General update

Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>

apparmor.d/profiles-g-l/im-launch

@@ -20,10 +20,14 @@ profile im-launch @{exec_path} {
   @{bin}/gsettings             rPx,
   @{bin}/locale                rix,
   @{bin}/sed                   rix,
+  @{bin}/sleep                 rix,
+  @{bin}/startplasma-x11       rPx,
   @{bin}/true                  rix,
   @{bin}/uim-toolbar-gtk3     rPUx,
+  @{bin}/uim-xim              rPUx,
   @{lib}/gnome-session-binary  rPx,
 
+  @{HOME}/.xsession-errors rw,
   /usr/share/im-config/{,**} r,
 
   /etc/default/im-config r,

apparmor.d/profiles-g-l/ip

@@ -11,6 +11,7 @@ include <tunables/global>
 profile ip @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/consoles>
+  include <abstractions/nameservice-strict>
 
   capability bpf,
   capability net_admin,
@@ -19,7 +20,7 @@ profile ip @{exec_path} flags=(attach_disconnected) {
 
   network netlink raw,
 
-  mount options=(rw, rshared)   -> /{var/,}run/netns/,
+  mount options=(rw, bind, rshared)   -> /{var/,}run/netns/,
   mount options=(rw, rslave)    -> /,
   mount options=(rw, bind)    / -> /{var/,}run/netns/*,
   mount options=(rw, bind)    /etc/netns/firefox/resolv.conf -> /etc/resolv.conf,
@@ -36,6 +37,7 @@ profile ip @{exec_path} flags=(attach_disconnected) {
   /etc/iproute2/{,**} r,
   /etc/netns/*/ r,
 
+  owner @{run}/netns/ rwk,
         @{run}/netns/* rw,
   owner @{run}/netns/ rw,