feat(profile): general update.

apparmor.d/groups/apt/dpkg-preconfigure

@@ -20,6 +20,7 @@ profile dpkg-preconfigure @{exec_path} {
   @{bin}/perl r,
 
   @{sh_path}        rix,
+  @{bin}/{,e}grep   rix,
   @{bin}/locale     rix,
   @{bin}/sed        rix,
   @{bin}/stty       rix,
@@ -31,6 +32,7 @@ profile dpkg-preconfigure @{exec_path} {
   /usr/share/debconf/confmodule r,
 
   /etc/debconf.conf r,
+  /etc/default/grub r,
   /etc/inputrc r,
   /etc/shadow r,
 
@@ -42,6 +44,8 @@ profile dpkg-preconfigure @{exec_path} {
   owner /var/cache/debconf/{config,passwords,templates}.dat{,-old,-new} rwk,
   owner /var/cache/debconf/tmp.ci/ r,
   owner /var/cache/debconf/tmp.ci/* rix,
+  owner /var/cache/debconf/tmp.ci/*.config.@{rand6} w,
+  owner /var/cache/debconf/tmp.ci/*.passwords.@{rand6} w,
   owner /var/cache/debconf/tmp.ci/*.template.@{rand6} w,
   owner /var/log/unattended-upgrades/unattended-upgrades-dpkg.log rw,
 

apparmor.d/groups/gnome/gsd-power

@@ -15,6 +15,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
   include <abstractions/bus-system>
   include <abstractions/bus/net.hadess.PowerProfiles>
   include <abstractions/bus/org.a11y>
+  include <abstractions/bus/org.freedesktop.hostname1>
   include <abstractions/bus/org.freedesktop.login1.Session>
   include <abstractions/bus/org.freedesktop.login1>
   include <abstractions/bus/org.freedesktop.systemd1>

apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor

@@ -70,8 +70,6 @@ profile gvfs-udisks2-volume-monitor @{exec_path} flags=(attach_disconnected) {
   @{HOME}/**/ r,
 
   @{run}/mount/utab r,
-  @{run}/systemd/inhibit/*.ref r,
-  @{run}/systemd/sessions/* r,
 
         @{PROC}/ r,
         @{PROC}/@{pids}/net/* r,

apparmor.d/groups/kde/sddm

@@ -97,7 +97,7 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   @{bin}/kwalletd{5,6}        rPx,
   @{bin}/startplasma-wayland  rPx,
   @{bin}/startplasma-x11      rPx,
-  @{bin}/systemctl            rPx -> child-systemctl,
+  @{bin}/systemctl            rCx -> systemctl,
   @{bin}/unix_chkpwd          rPx,
   @{bin}/xrdb                 rPx,
   @{bin}/xset                 rPx,
@@ -189,6 +189,13 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   /dev/tty@{int} rw,
   /dev/tty rw,
 
+  profile systemctl {
+    include <abstractions/base>
+    include <abstractions/systemctl>
+  
+    include if exists <local/sddm_systemctl>
+  }
+
   profile xauth {
     include <abstractions/base>
 

apparmor.d/groups/systemd/systemd-hostnamed

@@ -38,8 +38,13 @@ profile systemd-hostnamed @{exec_path}  flags=(attach_disconnected) {
   @{run}/udev/data/+dmi:id r,
 
   @{sys}/devices/virtual/dmi/id/ r,
-  @{sys}/devices/virtual/dmi/id/{bios_vendor,bios_version,board_vendor,bios_date} r,
-  @{sys}/devices/virtual/dmi/id/{product_name,product_version,chassis_type} r,
+  @{sys}/devices/virtual/dmi/id/bios_date r,
+  @{sys}/devices/virtual/dmi/id/bios_vendor r,
+  @{sys}/devices/virtual/dmi/id/bios_version r,
+  @{sys}/devices/virtual/dmi/id/board_vendor r,
+  @{sys}/devices/virtual/dmi/id/chassis_type r,
+  @{sys}/devices/virtual/dmi/id/product_name r,
+  @{sys}/devices/virtual/dmi/id/product_version r,
   @{sys}/devices/virtual/dmi/id/sys_vendor r,
   @{sys}/devices/virtual/dmi/id/uevent r,
   @{sys}/firmware/acpi/pm_profile r,

apparmor.d/groups/systemd/systemd-timesyncd

@@ -37,6 +37,7 @@ profile systemd-timesyncd @{exec_path} flags=(attach_disconnected) {
         @{run}/resolvconf/*.conf r,
         @{run}/systemd/netif/state r,
         @{run}/systemd/notify rw,
+        @{run}/systemd/timesyncd.conf.d/{,**} r,
   owner @{run}/systemd/journal/socket w,
   owner @{run}/systemd/timesync/synchronized rw,