feat(profiles): general update.

apparmor.d/groups/gpg/gpg

@@ -45,6 +45,8 @@ profile gpg @{exec_path} {
   owner /var/lib/*/.gnupg/ rw,
   owner /var/lib/*/.gnupg/** rwkl -> /var/lib/*/.gnupg/**,
 
+  owner /tmp/tmp.[a-zA-Z0-9]* rw,
+
   owner @{PROC}/@{pid}/fd/ r,
   owner @{PROC}/@{pid}/task/@{tid}/comm rw,
   owner @{PROC}/@{pid}/task/@{tid}/stat rw,

apparmor.d/groups/gpg/gpg-agent

@@ -17,8 +17,9 @@ profile gpg-agent @{exec_path} {
 
   @{exec_path} mr,
 
-  /{usr/,}lib/gnupg/scdaemon rPx,
   /{usr/,}bin/pinentry{,-*}  rPx,
+  /{usr/,}bin/scdaemon       rPx,
+  /{usr/,}lib/gnupg/scdaemon rPx,
 
   /usr/share/gnupg/* r,
 

apparmor.d/groups/gpg/scdaemon

@@ -7,7 +7,7 @@ abi <abi/3.0>,
 
 include <tunables/global>
 
-@{exec_path} = /{usr/,}lib/gnupg/scdaemon
+@{exec_path} = /{usr/,}bin/scdaemon /{usr/,}lib/gnupg/scdaemon
 profile scdaemon @{exec_path} {
   include <abstractions/base>
   include <abstractions/devices-usb>