feat(profile): general update.

apparmor.d/groups/gnome/gdm-session-worker

@@ -86,7 +86,8 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
 
   owner @{HOME}/.pam_environment r,
 
-  owner @{run}/user/@{uid}/keyring/control rw,
+  owner @{run}/systemd/seats/seat@{int} r,
+  owner @{run}/user/@{uid}/keyring/control rw, 
 
   @{run}/cockpit/active.motd r,
   @{run}/faillock/[a-zA-z0-9]* rwk,

apparmor.d/groups/gnome/gnome-calculator-search-provider

@@ -21,7 +21,7 @@ profile gnome-calculator-search-provider @{exec_path} {
 
   signal (send) set=kill peer=unconfined,
 
-  @{exec_path} mr,
+  @{exec_path} mrix,
   /{usr/,}bin/[a-z0-9]* rPUx,
 
   /usr/share/glib-2.0/schemas/gschemas.compiled r,

apparmor.d/groups/gvfs/gvfsd-metadata

@@ -16,11 +16,18 @@ profile gvfsd-metadata @{exec_path} {
 
   network netlink raw,
 
+  signal (receive) set=(usr1) peer=pacman,
+
   dbus bus=session path=/org/freedesktop/DBus
        interface=org.freedesktop.DBus
        member={RequestName,ReleaseName}
        peer=(name=org.freedesktop.DBus, label=dbus-daemon),
 
+  dbus receive bus=session
+       interface=org.freedesktop.DBus.Introspectable
+       member=Introspect 
+       peer=(name=:*, label=gnome-shell),
+
   dbus receive bus=session path=/org/gtk/vfs/metadata
        interface=org.freedesktop.DBus.Properties
        member=GetAll

apparmor.d/groups/pacman/pacman

@@ -28,6 +28,7 @@ profile pacman @{exec_path} {
   capability setgid,
   capability setuid,
   capability sys_chroot,
+  capability sys_ptrace,
   capability sys_resource,
 
   network inet stream,
@@ -39,6 +40,8 @@ profile pacman @{exec_path} {
 
   ptrace (read),
 
+  signal (send) set=(usr1) peer=gvfsd,
+
   @{exec_path} mrix,
 
   @{bin}/gpg{,2}      rCx -> gpg,