feat(profiles): general update.

apparmor.d/abstractions/base.d/complete

@@ -19,6 +19,3 @@
 
   ptrace (readby) peer=systemd-coredump,
 
-  # Allow to write a user defined fifo log devices
-  owner /dev/log-xsession w,
-  owner /dev/log-gnupg w,

apparmor.d/abstractions/dbus-gtk

@@ -44,3 +44,6 @@
        interface=org.a11y.atspi.DeviceEventController
        member={GetKeystrokeListeners,GetDeviceEventListeners}
        peer=(name=org.a11y.atspi.Registry),
+
+  # Include additions to the abstraction
+  include if exists <abstractions/dbus-gtk.d>

apparmor.d/abstractions/systemd-common

@@ -1,18 +1,19 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2019-2021 Mikhail Morfikov
+# Copyright (C) 2021-2022 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
   abi <abi/3.0>,
 
   ptrace (read),
 
-  owner @{PROC}/@{pid}/stat r,
+        @{PROC}/1/cgroup r,
         @{PROC}/1/environ r,
         @{PROC}/1/sched r,
-        @{PROC}/1/cgroup r,
         @{PROC}/cmdline r,
         @{PROC}/sys/kernel/osrelease r,
         @{PROC}/sys/kernel/random/boot_id r,
+  owner @{PROC}/@{pid}/stat r,
 
   /dev/kmsg w,
 

apparmor.d/abstractions/user-download-strict

@@ -1,5 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2018-2021 Mikhail Morfikov
+# Copyright (C) 2021-2022 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
   abi <abi/3.0>,
@@ -10,8 +11,4 @@
   owner @{user_download_dirs}/ r,
   owner @{user_download_dirs}/** rwkl -> @{user_download_dirs}/**,
 
-  # For SSHFS mounts (without owner as files in such mounts can be owned by different users)
-        @{HOME}/mount-sshfs/ r,
-        @{HOME}/mount-sshfs/** rwl,
-
   include if exists <abstractions/user-download-strict.d>