add Apparmor Pybitmessage.AppImage profile

etc/apparmor.d/PyBitmessage.AppImage

@@ -0,0 +1,67 @@
+# Last Modified: Sat Dec 31 13:53:53 2022
+#include <tunables/global>
+
+/**/PyBitmessage*.AppImage {
+  #include <abstractions/apparmor_api/find_mountpoint>
+  #include <abstractions/base>
+  #include <abstractions/fonts>
+  #include <abstractions/user-tmp>
+
+  capability dac_read_search,
+  capability sys_admin,
+
+  mount fstype=fuse.PyBitmessage*.AppImage options=(ro, nosuid, nodev),
+  umount,
+
+  /dev/fuse rw,
+  /etc/fuse.conf r,
+  /etc/gai.conf r,
+  /etc/host.conf r,
+  /etc/hosts r,
+  /etc/nsswitch.conf r,
+  /etc/python2.7/sitecustomize.py r,
+  /etc/resolv.conf r,
+  /etc/xdg/Trolltech.conf rk,
+  /proc/filesystems r,
+  /sys/devices/system/cpu/online r,
+  /tmp/.mount_PyBitm*/ r,
+  /tmp/.mount_PyBitm*/** r,
+  /tmp/.mount_PyBitm*/AppRun mrix,
+  /tmp/.mount_PyBitm*/lib/x86_64-linux-gnu/lib*.so* mr,
+  /tmp/.mount_PyBitm*/usr/bin/pybitmessage mrix,
+  /tmp/.mount_PyBitm*/usr/bin/qt.conf mrk,
+  /tmp/.mount_PyBitm*/usr/lib/python2.7/**.so mr,
+  /tmp/.mount_PyBitm*/usr/lib/x86_64-linux-gnu/**/lib*.so* mr,
+  /tmp/.mount_PyBitm*/usr/lib/x86_64-linux-gnu/lib*.so* mr,
+  /usr/bin/dash mrix,
+  /usr/bin/fusermount mrix,
+  /usr/bin/fusermount3 mrix,
+  /usr/bin/python2.7 r,
+  /usr/bin/stat mrix,
+  /usr/sbin/ldconfig mrix,
+  /usr/share/icons/ r,
+  /usr/share/icons/Adwaita/* r,
+  /usr/share/icons/Adwaita/** r,
+  /usr/share/icons/hicolor/* r,
+  /usr/share/mime/* r,
+  /usr/share/pixmaps/ r,
+  /usr/share/themes/Adwaita/** r,
+  owner /etc/passwd r,
+  owner /run/systemd/userdb/ r,
+  owner /run/user/*/sni-qt_python2_*/ rw,
+  owner /run/user/*/sni-qt_python2_*/icons/ rw,
+  owner /usr/local/share/fonts/** r,
+  owner @{HOME}/.cache/fontconfig/*-le64.cache-7 r,
+  owner @{HOME}/.config/PyBitmessage/ r,
+  owner @{HOME}/.config/PyBitmessage/debug.log w,
+  owner @{HOME}/.config/PyBitmessage/keys.dat rw,
+  owner @{HOME}/.config/PyBitmessage/keys.dat.*.bak w,
+  owner @{HOME}/.config/PyBitmessage/knownnodes.dat rw,
+  owner @{HOME}/.config/PyBitmessage/messages.dat rwk,
+  owner @{HOME}/.config/PyBitmessage/messages.dat-journal rw,
+  owner @{HOME}/.config/PyBitmessage/pybitmessageqt.conf rwk,
+  owner @{HOME}/.config/PyBitmessage/singleton.lock rwk,
+  owner @{HOME}/.config/Trolltech.conf rwk,
+  owner /**/PyBitmessage*.AppImage mr,
+
+}