Assert to catch non-existent profiles at nix build time

common/tooling/apparmor/apparmor-d-module.nix

@@ -5,7 +5,7 @@
   ...
 }:
 let
-  inherit (lib) mkIf mapAttrs;
+  inherit (lib) mkIf mapAttrs assertMsg pathIsRegularFile;
 
   cfg = config.security.apparmor_d;
   apparmor-d = pkgs.callPackage ./apparmor-d-package.nix {};
@@ -26,7 +26,11 @@ let
     security.apparmor.policies = mapAttrs (name: value: {
       enable = value != "disable";
       enforce = value == "enforce";
-      profile = ''include "${apparmor-d}/etc/apparmor.d/${name}"'';
+      profile = let
+        file = "${apparmor-d}/etc/apparmor.d/${name}";
+      in
+        assert assertMsg (pathIsRegularFile file) "profile ${name} not found in apparmor.d path (${file})";
+       ''include "${file}"'';
     }) cfg.profiles;
     
     environment.systemPackages = [ apparmor-d ];