"Failed to load apparmor"

Hello everyone!

When I load my workstation I get the message- “Failed to load apparmor.service” at start up. I’ve had a search around the forums and online to try and diagnose the problem. I’ve ran system check and there was a Debian package update update, but that did not solve the problem. So I ran a few terminal commands to see what I could find. It seems to be a problem with Thunderbird and Tor (Firefox).

I tried- sudo system status apparmor and it returned

sudo systemctl status apparmor.service
× apparmor.service - Load AppArmor profiles
     Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; preset: ena>
    Drop-In: /usr/lib/systemd/system/apparmor.service.d
             └─30_live_mode.conf
     Active: failed (Result: exit-code) since Wed 2024-10-30 15:04:48 UTC; 14mi>
       Docs: man:apparmor(7)
             https://gitlab.com/apparmor/apparmor/wikis/home/
    Process: 479 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, >
   Main PID: 479 (code=exited, status=1/FAILURE)
        CPU: 620ms

Oct 30 15:04:46 host apparmor.systemd[479]: Restarting AppArmor
Oct 30 15:04:46 host apparmor.systemd[479]: Reloading AppArmor profiles
Oct 30 15:04:47 host apparmor.systemd[533]: AppArmor parser error for /etc/appa>
Oct 30 15:04:48 host apparmor.systemd[719]: Skipping profile in /etc/apparmor.d>
Oct 30 15:04:48 host apparmor.systemd[788]: AppArmor parser error for /etc/appa>
Oct 30 15:04:48 host apparmor.systemd[908]: Skipping profile in /etc/apparmor.d>
Oct 30 15:04:48 host apparmor.systemd[479]: Error: At least one profile failed >
Oct 30 15:04:48 host systemd[1]: apparmor.service: Main process exited, code=ex>
Oct 30 15:04:48 host systemd[1]: apparmor.service: Failed with result 'exit-cod>
Oct 30 15:04:48 host systemd[1]: Failed to start apparmor.service - Load AppArm

I’m not to sure what the problem is here so I next tried the command -

journalctl | grep -i apparmor
Hint: You are currently not seeing messages from other users and the system.
      Users in groups 'adm', 'systemd-journal' can see all messages.
      Pass -q to turn off this notice.
Oct 23 21:15:33 host sudo[7865]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/bin/mkdir -p/etc/apparmor.d
Oct 23 21:28:29 host sudo[8705]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/bin/nano /etc/apparmor.d/firefox-local
Oct 29 21:42:29 host sudo[3309]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/sbin/apparmor-info --boot
Oct 29 21:43:56 host sudo[7031]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/bin/systemctl status apparmor.service
Oct 29 21:54:02 host sudo[13732]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/sbin/service apparmor restart
Oct 29 22:04:01 host sudo[3838]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/sbin/apparmor-info --boot
Oct 29 22:05:28 host sudo[7499]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/bin/systemctl status apparmor.service
Oct 29 22:12:03 host sudo[7721]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/bin/systemctl status apparmor.service
Oct 30 15:12:15 host sudo[4367]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/sbin/apparmor-info --boot
Oct 30 15:19:12 host sudo[8285]:     user : TTY=pts/0 ; PWD=/home/user ; USER=root ; COMMAND=/usr/bin/systemctl status apparmor.service

When I run- sudo journalctl --boot | grep -i warn -

Oct 30 15:06:56 host panic-on-oops[1289]: kernel.panic_on_warn = 1

and -sudo journalctl --boot | grep -i error -

Oct 30 15:04:47 host apparmor.systemd[533]: AppArmor parser error for /etc/apparmor.d in profile /etc/apparmor.d/firefox-local at line 3: Could not open 'abi/4.0': No such file or directory

Oct 30 15:04:48 host apparmor.systemd[788]: AppArmor parser error for /etc/apparmor.d/firefox-local in profile /etc/apparmor.d/firefox-local at line 3: Could not open 'abi/4.0': No such file or directory

Oct 30 15:04:48 host apparmor.systemd[479]: Error: At least one profile failed to load

