feat(profiles): general update.

apparmor.d/profiles-m-r/packagekitd

@@ -122,11 +122,13 @@ profile packagekitd @{exec_path} flags=(attach_disconnected) {
 
   owner /tmp/packagekit* rw,
 
-        @{run}/zypp.pid rwk, # only: opensuse
         @{run}/systemd/inhibit/*.ref rw,
+        @{run}/zypp.pid rwk, # only: opensuse
   owner @{run}/systemd/users/@{uid} r,
+  owner @{run}/zypp-rpm.pid rwk, # only: opensuse
 
   owner /dev/shm/AP_0x??????/{,**} rw,
+  owner /dev/shm/ r,
 
   @{sys}/**/ r,
   @{sys}/devices/**/modalias r,

apparmor.d/profiles-m-r/qemu-ga

@@ -15,6 +15,8 @@ profile qemu-ga @{exec_path} {
   capability net_admin,
   capability sys_ptrace,
 
+  network inet stream,
+  network inet6 stream,
   network netlink raw,
 
   ptrace peer=unconfined,
@@ -30,6 +32,8 @@ profile qemu-ga @{exec_path} {
   @{sys}/devices/system/node/ r,
   @{sys}/devices/system/node/node*/meminfo r,
 
+  owner @{PROC}/@{pid}/net/dev r,
+
   /dev/vport[0-9]*p[0-9]* rw,
 
   include if exists <local/qemu-ga>