Comment 1 for bug 1569581

I discussed this issue with Gustavo and we think that apparmor itself should detect this and re-load all profiles when a change to any of the parsers or templates occurs. From snappy's POV we will re-load all profiles for a specific snap each time something in that snap changes *AND* we promise to detect changes to the internal templates built into snappy. We would not like to detect changes to apparmor itself as that can be done by a systemd job shipped with apparmor. That job should simply compile and re-load all the profiles stored in a standard directory (or have a way for snappy to tell apparmor that it stores profiles in a non-standard directory).

What do you think?