Update Complain Mode

Complain-Mode.md

@@ -9,6 +9,10 @@ ALLOWED
 When an application executes another application profile rules are used to determine the confinement of the subsequent application. However applications in complain mode often do not have a fully developed profile and the confinement of the child application may not be defined. Instead of folding the child applications behavior logging in to the current applications profile, apparmor can create special profiles that are used to track and learn application behavior of child processes. Specifically these special "null-" profiles are created when a confined application in complain mode tries to exec another application and the profile has no matching rule that defines the expected behavior, or has a rule that explicitly says a special null-XXXX profile should be created.
 
 
+don't know in kernel if want to fold behavior of child into current
+into existing profile
+into new child profile
+
 The creation of the null-XXXX profile allows the child applications logging stream to treat
 
 Eg.