How to disable AppArmor for MySQL

If you're getting an error in 20.04 when storing a password in a keychain, that's AppArmor securing snap applications.

You can fix this by clicking "Permissions" in Ubuntu Software when viewing the MySQL Workbench app. Turn on the reading/writing passwords permission.

AppArmor confinement is provided via profiles loaded into the kernel, typically on boot. AppArmor profiles can be in one of two modes: enforcement and complain. Profiles loaded in enforcement mode will result in enforcement of the policy defined in the profile as well as reporting policy violation attempts (either via syslog or auditd). Profiles in complain mode will not enforce policy but instead report policy violation attempts.

• "What does it mean?"; It means restrictions for the AppArmor profile for mysql will be enforced.

• "Can it be disabled"; yes it can, how:

  sudo ln -s /etc/apparmor.d/{profile.name-here} /etc/apparmor.d/disable/    
  sudo apparmor_parser -R /etc/apparmor.d/{profile.name-name-here}
  

Example:

sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld

Then run the command sudo aa-status to see if the mysql profile is loaded.

To re-enable:

sudo rm /etc/apparmor.d/disable/usr.sbin.mysqld
sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.mysqld
sudo aa-status

See:

https://www.cyberciti.biz/faq/ubuntu-linux-howto-disable-apparmor-commands/

https://wiki.ubuntu.com/AppArmor

https://help.ubuntu.com/community/AppArmor