feat(opensuse): final opensuse integration.

apparmor.d/groups/gpg/gpgconf

@@ -1,5 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2017-2021 Mikhail Morfikov
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
@@ -17,7 +18,7 @@ profile gpgconf @{exec_path} {
   @{exec_path} mrix,
 
   /{usr/,}bin/gpg-connect-agent rPx,
-  /{usr/,}bin/gpg               rPUx,
+  /{usr/,}bin/gpg{,2}               rPUx,
   /{usr/,}bin/gpg-agent         rPx,
   /{usr/,}bin/dirmngr           rPx,
   /{usr/,}bin/gpgsm             rPx,
@@ -25,6 +26,8 @@ profile gpgconf @{exec_path} {
 
   /{usr/,}bin/pinentry-*        rPx,
 
+  /etc/gcrypt/hwf.deny r,
+
   owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
   owner @{run}/user/@{uid}/gnupg/ w,
   owner @{run}/user/@{uid}/gnupg/** rwkl -> @{run}/user/@{uid}/gnupg/**,

apparmor.d/groups/gpg/gpgsm

@@ -1,5 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2018-2021 Mikhail Morfikov
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
@@ -15,6 +16,8 @@ profile gpgsm @{exec_path} {
 
   @{exec_path} mr,
 
+  /etc/gcrypt/hwf.deny r,
+
   deny /usr/bin/.gnupg/ w,
 
   owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,