From a9e48392091f4e0d9395a570c6889b2ccb4379d0 Mon Sep 17 00:00:00 2001
From: Andreas Hasenack <andreas.hasenack@canonical.com>
Date: Wed, 3 Jan 2024 16:17:31 -0300
Subject: [PATCH] table

---
 .../troubleshoot_apt_news_security_confinement.md  | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/dev-docs/howtoguides/troubleshoot_apt_news_security_confinement.md b/dev-docs/howtoguides/troubleshoot_apt_news_security_confinement.md
index 1f4e2ea033..304d586592 100644
--- a/dev-docs/howtoguides/troubleshoot_apt_news_security_confinement.md
+++ b/dev-docs/howtoguides/troubleshoot_apt_news_security_confinement.md
@@ -139,3 +139,17 @@ If whatever incorrect behavior that you were observing is now gone, then it's li
 
 The exact meaning of each sandboxing feature is well documented upstream, in the [systemd.exec sandboxing](https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Sandboxing) section of the manpage. But as with apparmor, be mindful of differences between Ubuntu Releases: not all features from the latest releases will be available in, say, Ubuntu Xenial, for example.
 
+
+## Cheat sheet
+
+Here are a few handful Apparmor tips.
+
+| What                                    | How                                    |
+|-----------------------------------------|----------------------------------------|
+| Reload an apparmor profile from disk    | `sudo apparmor_parser -r -W -T <file>` |
+| Place a profile in complain mode        | `sudo aa-complain <file>`              |
+| Place a profile in enforce mode         | `sudo aa-enforce <file>`               |
+| List loaded profiles                    | `sudo aa-status`                       |
+| Check apparmor logs                     | `sudo dmesg -wT \| grep apparmor=`     |
+| Run a command under an apparmor profile | `sudo aa-exec -p <profile> <cmd>`      |
+