Comment 1 for bug 1841001

There are two separate issues here:

 - removing snap.* apparmor profiles
 - removing docker apparmor profile

For the second issue, it is a bug in the snap, it should be handling that in its pre-remove hook. I will report this internally

For the first issue, it's a hard problem. We remove the profiles from disk but we cannot remove them from the kernel easily without removing confinement from running processes. There is ongoing work to track processes better and perform cleanup on cgroup becoming empty but it is not close to release yet.