Comment 2 for bug 1620757

The bug in the previous link is unrelated.

The real reason for this issue is that, after the apparmor profile is dropped to the apparmor.d/lxc directory, two handlers are suppose to be notified and one of them load the lxc-openstack profile and the other restart apparmor service. However, when the playbook is interrupted/failed before it executes to the end, and then it is re-executed, the triggering task's state will be okay(instead of changed) so that the two handlers won't be notified. As a result, the lxc-openstack profile is not loaded to apparmor properly.

I think we'd better keep these kinds of scenarios in minds and change some "notify" to "register" if necessary.