Comment 8 for bug 1751667

I tested to see if the changes in https://github.com/snapcore/snapd/pull/4714 would address this bug. I did this by:

1. in a livecd, perform 'sudo aa-status'. This showed no apparmor profiles were loaded
2. install a deb with https://github.com/snapcore/snapd/pull/4714. The act of installing the deb runs apparmor_parser on the snap-confine profile, so to simulate a fresh boot, I then unloaded the profiles with: sudo apparmor_parser -R /etc/apparmor.d/*snap-confine* (and confirmed with aa-status they weren't loaded
3. sudo snap install hello-world
4. sudo aa-status (this showed the snap-confine profiles from the core snap were loaded, along with the hello-world profiles, but *not* the snap-confine profile from /etc/apparmor.d
5. ran hello-world:
$ hello-world
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks

Therefore, https://github.com/snapcore/snapd/pull/4714 is *not* sufficient to fix this bug. Once I do:

$ sudo apparmor_parser -r /etc/apparmor.d/*snap-confine*

Then strict and classic mode snaps work.