Comment # 16 on bug 1120472 from 
> IMHO there are two things that should be fixed:
> 
> a) in AppArmor: I'll either "downgrade" the error to a warning saying
>        Ignoring log event for non-existing profile $name, even if the
>        profile file exists (different profile name?)
>    or simply silently ignore events for non-existing profiles since that is 
>    what happens for all non-existing profiles not matching this corner case.
> 
> b) in the openQA tests: unload the profile before you delete the profile file
>    to ensure you have a clean test setup:
> 
>        apparmor_parser -R /tmp/apparmor.d/usr.sbin.nscd
>        rm /tmp/apparmor.d/usr.sbin.nscd
>        cp -a /etc/apparmor.d/ /tmp/apparmor.d/
>        apparmor_parser -r /tmp/apparmor.d/  # reload profiles
> 
>    nscd will run unconfined after that, but you are stopping it anyway.
>    (And sadly, openQA will no longer cover that corner case it accidently
>    covered ;-)

Thank you so much for the fixing suggestions for openQA tests, we have opened 2
poo to enhance our test cases.
FYI:
[sle][security][sle15sp1] apparmor aa_autodep & aa_genprof tests need doing
cleanup (https://progress.opensuse.org/issues/45980)
[sle][security][sle15sp1] apparmor aa_enforce test needs to be updated to match
new behavior in Tumblewwed
(https://progress.opensuse.org/issues/45635#change-178487)

You are receiving this mail because: