This pages provides information on reporting bugs against packages related to AppArmor or packages that ship AppArmor profiles.


Please follow the debug steps to know if your bug might have been caused by AppArmor

If you think a bug is really caused by a malfunctioning AppArmor profile, read on.

Provide logs and inspect AppArmor's state on the system

Provide the log lines containing DENIED:

# from the systemd journal
sudo journalctl -kaf --no-hostname | grep -w 'apparmor="DENIED"'
# if systemd-journald is not running
sudo tail -f /var/log/auditd/auditd.log /var/log/syslog | grep -w 'apparmor="DENIED"'


If you think you've found a bug in an AppArmor profile provided either by apparmor-profiles-extra or a Debian package which ships its own profile, you should report a bug against one of these packages.

However as the Debian Bug Tracking System is package-centric, only the package maintainers will be automatically made aware of your bug report. That is why we kindly ask you to add a usertag to your bug report, so that the Debian AppArmor Packaging Team is notified as well. Then we can help you check if AppArmor is involved, and to fix the bug if that's the case.

See all usertags for user pkg-apparmor-team AT

We have agreed to use certain tags. Please tag with the user and use the following tags:

If you see the need for another tag not listed here, please contact us.

Quick how to usertag a bug

By email

Basically, you would send an email to with the following content:

 usertags #123456 + merge-to-upstream 

where "123456" is your bug number, and "merge-to-upstream" the tag you want to add to the bug.

There can be multiple lines with different usertags in such an email.

Delete a usertag like this:

 usertags #123456 - merge-to-upstream 

This would delete the tag "merge-to-upstream" on bug number #123456

Using the CLI

The bts command is provided by the devscripts package.

bts user . usertags #123456 + merge-to-upstream 

where "123456" is your bug number, and "merge-to-upstream" the tag you want to add to the bug.