Whether to enable the AppArmor Mandatory Access Control system.
If you're enabling this module on a running system, note that a reboot will be required to activate AppArmor in the kernel.
Also, beware that enabling this module privileges stability over security by not trying to kill unconfined but newly confinable running processes by default, though it would be needed because AppArmor can only confine new or already confined processes of an executable. This killing would for instance be necessary when upgrading to a NixOS revision introducing for the first time an AppArmor profile for the executable of a running process.
Enable if you want this service to do such killing by sending a SIGTERM to those running processes.