This page tracks progress of adding AppArmor profiles to Debian.
Profiles being worked on
pidgin => intrigeri sent his updated profile upstream for review; once improved, we can include it into apparmor-profiles-extra
Pending maintainer upload
Pending upload of apparmor-profiles-extra
Wishlist bug filed
See the bugs tagged "new-profile".
To be done
Supported profiles in Ubuntu main => import into apparmor-profiles-extra, unless the respective maintainers want to take it into their package. Maybe start with the high-profile services like Apache, OpenLDAP, ClamAV and Bind.
iceweasel => adapt Ubuntu's Firefox profile, or start over from intrigeri's current iceweasel profile
isc-dhcp-client => profile needs to be loaded before the network is up => see systemd item below
Help get more profiles into good shape, so that they can be integrated upstream or into apparmor-profiles-extra. The Ubuntu security team roadmap tells a bit about their priority, and the current status of profiles under development.
Integrate with systemd by: waiting for systemd v210+, which has a ?ApparmorProfile= option, or ship upstart's /lib/init/apparmor-profile-load as an apparmor helper script and call it in systemd's ?ExecPreStart=
Done (for Jessie, at least)
Included in the corresponding package