feat(profiles): mkinitcpio support for systemd hooks.

apparmor.d/groups/pacman/mkinitcpio

@@ -30,7 +30,9 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
   /{usr/,}bin/find                rix,
   /{usr/,}bin/findmnt             rPx,
   /{usr/,}bin/fsck                rix,
+  /{usr/,}bin/getent              rix,
   /{usr/,}bin/grep                rix,
+  /{usr/,}bin/gzip                rix,
   /{usr/,}bin/hexdump             rix,
   /{usr/,}bin/install             rix,
   /{usr/,}bin/ldconfig            rix,
@@ -51,6 +53,7 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
   /{usr/,}bin/tput                rix,
   /{usr/,}bin/uname               rix,
   /{usr/,}bin/xz                  rix,
+  /{usr/,}bin/zcat                rix,
   /{usr/,}bin/zstd                rix,
 
   /{usr/,}bin/{depmod,insmod}     rPx,
@@ -81,8 +84,9 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
   # Can copy any program to the initframs
   /{usr/,}bin/ r,
   /{usr/,}bin/[a-z0-9]* mr,
+  /{usr/,}lib/ r,
   /{usr/,}lib/plymouth/plymouthd-* mr,
-  /{usr/,}lib/systemd/systemd-* mr,
+  /{usr/,}lib/systemd/{,**} mr,
   /{usr/,}lib/udev/[a-z0-9]* mr,
 
   # Manage /boot