feat(profile): general update.

see #416

apparmor.d/groups/gnome/gnome-shell

@@ -218,6 +218,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   /.flatpak-info r,
   /etc/fstab r,
   /etc/timezone r,
+  /etc/tpm2-tss/*.json r,
   /etc/udev/hwdb.bin r,
   /etc/xdg/menus/gnome-applications.menu r,
 
@@ -249,10 +250,11 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
 
   owner @{HOME}/.face r,
   owner @{HOME}/.mozilla/firefox/firefox-mpris/{,*} r,
-  owner @{HOME}/.var/app/**/ r,
+  owner @{HOME}/.tpm2_pkcs11/tpm2_pkcs11.sqlite3 rw,
   owner @{HOME}/.var/app/**.{png,jpg,svg} r,
+  owner @{HOME}/.var/app/**/ r,
   owner @{HOME}/@{XDG_SCREENSHOTS_DIR}/{,**} rw,
-  owner @{HOME}/@{XDG_WALLPAPERS_DIR}/{,**} r,
+  owner @{HOME}/@{XDG_WALLPAPERS_DIR}/{,**} rw,
 
   owner @{user_games_dirs}/**.{png,jpg,svg} r,
   owner @{user_music_dirs}/**.{png,jpg,svg} r,
@@ -282,6 +284,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   owner @{user_cache_dirs}/vlc/**/*.jpg r,
 
         @{run}/gdm{3,}/dbus/dbus-@{rand8} rw,
+  owner @{run}/user/@{uid}/app/*/*.@{rand6} r,
   owner @{run}/user/@{uid}/gnome-shell-disable-extensions rw,
   owner @{run}/user/@{uid}/gnome-shell/{,**} rw,
   owner @{run}/user/@{uid}/gvfsd/socket-@{rand8} rw,

apparmor.d/groups/gnome/gsd-smartcard

@@ -31,16 +31,16 @@ profile gsd-smartcard @{exec_path} flags=(attach_disconnected) {
   /usr/share/glib-2.0/schemas/gschemas.compiled r,
 
   /etc/{,opensc/}opensc.conf r,
-  /etc/tpm2-tss/* r,
+  /etc/tpm2-tss/* rk,
 
   /var/tmp/ r,
   /tmp/ r,
 
-  owner @{GDM_HOME}/.tpm2_pkcs11/tpm2_pkcs11.sqlite3 rw,
+  owner @{GDM_HOME}/.tpm2_pkcs11/tpm2_pkcs11.sqlite3{,.lock} rwk,
   owner @{GDM_HOME}/greeter-dconf-defaults r,
   owner @{gdm_config_dirs}/dconf/user r,
 
-  owner @{HOME}/.tpm2_pkcs11/tpm2_pkcs11.sqlite3 rw,
+  owner @{HOME}/.tpm2_pkcs11/tpm2_pkcs11.sqlite3{,.lock} rwk,
 
   owner /dev/tty@{int} rw,