Comment 12 for bug 1689585

"Asking someone to know about that:

  echo -n "<profile_name>" > /sys/kernel/security/apparmor/.remove

Is asking too much IMHO and increases the friction between sysadmins and
Apparmor in general."

Of course. I listed this as something that could be considered for the openntpd/ntpd case, not for a sysadmin. This is a corner case that should be coordinated between these packages. In all cases except this rare corner case, it is totally fine (and correct) to leave the profile loaded until next reboot and sysadmins don't have to care about this at all.