Update profiles.

apparmor.d/profiles-m-r/mandb

@@ -23,6 +23,7 @@ profile mandb @{exec_path} flags=(complain) {
 
   /usr/share/man/{,**} r,
   /usr/local/man/{,**} r,
+  /usr/local/share/man/{,**} r,
 
   /usr/{,/share}/man/{,**} r,
   /usr/local/{,/share/}/man/{,**} r,

apparmor.d/profiles-m-r/mount-cifs

@@ -6,7 +6,7 @@ abi <abi/3.0>,
 
 include <tunables/global>
 
-@{exec_path} = /{usr/,}{s,bin}/mount.cifs
+@{exec_path} = /{usr/,}sbin/mount.cifs
 profile mount-cifs @{exec_path} flags=(complain) {
   include <abstractions/base>
   include <abstractions/nameservice-strict>

apparmor.d/profiles-m-r/mount-nfs

@@ -6,7 +6,7 @@ abi <abi/3.0>,
 
 include <tunables/global>
 
-@{exec_path} = /{usr/,}{s,bin}/mount.nfs
+@{exec_path} = /{usr/,}sbin/mount.nfs
 profile mount-nfs @{exec_path} flags=(complain) {
   include <abstractions/base>
   include <abstractions/nameservice-strict>

apparmor.d/profiles-m-r/pass

@@ -60,10 +60,10 @@ profile pass @{exec_path} {
   owner @{user_config_dirs}/password-store/{,**} rw,
   owner /dev/shm/pass.*/{,*} rw,
 
-  owner @{PROC}/@{pids}/cmdline r,
-        @{PROC}/ r,
-        @{PROC}/sys/kernel/osrelease r,
-        @{PROC}/uptime r,
+  @{PROC}/@{pids}/cmdline r,
+  @{PROC}/ r,
+  @{PROC}/sys/kernel/osrelease r,
+  @{PROC}/uptime r,
 
   /dev/tty rw,
 

apparmor.d/profiles-m-r/pass-extension-python

@@ -21,7 +21,8 @@ profile pass-extension-python {
 
   /usr/share/file/misc/magic.mgc r,
 
-  owner /tmp/* rw,
+  /tmp/* rw,
+
   owner @{PROC}/@{pid}/fd/ r,
 
   include if exists <local/pass-extension-python>

apparmor.d/profiles-m-r/pipewire-media-session

@@ -23,6 +23,7 @@ profile pipewire-media-session @{exec_path} {
   /usr/share/alsa-card-profile/{,**} r,
   /usr/share/alsa/{,**} r,
   /usr/share/pipewire/media-session.d/{,**} r,
+  /usr/share/spa-*/bluez[0-9]*/{,*} r,
 
   /etc/alsa/{,**} r,
   /etc/pipewire/media-session.d/*.conf r,