chore: small fixes and cosmetic.

dists/apparmor.d.spec

@@ -16,6 +16,7 @@ Source0:        %{name}-%{version}.tar.gz
 Requires:       apparmor-profiles
 BuildRequires:  distribution-release
 BuildRequires:  golang-packaging
+BuildRequires:  apparmor-profiles
 
 %description
 AppArmor.d is a set of over 1500 AppArmor profiles whose aim is to confine most Linux based applications and processes.

dists/docker.sh

@@ -80,7 +80,7 @@ build_in_docker_dpkg() {
 			--env DISTRIBUTION="$target" "$BASEIMAGE/$dist"
 		docker exec "$img" sudo apt-get update -q
 		docker exec "$img" sudo apt-get install -y config-package-dev rsync
-		[[ "$COMMAND" == debian ]] && aptopt=(-t bookworm-backports)
+		[[ "$dist" == debian ]] && aptopt=(-t bookworm-backports)
 		docker exec "$img" sudo apt-get install -y "${aptopt[@]}" golang-go
 	fi
 

dists/ignore/opensuse.ignore

@@ -11,3 +11,7 @@ apparmor.d/groups/ubuntu
 # Whonix specific definition
 apparmor.d/groups/whonix
 apparmor.d/tunables/home.d/whonix
+
+# Profiles provided by they own package
+libvirt
+virt-aa-helper

dists/overwrite

@@ -1,12 +1,8 @@
-# Apparmor ships some unconfined profiles that allow everything and set the
-# userns rules. This file keeps track of them and allow apparmor.d to replace
+# Apparmor 4.0 ships several profiles that allow userns and are otherwise
+# unconfined. This file keeps track of them and allow apparmor.d to replace
 # them by our own.
 # File format: one profile name by line.
 
-# This is managed globally in this file and not in debian/apparmor.d.hide as
-# it applies to all distributions using apparmor 4.0+. When needed, it is
-# automatically enabled during prebuild.
-
 brave
 chrome
 element-desktop