Profiles update.

apparmor.d/groups/pacman/pacman

@@ -21,6 +21,7 @@ profile pacman @{exec_path} {
   capability dac_read_search,
   capability fowner,
   capability fsetid,
+  capability mknod,
   capability net_admin,
   capability setfcap,
   capability setgid,
@@ -98,7 +99,8 @@ profile pacman @{exec_path} {
 
   owner /var/lib/pacman/{,**} rwl,
   owner /tmp/alpm_*/{,**} rw,
-  owner /tmp/checkup-db-[0-9]*/sync/*.db.part rw,
+  owner /tmp/checkup-db-[0-9]*/sync/{,*.db.part} rw,
+  owner /tmp/checkup-db-[0-9]*/db.lck rw,
 
   owner @{PROC}/@{pid}/fd/ r,
   owner @{PROC}/@{pid}/stat r,

apparmor.d/groups/pacman/pacman-hook-dkms

@@ -11,15 +11,17 @@ profile pacman-hook-dkms @{exec_path} {
   include <abstractions/base>
 
   capability dac_read_search,
+  capability mknod,
 
   unix (receive) type=stream,
 
   @{exec_path} mr,
 
   /{usr/,}bin/bash rix,
-  /{usr/,}bin/kmod rPx,
   /{usr/,}bin/dkms rPx,
-  
+  /{usr/,}bin/kmod rPx,
+  /{usr/,}bin/nproc rix,
+
   /usr/src/ r,
   /usr/src/**.conf r,