feat(profiles): general update.

apparmor.d/profiles-a-f/aa-enforce

@@ -19,7 +19,7 @@ profile aa-enforce @{exec_path} {
   @{bin}/ r,
   @{bin}/apparmor_parser     rPx,
 
-  /usr/share/terminfo/x/xterm-256color r,
+  /usr/share/terminfo/x/* r,
 
   /etc/apparmor/logprof.conf r,
   /etc/apparmor.d/{,**} rw,

apparmor.d/profiles-a-f/cracklib-packer

@@ -12,5 +12,7 @@ profile cracklib-packer @{exec_path} {
 
   @{exec_path} mr,
 
+  owner /var/cache/cracklib/{,**} rw,
+
   include if exists <local/cracklib-packer>
 }

apparmor.d/profiles-a-f/fwupd

@@ -1,6 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2020-2022 Mikhail Morfikov
-# Copyright (C) 2021-2022 Alexandre Pujol <alexandre@pujol.io>
+# Copyright (C) 2021-2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
@@ -30,7 +30,7 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) {
 
   dbus send bus=system path=/org/freedesktop/DBus
        interface=org.freedesktop.DBus
-       member={GetConnectionUnixUser,RemoveMatch,RequestName}
+       member={GetConnectionUnixUser,RemoveMatch,RequestName,ReleaseName}
        peer=(name=org.freedesktop.DBus),
 
   dbus send bus=system path=/org/freedesktop/ModemManager1
@@ -54,19 +54,11 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) {
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 
-  dbus send bus=system path=/
-       interface=org.freedesktop.fwupd
-       member=Changed
-       peer=(label=fwupdmgr),
-
   dbus send bus=system path=/
        interface=org.freedesktop.DBus
        member=Changed
        peer=(label=fwupdmgr),
 
-  dbus receive bus=system path=/
-       interface=org.freedesktop.fwupd,
-
   dbus receive bus=system path=/org/freedesktop/PolicyKit1/Authority
        interface=org.freedesktop.DBus.Properties
        member={Changed,GetAll}
@@ -77,8 +69,10 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) {
        member={GetAll,SetHints,GetPlugins,GetRemotes}
        peer=(name=:*, label=fwupdmgr),
 
-  dbus bind bus=system
-       name=org.freedesktop.fwupd,
+  dbus (send, receive) bus=system
+       interface=org.freedesktop.fwupd,
+
+  dbus bind bus=system name=org.freedesktop.fwupd,
 
   @{exec_path} mr,
 
@@ -150,6 +144,7 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) {
   /dev/drm_dp_aux@{int} rw,
   /dev/gpiochip@{int} r,
   /dev/hidraw@{int} rw,
+  /dev/ipmi@{int} rwk,
   /dev/mei@{int} rw,
   /dev/mem r,
   /dev/mtd@{int} rw,