Oct 30 15:06:55 host sdwdate-pre[978]: + gcc /usr/src/sdwdate/sclockadj.c -o /usr/libexec/sdwdate/sclockadj -ldl -D_GNU_SOURCE -Wdate-time -D_FORTIFY_SOURCE=3 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -Wl,-z,now

Oct 30 15:06:57 host wireplumber[1299]: GetManagedObjects() failed: org.freedesktop.DBus.Error.NameHasNoOwner

Oct 30 15:06:59 host mate-notificati[1478]: AT-SPI: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files

Oct 30 15:06:59 host spice-vdagent[1531]:    error message: Cannot invoke method; proxy is for the well-known name org.gnome.Mutter.DisplayConfig without an owner, and proxy was constructed with the G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START flag

Oct 30 15:06:59 host spice-vdagent[1531]:    error message: Cannot invoke method; proxy is for the well-known name org.gnome.Mutter.DisplayConfig without an owner, and proxy was constructed with the G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START flag

Oct 30 15:06:59 host spice-vdagent[1531]:    error message: Cannot invoke method; proxy is for the well-known name org.gnome.Mutter.DisplayConfig without an owner, and proxy was constructed with the G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START flag

Oct 30 15:06:59 host spice-vdagent[1531]:    error message: Cannot invoke method; proxy is for the well-known name org.gnome.Mutter.DisplayConfig without an owner, and proxy was constructed with the G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START flag

Oct 30 15:07:03 host sdwdate[1238]: __ ### END: ### Exiting with exit_code '1' indicating 'wait, show error icon and retry.'.

Oct 30 15:07:03 host sdwdate[1238]: 2024-10-30 15:07:03 - sdwdate - INFO - PREPARATION RESULT: onion-time-pre-script detected a known permanent (until the user fixes it) error status. Consider running systemcheck for more information.

Oct 30 15:07:09 host sdwdate[1238]: __ ### END: ### Exiting with exit_code '1' indicating 'wait, show error icon and retry.'.

Oct 30 15:07:09 host sdwdate[1238]: 2024-10-30 15:07:09 - sdwdate - INFO - PREPARATION RESULT: onion-time-pre-script detected a known permanent (until the user fixes it) error status. Consider running systemcheck for more information.

Oct 30 15:08:20 host xdg-desktop-por[1802]: AT-SPI: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files

Oct 30 15:31:36 host apparmor.systemd[9031]: AppArmor parser error for /etc/apparmor.d in profile /etc/apparmor.d/firefox-local at line 3: Could not open 'abi/4.0': No such file or directory

Oct 30 15:31:36 host apparmor.systemd[9101]: AppArmor parser error for /etc/apparmor.d/firefox-local in profile /etc/apparmor.d/firefox-local at line 3: Could not open 'abi/4.0': No such file or directory

Oct 30 15:31:37 host apparmor.systemd[9023]: Error: At least one profile failed to load

I’m really not sure what to do here. I’ve been at it for hours.

Well best regards and hope you can help.

oops forgot to mention that it’s Whonix XFCE/KVM on VirtManager and host is Linux mint.

Oct 30 15:31:36 host apparmor.systemd[9031]: AppArmor parser error for /etc/apparmor.d in profile /etc/apparmor.d/firefox-local at line 3: Could not open 'abi/4.0': No such file or directory

Your apparmor profile is broken. Did you install or modify it?

I did not install it and as far as I am aware I did not modify it. I’ve been using Whonix for maybe a week now, I did have some issues with an appimage download in regards with apparmor.d but I’m sure I was able to resolve the issue without modifying apparmor in anyway.

Whonix doesn’t come with that file. Not a Whonix issue.

The log is clearly stating that /etc/apparmor.d/firefox-local is broken. Something you or some software did broke it. Fix or delete that file.

Hmm strange.

If I were to fix it, how would I go about doing that? Like I said I’m quite new to linux.

If I were to delete it would it not affect the Tor browser?

Tor Browser isn’t Firefox.

sudo rm /etc/apparmor.d/firefox-local

Oh I thought because Tor browser was based on FF that it meant Tor browser. Then why the heck is firefox in there?! I sure didn’t install it!

Ok, that got rid of the warning in the grub menu at start up.

Thank you for your help.