feat(profiles): general update.

apparmor.d/groups/kde/dolphin

@@ -10,6 +10,7 @@ include <tunables/global>
 profile dolphin @{exec_path} {
   include <abstractions/base>
   include <abstractions/deny-sensitive-home>
+  include <abstractions/dri-common>
   include <abstractions/dri-enumerate>
   include <abstractions/fonts>
   include <abstractions/freedesktop.org>
@@ -30,6 +31,7 @@ profile dolphin @{exec_path} {
   /usr/share/kf5/kmoretools/{,**} r,
   /usr/share/kio/{,**} r,
   /usr/share/kservices5/{,**} r,
+  /usr/share/kservicetypes5/{,**} r,
   /usr/share/mime/ r,
 
   /etc/fstab r,
@@ -55,8 +57,7 @@ profile dolphin @{exec_path} {
   owner @{user_config_dirs}/dolphinrc.@{rand6} rwl -> @{user_config_dirs}/#@{int},
   owner @{user_config_dirs}/dolphinrc.lock rwk,
   owner @{user_config_dirs}/kde.org/#@{int} rw,
-  owner @{user_config_dirs}/kde.org/UserFeedback.org.kde.dolphin.conf rw,
-  owner @{user_config_dirs}/kde.org/UserFeedback.org.kde.dolphin.conf.@{rand6} rwlk -> @{user_config_dirs}/kde.org/#@{int},
+  owner @{user_config_dirs}/kde.org/UserFeedback.org.kde.dolphin.conf{,.@{rand6}} rwlk -> @{user_config_dirs}/kde.org/#@{int},
   owner @{user_config_dirs}/kde.org/UserFeedback.org.kde.dolphin.conf.lock rwk,
 
   owner @{user_config_dirs}/session/ rw,

apparmor.d/groups/kde/kioslave5

@@ -66,6 +66,7 @@ profile kioslave5 @{exec_path} {
 
   # Silence non user's data
   deny /boot/{,**} r,
+  deny /etc/{,**} r,
   deny /opt/{,**} r,
   deny /root/{,**} r,
   deny /tmp/.* rw,

apparmor.d/groups/kde/sddm

@@ -36,9 +36,10 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
 
   network netlink raw,
 
-  ptrace (trace) peer=@{profile_name},
+  ptrace (read) peer=kwalletd5,
   ptrace (read) peer=unconfined,
-  
+  ptrace (trace) peer=@{profile_name},
+
   signal (send) set=term peer=kwin_wayland,
   signal (send) set=(kill, term) peer=startplasma,
   signal (send) set=term peer=startplasma-wayland,