Here is an example: root@dpcl018:~# aa-status apparmor module is loaded. 30 profiles are loaded. 27 profiles are in enforce mode. /usr/bin/evince /usr/bin/evince-previewer /usr/bin/evince-previewer//sanitized_helper /usr/bin/evince-thumbnailer /usr/bin/evince//sanitized_helper /usr/bin/man /usr/lib/cups/backend/cups-pdf /usr/lib/telepathy/mission-control-5 /usr/lib/telepathy/telepathy-* /usr/lib/telepathy/telepathy-*//pxgsettings /usr/lib/telepathy/telepathy-*//sanitized_helper /usr/lib/telepathy/telepathy-ofono /usr/lib/x86_64-linux-gnu/lightdm/lightdm-guest-session /usr/lib/x86_64-linux-gnu/lightdm/lightdm-guest-session//chromium /usr/sbin/cups-browsed /usr/sbin/cupsd /usr/sbin/cupsd//third_party /usr/sbin/haveged /usr/sbin/ntpd docker-default libreoffice-senddoc libreoffice-soffice//gpg libreoffice-xpdfimport man_filter man_groff nvidia_modprobe nvidia_modprobe//kmod 3 profiles are in complain mode. /usr/sbin/sssd libreoffice-oopslash libreoffice-soffice 12 processes have profiles defined. 5 processes are in enforce mode. /usr/sbin/cups-browsed (1335514) /usr/sbin/cupsd (1335513) /usr/lib/cups/notifier/dbus (1335541) /usr/sbin/cupsd /usr/sbin/haveged (776) /usr/sbin/ntpd (1102) 7 processes are in complain mode. /usr/sbin/sssd (806) /usr/lib/x86_64-linux-gnu/sssd/sssd_be (866) /usr/sbin/sssd /usr/lib/x86_64-linux-gnu/sssd/sssd_nss (915) /usr/sbin/sssd /usr/lib/x86_64-linux-gnu/sssd/sssd_sudo (916) /usr/sbin/sssd /usr/lib/x86_64-linux-gnu/sssd/sssd_pam (917) /usr/sbin/sssd /usr/lib/x86_64-linux-gnu/sssd/sssd_ssh (919) /usr/sbin/sssd /usr/lib/x86_64-linux-gnu/sssd/sssd_pac (920) /usr/sbin/sssd 0 processes are unconfined but have a profile defined.
root@dpcl018:~# dpkg -l apparmor\* Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-=======================-============-============-====================================== ii apparmor 2.13.2-10 amd64 user-space parser utility for AppArmor un apparmor-profiles-extra <none> <none> (no description available) un apparmor-utils <none> <none> (no description available) This is not about fine-tuning apparmor profiles or avoiding certain packages. Its about adding auditd to Recommends to make apparmor less noisy. Regards Harri
