feat(profiles): general update.

apparmor.d/groups/apt/unattended-upgrade

@@ -110,6 +110,7 @@ profile unattended-upgrade @{exec_path} flags=(attach_disconnected) {
 
   /var/cache/apt/{,**} rwk,
   /var/lib/apt/extended_states{,.*} rw,
+  /var/lib/apt/periodic/ w,
   /var/log/apt/{term,history}.log w,
   /var/log/apt/eipp.log.xz w,
 

apparmor.d/groups/bus/dbus-daemon

@@ -54,10 +54,12 @@ profile dbus-daemon @{exec_path} flags=(attach_disconnected) {
   @{lib}/telepathy/mission-control-5                                      rPx,
   @{lib}/xfce[0-9]/xfconf/xfconfd                                         rPx,
   /usr/share/gnome-documents/org.gnome.Documents                          rPx,
+  /usr/share/gnome-maps/org.gnome.Maps                                   rPUx,
+  /usr/share/gnome-shell/extensions/gsconnect@andyholmes.github.io/service/daemon.js rPx,
   /usr/share/org.gnome.Characters/org.gnome.Characters                    rPx,
   /usr/share/org.gnome.Characters/org.gnome.Characters.BackgroundService  rPx,
+
   @{user_share_dirs}/gnome-shell/extensions/gsconnect@andyholmes.github.io/service/daemon.js rPx,
-  /usr/share/gnome-shell/extensions/gsconnect@andyholmes.github.io/service/daemon.js rPx,
 
   /etc/dbus-1/{,**} r,
 

apparmor.d/groups/gnome/gnome-extensions-app

@@ -25,6 +25,9 @@ profile gnome-extensions-app @{exec_path} {
   @{bin}/{,ba,da}sh  rix,
   @{bin}/gjs-console rix,
 
+  @{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop  rPx -> child-open,
+  @{lib}/gio-launch-desktop                           rPx -> child-open,
+
   /usr/share/gnome-shell/org.gnome.Extensions* r,
   /usr/share/icu/@{int}.@{int}/*.dat r,
   /usr/share/terminfo/x/xterm-256color r,

apparmor.d/groups/network/iwd

@@ -27,12 +27,12 @@ profile iwd @{exec_path} {
   /etc/iwd/{,**} r,
   /var/lib/iwd/{,**} rw,
 
-  @{sys}/devices/pci[0-9]*/**/ieee80211/phy[0-9]/* r,
-  @{sys}/devices/pci[0-9]*/**/modalias r,
+  @{sys}/devices/@{pci}/ieee80211/phy[0-9]/* r,
+  @{sys}/devices/@{pci}/modalias r,
 
-  @{PROC}/sys/net/ipv{4,6}/conf/wlan[0-9]*/arp_* rw,
-  @{PROC}/sys/net/ipv{4,6}/conf/wlan[0-9]*/drop_* rw,
-  @{PROC}/sys/net/ipv{4,6}/conf/wlan[0-9]*/ndisc_* rw,
+  @{PROC}/sys/net/ipv{4,6}/conf/wlan@{int}/arp_* rw,
+  @{PROC}/sys/net/ipv{4,6}/conf/wlan@{int}/drop_* rw,
+  @{PROC}/sys/net/ipv{4,6}/conf/wlan@{int}/ndisc_* rw,
   @{PROC}/sys/net/ipv{4,6}/conf/wlp*/arp_* rw,
   @{PROC}/sys/net/ipv{4,6}/conf/wlp*/drop_* rw,
   @{PROC}/sys/net/ipv{4,6}/conf/wlp*/ndisc_* rw,

apparmor.d/profiles-g-l/git

@@ -7,13 +7,11 @@ abi <abi/3.0>,
 
 include <tunables/global>
 
+@{lib_dirs} = @{lib}/git/ @{lib}/git-core/
 @{code_config_dirs} = @{user_config_dirs}/Code* @{HOME}/.vscode{,-oss}
 
-@{exec_path}  = @{bin}/git
-@{exec_path} += @{bin}/git-*
-@{exec_path} += @{lib}/git-core/git
-@{exec_path} += @{lib}/git-core/git-*
-@{exec_path} += @{lib}/git-core/mergetools/*
+@{exec_path}  = @{bin}/git @{bin}/git-*
+@{exec_path} += @{lib_dirs}/git @{lib_dirs}/git-* @{lib_dirs}/mergetools/*
 profile git @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
@@ -79,7 +77,7 @@ profile git @{exec_path} {
   @{bin}/vim             rCx -> editor,
   @{bin}/vim.*           rCx -> editor,
   
-  /usr/share/git-core/{,**} r,
+  /usr/share/git{,-core}/{,**} r,
   /usr/share/terminfo/x/xterm-256color r,
 
   /etc/mailname r,
@@ -87,8 +85,10 @@ profile git @{exec_path} {
   owner @{user_projects_dirs}/   rw,
   owner @{user_projects_dirs}/** rwkl -> @{user_projects_dirs}/**,
   owner @{user_projects_dirs}/**/.git/hooks/* rix,
+
   owner @{user_cache_dirs}/*/ rw,
   owner @{user_cache_dirs}/*/** rwkl -> @{user_cache_dirs}/*/**,
+
   owner /tmp/**        rwkl -> /tmp/**,
   owner /tmp/**/bin/*  rCx -> exec,
 

apparmor.d/profiles-m-r/pcscd

@@ -15,8 +15,9 @@ profile pcscd @{exec_path} {
 
   network netlink raw,
 
-  ptrace (read) peer=rngd,
   ptrace (read) peer=pkcs11-register,
+  ptrace (read) peer=rngd,
+  ptrace (read) peer=scdaemon,
 
   @{exec_path} mr,