feat(profile): improve support for some profiles.

Most of the rules have come from the integration tests.

apparmor.d/profiles-s-z/snap

@@ -42,6 +42,7 @@ profile snap @{exec_path} {
   @{exec_path} mrix,
 
   @{bin}/mount rix,
+  @{bin}/getent rix,
 
   @{bin}/gpg{,2}          rCx -> gpg,
   @{bin}/systemctl        rCx -> systemctl,

apparmor.d/profiles-s-z/sync

@@ -13,9 +13,8 @@ profile sync @{exec_path} {
 
   @{exec_path} mr,
 
-  # Common paths where sync is used to flush all write operations on a single file to disk
-  # TODO: /** rw, ?
-  /boot/initrd-*-default rw,
+  # All paths where sync can be used to flush all write operations on a single file to disk
+  /** rw,
 
   include if exists <local/sync>
 }

apparmor.d/profiles-s-z/uuidd

@@ -17,8 +17,8 @@ profile uuidd @{exec_path} flags=(attach_disconnected) {
 
   owner /var/lib/libuuid/clock.txt rwk,
 
-  @{run}/uuidd/request w,
-  @{att}/@{run}/uuidd/request w,
+  @{run}/uuidd/request rw,
+  @{att}/@{run}/uuidd/request rw,
 
   include if exists <local/uuidd>
 }