Comment 6 for bug 1825298

We discussed this issue on IRC and we believe to understand the cause.

One way to solve it would be to move all snapd apparmor profiles to /var, so that they are not regarded as conf-files simply because they are stored in /etc. This would also allow us to remove the silly .real suffix from snap-confine apparmor profile.

We need to look at the details of how this would interplay with rollbacks though.