feat(profiles): general update.

apparmor.d/profiles-s-z/sbctl

@@ -32,5 +32,9 @@ profile sbctl @{exec_path} {
 
   @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
 
+  # File Inherit
+  deny network inet stream,
+  deny network inet6 stream,
+
   include if exists <local/sbctl>
 }

apparmor.d/profiles-s-z/virt-manager

@@ -89,6 +89,7 @@ profile virt-manager @{exec_path} flags=(attach_disconnected) {
   @{run}/udev/data/c4[0-9]*:[0-9]* r,
   @{run}/udev/data/c5[0-9]*:[0-9]* r,
 
+  @{sys}/devices/**/hwmon/**/{,name,temp*,fan*} r,
   @{sys}/devices/pci[0-9]*/**/drm/ r,
   @{sys}/devices/virtual/drm/ttm/uevent r,
 

apparmor.d/profiles-s-z/wpa-supplicant

@@ -50,9 +50,10 @@ profile wpa-supplicant @{exec_path} flags=(attach_disconnected) {
 
   @{sys}/devices/pci[0-9]*/**/ieee80211/phy[0-9]/name r,
 
-  @{PROC}/sys/net/ipv[4,6]/conf/wlan[0-9]/drop_* rw,
-  @{PROC}/sys/net/ipv[4,6]/conf/wlo*/drop_* rw,
-  @{PROC}/sys/net/ipv[4,6]/conf/wlp*/drop_* rw,
+  @{PROC}/sys/net/ipv{4,6}/conf/p2p*/drop_* rw,
+  @{PROC}/sys/net/ipv{4,6}/conf/wlan*/drop_* rw,
+  @{PROC}/sys/net/ipv{4,6}/conf/wlo*/drop_* rw,
+  @{PROC}/sys/net/ipv{4,6}/conf/wlp*/drop_* rw,
 
   /dev/rfkill rw,