update apparmor profiles

Signed-off-by: Alexandre Pujol <alexandre@pujol.io>

apparmor.d/groups/apt/dpkg

@@ -71,11 +71,14 @@ profile dpkg @{exec_path} {
   /etc/dpkg/dpkg.cfg r,
 
   owner @{PROC}/@{pid}/fd/ r,
+        @{PROC}/sys/kernel/random/boot_id r,
 
   owner /tmp/apt-dpkg-install-*/ r,
 
   /var/log/dpkg.log w,
 
+  @{run}/systemd/userdb/ r,
+
   # For shell pwd
   /root/ r,
 
@@ -103,9 +106,15 @@ profile dpkg @{exec_path} {
   /var/local/**  rwl -> /var/local/**,
   /var/spool/    r,
   /var/spool/**  rwl -> /var/spool/**,
+  # Fixme when more transitions will be available (#FIXME#)
+  /var/www/      r,
+  /var/www/**    rwl,
   # To create log and cache dirs
   /var/log/**/   rw,
   /var/cache/**/ rw,
+  # To create dirs under var
+  /var/*.dpkg-new/ rw,
+  /var/*/ rw,
 
   # file_inherit
   owner /dev/tty[0-9]* rw,