The firefox profile was already present. It's part of the firefox package. That's an old thread, so maybe it wasn't the case at that time.
To enable the firefox profile, I had to remove this symlink:
Code:
sudo rm /etc/apparmor.d/disable/usr.bin.firefox
That was the only profile that was disabled in that manner.
Then I (re-)loaded the profile:
Code:
sudo apparmor_parser -r /etc/apparmor.d/usr.bin.firefox
My understanding is that any profile in /etc/apparmor.d/ is automatically loaded when the apparmor service starts. If you add or change a profile, the change will only take effect when that profile is explicitly reloaded or when apparmor is restarted.
A profile in /etc/apparmor.d/ can be disabled by placing a symbolic link to it in /etc/apparmor.d/disable/.
This shows which profiles are loaded, and whether they're in complain-mode or enforce-mode:
Code:
sudo service apparmor status
Bookmarks