When testing stuff on 4.14, make sure you: - use apparmor 2.11.1
- disable features-files= in /etc/apparmor/parser.conf (otherwise not only you'll be stuck to 4.13's feature set and unable to do useful work here, but worse you'll hit a kernel bug wrt. feature set pinning & network rules that totally breaks unix/netlink/etc.)
