feat(profile): general update.

apparmor.d/groups/network/networkd-dispatcher

@@ -17,15 +17,21 @@ profile networkd-dispatcher @{exec_path} {
   dbus receive bus=system path=/org/freedesktop/network1{,/link/*}
        interface=org.freedesktop.DBus.Properties
        member=PropertiesChanged
-       peer=(name=:*),
+       peer=(name=:*, label=systemd-networkd),
 
   @{exec_path} mr,
 
   @{bin}/ r,
   @{bin}/networkctl  rPx,
+  @{bin}/ls          rix,
+  @{bin}/sed         rix,
+
+  @{lib}/networkd-dispatcher/routable.d/postfix rix,
 
   /etc/networkd-dispatcher/{,**} r,
 
+  /var/spool/postfix/pid/master.pid r,
+
   @{run}/systemd/notify rw,
 
   owner @{PROC}/@{pid}/fd/ r,

apparmor.d/groups/network/nm-dispatcher

@@ -18,7 +18,7 @@ profile nm-dispatcher @{exec_path} flags=(attach_disconnected) {
   capability sys_nice,
   capability sys_ptrace,
 
-  ptrace (read) peer=unconfined,
+  ptrace (read) peer=@{systemd},
 
   # dbus: own bus=system name=org.freedesktop.nm_dispatcher
 
@@ -73,7 +73,7 @@ profile nm-dispatcher @{exec_path} flags=(attach_disconnected) {
     /etc/network/if-*.d/* rPUx,
     /etc/wpa_supplicant/ifupdown.sh rPUx,
 
-    include if exists <local/anacron_run_parts>
+    include if exists <local/nm-dispatcher_run-parts>
   }
 
   include if exists <local/nm-dispatcher>