feat(profile): small improvment on UI profiles.

apparmor.d/groups/steam/steam-launch

@@ -22,24 +22,33 @@ profile steam-launch @{exec_path} {
   @{exec_path} mr,
 
   @{sh_path}         rix,
+  @{bin}/cat         rix,
   @{bin}/cmp         rix,
   @{bin}/cp          rix,
   @{bin}/dirname     rix,
   @{bin}/env         rix,
   @{bin}/id          rix,
   @{bin}/readlink    rix,
+  @{bin}/rm          rix,
+  @{bin}/rmdir       rix,
 
   @{lib}/steam/steam         rix,
   @{lib}/steam/bin_steam.sh  rix,
   @{share_dirs}/steam.sh     rPx,
 
   @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-steam-remote     rPx,
+  @{runtime_dirs}/@{lib}/steam-runtime-tools-@{int}/* r,
+  @{runtime_dirs}/@{lib}/steam-runtime-tools-@{int}/srt-logger  rix,
 
   /usr/ r,
   /usr/local/ r,
 
   owner @{share_dirs}/bootstrap.tar.xz rw,
 
+  owner @{run}/user/@{uid}/srt-fifo.@{rand6}/fifo rw,
+
+  owner @{PROC}/@{pid}/fd/@{int} rw,
+
   /dev/tty rw,
 
   deny /opt/** r,

apparmor.d/profiles-a-f/file-roller

@@ -10,6 +10,7 @@ include <tunables/global>
 profile file-roller @{exec_path} {
   include <abstractions/base>
   include <abstractions/bus/org.freedesktop.portal.Desktop>
+  include <abstractions/bus/org.gtk.vfs.MountTracker>
   include <abstractions/common/gnome>
   include <abstractions/deny-sensitive-home>
   include <abstractions/nameservice-strict>

apparmor.d/profiles-a-f/fractal

@@ -54,6 +54,8 @@ profile fractal @{exec_path} flags=(attach_disconnected) {
     @{bin}/bwrap mr,
     @{lib}/glycin-loaders/*/glycin-* rix,
 
+    owner @{run}/user/@{uid}/fractal/.tmp@{rand6} r,
+
     owner @{PROC}/@{pid}/fd/ r,
 
     deny @{user_share_dirs}/gvfs-metadata/* r,

apparmor.d/profiles-s-z/signal-desktop

@@ -23,6 +23,7 @@ profile signal-desktop @{exec_path} {
   include <abstractions/devices-usb-read>
   include <abstractions/fontconfig-cache-read>
   include <abstractions/user-download-strict>
+  include <abstractions/video>
 
   network inet dgram,
   network inet6 dgram,