update apparmor profiles

Signed-off-by: Alexandre Pujol <alexandre@pujol.io>

apparmor.d/profiles-g-l/gajim

@@ -98,7 +98,7 @@ profile gajim @{exec_path} {
 
   # Silencer
   deny /usr/share/gajim/** w,
-
+  deny /usr/lib/python3/dist-packages/** w,
 
   profile ccache {
     include <abstractions/base>
@@ -117,6 +117,8 @@ profile gajim @{exec_path} {
 
     /media/ccache/*/** rw,
 
+    owner @{run}/user/@{uid}/ccache-tmp/ rw,
+
     /etc/debian_version r,
 
   }

apparmor.d/profiles-g-l/gparted

@@ -15,6 +15,7 @@ profile gparted @{exec_path} {
 
   /{usr/,}{s,}bin/           r,
   /{usr/,}{s,}bin/gpartedbin rPx,
+  @{libexec}/gpartedbin      rPx,
 
   /{usr/,}bin/            r,
   /{usr/,}bin/{,e}grep    rix,

apparmor.d/profiles-g-l/gpartedbin

@@ -7,6 +7,7 @@ abi <abi/3.0>,
 include <tunables/global>
 
 @{exec_path} = /{usr/,}{s,}bin/gpartedbin
+@{exec_path} += @{libexec}/gpartedbin
 profile gpartedbin @{exec_path} {
   include <abstractions/base>
   include <abstractions/gtk>

apparmor.d/profiles-g-l/i3lock

@@ -19,10 +19,12 @@ profile i3lock @{exec_path} {
 
   @{exec_path} mr,
 
-  /usr/sbin/unix_chkpwd rPx,
+  /{usr/,}sbin/unix_chkpwd rPx,
 
   owner @{HOME}/.Xauthority r,
 
+  owner @{PROC}/@{pid}/fd/ r,
+
   # For background image.
   owner @{HOME}/*.png r,
   owner @{HOME}/*/*.png r,