feat(profiles): general update.

apparmor.d/groups/freedesktop/pipewire

@@ -33,7 +33,6 @@ profile pipewire @{exec_path} {
 
   /usr/share/pipewire/pipewire.conf r,
 
-  /etc/machine-id r,
   /etc/pipewire/client.conf r,
   /etc/pipewire/pipewire-pulse.conf.d/{,*} r,
   /etc/pipewire/pipewire.conf r,

apparmor.d/groups/freedesktop/pipewire-media-session

@@ -11,6 +11,7 @@ include <tunables/global>
 profile pipewire-media-session @{exec_path} {
   include <abstractions/base>
   include <abstractions/audio>
+  include <abstractions/dbus-session-strict>
   include <abstractions/dbus-strict>
   include <abstractions/devices-usb>
   include <abstractions/nameservice-strict>
@@ -44,11 +45,11 @@ profile pipewire-media-session @{exec_path} {
 
   owner @{HOME}/.local/state/ rw,
   owner @{HOME}/.local/state/pipewire/{,**} rw,
+
   owner @{user_config_dirs}/pipewire/ rw,
   owner @{user_config_dirs}/pipewire/** rw,
   owner @{user_config_dirs}/pulse/ rw,
 
-  owner @{run}/user/@{uid}/bus rw,
   owner @{run}/user/@{uid}/pipewire-[0-9]* rw,
 
   @{run}/udev/data/+sound:card[0-9]* r, # For sound

apparmor.d/groups/freedesktop/xdg-document-portal

@@ -9,6 +9,7 @@ include <tunables/global>
 @{exec_path} = @{libexec}/xdg-document-portal
 profile xdg-document-portal @{exec_path} {
   include <abstractions/base>
+  include <abstractions/dbus-session-strict>
 
   ptrace (read) peer=xdg-desktop-portal,
 
@@ -23,7 +24,6 @@ profile xdg-document-portal @{exec_path} {
 
   owner @{user_share_dirs}/flatpak/db/documents r,
 
-  owner @{run}/user/@{uid}/bus rw,
   owner @{run}/user/@{uid}/doc/ rw,
 
   owner @{PROC}/@{pid}/fd/ r,