Comment 13 for bug 1845506

All false are reloads to restore former content (that is ok):
src/security/security_apparmor.c:706: return reload_profile(mgr, def, NULL, false);
src/security/security_apparmor.c:750: return reload_profile(mgr, def, NULL, false);
src/security/security_apparmor.c:795: return reload_profile(mgr, def, NULL, false);
src/security/security_apparmor.c:1017: return reload_profile(mgr, def, NULL, false);
src/security/security_apparmor.c:1088: return reload_profile(mgr, def, NULL, false);
src/security/security_apparmor.c:1125: return reload_profile(mgr, def, NULL, false);

All additions of paths are append=true which will cause it to use -F:
src/security/security_apparmor.c:320: return reload_profile(ptr->mgr, def, file, true);
src/security/security_apparmor.c:501: return reload_profile(mgr, def, stdin_path, true);
src/security/security_apparmor.c:733: return reload_profile(mgr, def, mem->nvdimmPath, true);
src/security/security_apparmor.c:776: return reload_profile(mgr, def, input->source.evdev, true);
src/security/security_apparmor.c:1039: ret = reload_profile(mgr, def, dev_source->data.file.path, true);
src/security/security_apparmor.c:1047: if (reload_profile(mgr, def, in, true) < 0)
src/security/security_apparmor.c:1051: if (reload_profile(mgr, def, out, true) < 0)
src/security/security_apparmor.c:1054: ret = reload_profile(mgr, def, dev_source->data.file.path, true);
src/security/security_apparmor.c:1096: return reload_profile(mgr, def, savefile, true);
src/security/security_apparmor.c:1111: rc = reload_profile(mgr, def, full_path, true);
src/security/security_apparmor.c:1114: rc = reload_profile(mgr, def, path, true);
src/security/security_apparmor.c:1152: return reload_profile(mgr, def, fd_path, true);

The only outlier to this rule is:
src/security/security_apparmor.c:466: if (load_profile(mgr, secdef->label, def, NULL, false) < 0) {

Which is what we hit in the call chain of this use-case that fails here.