Dear Debian users, I have my ejabberd running correctly, on Debian Stretch, under an AppArmor profile. >From time to time, I have a net_admin capability denied by AppArmor: > Aug 11 06:54:22 osaka audit[16114]: AVC apparmor="DENIED" > operation="capable" profile="/usr/sbin/ejabberdctl//su" pid=16114 > comm="su" capability=12 capname="net_admin" Should this capability be added to the AppArmor profile, and why? Thanks. André