fix apparmor profile for arch != amd64 (`ImportError: [...]/_gi.cpython-38-aarch64-linux-gnu.so: Permission denied`)

CHANGELOG.md

@@ -6,6 +6,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 ### Fixed
+- apparmor profile for architectures other than x86_64/amd64
+  (`ImportError: Error loading [...]/_gi.cpython-38-aarch64-linux-gnu.so: Permission denied`)
 - dockerfile: split `pipenv install` into two stages to speed up image builds
 - dockerfile: `chmod` files copied from host to no longer require `o=rX` perms on host
 - dockerfile: add registry to base image specifier for `podman build`

docker-apparmor-profile

@@ -27,8 +27,8 @@ profile systemctl-mqtt flags=(attach_disconnected) {
   /systemctl-mqtt/** r,
   /systemctl-mqtt/.venv/lib/python3.8/site-packages/_dbus_bindings.so m,
   /systemctl-mqtt/.venv/lib/python3.8/site-packages/_dbus_glib_bindings.so m,
-  /systemctl-mqtt/.venv/lib/python3.8/site-packages/gi/_gi.cpython-38-x86_64-linux-gnu.so m,
-  /systemctl-mqtt/.venv/lib/python3.8/site-packages/gi/_gi_cairo.cpython-38-x86_64-linux-gnu.so m,
+  /systemctl-mqtt/.venv/lib/python3.8/site-packages/gi/_gi.cpython-38-*-linux-gnu.so m,
+  /systemctl-mqtt/.venv/lib/python3.8/site-packages/gi/_gi_cairo.cpython-38-*-linux-gnu.so m,
   # https://presentations.nordisch.org/apparmor/#/25
   /systemctl-mqtt/.venv/bin/systemctl-mqtt rix,
   /etc/** r,