The problem is in ghostscripts ijs_exec_server() command, which runs > argv[i++] = "sh"; > argv[i++] = "-c"; > > argv[i++] = (char *)server_cmd; > argv[i++] = NULL; > status = execvp (argv[0], (char * const *)argv); So that would require the apparmor profile to exec "sh", which would obviously forfeit all confinement.