App Armor profiles can be in one of two modes: enforcement and complain.Profiles loaded in enforcement mode will result in enforcement of the policy defined in the profile as well as reporting policy violation attempts (either via syslog or auditd).

Core App Armor functionality is in the mainline Linux kernel from 2.6.36 onwards; work is ongoing by App Armor, Ubuntu and other developers to merge additional App Armor functionality into the mainline kernel.

If a profile is not defined for a particular binary, the binary is not confined.

stuff fine, but what I wonder about: how to avoid conflicts with the packaging system?

Selection Path Priority Status ------------------------------------------------------------ * 0 /usr/bin/ruby1.8 50 auto mode 1 /usr/bin/ruby1.8 50 manual mode 2 /usr/bin/ruby1.9.1 10 manual mode Press enter to keep the current choice[*], or type selection number: 2 update-alternatives: using /usr/bin/ruby1.9.1 to provide /usr/bin/ruby (ruby) in manual mode.

$ ruby --version ruby 1.9.2p290 (2011-07-09 revision 32553) [x86_64-linux] Credit for this solution goes to person who answered https://askubuntu.com/questions/91693/how-do-you-uninstall-ruby-1-8-7-and-install-ruby-1-9-2 .

