Comment 3 for bug 1014298

A nicer method to do this is to create a profile with the hat you want to add, for example:

# cat /tmp/hat-to-add

/foo {
    ^hat_to_add {
        ...
    }
}

and then use
    aa-mergeprof /tmp/hat-to-add
to merge it into the existing profile in /etc/apparmor.d.