feat: add AppArmor profile to FPM targets to pair with afterInstall and afterRemove template scripts

[mmaietta]

Also adds new linux config entry for providing the file path to your own custom/template app armor profile (within build resources dir)

Implements: #8635

Tested on Ubuntu 22 + 24 VMs and Fedora 40 VM

Ubuntu 24 logs:
Without AppArmor template

parallels@ubuntu-linux-2404:~$ sudo apt install /home/parallels/Desktop/electron-quick-start-typescript_1.0.2_arm64.deb
[sudo] password for parallels: 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'electron-quick-start-typescript' instead of '/home/parallels/Desktop/electron-quick-start-typescript_1.0.2_arm64.deb'
The following NEW packages will be installed:
  electron-quick-start-typescript
0 upgraded, 1 newly installed, 0 to remove and 5 not upgraded.
Need to get 0 B/63.7 MB of archives.
After this operation, 247 MB of additional disk space will be used.
Get:1 /home/parallels/Desktop/electron-quick-start-typescript_1.0.2_arm64.deb electron-quick-start-typescript arm64 1.0.2 [63.7 MB]
Selecting previously unselected package electron-quick-start-typescript.
(Reading database ... 217024 files and directories currently installed.)
Preparing to unpack .../electron-quick-start-typescript_1.0.2_arm64.deb ...
Unpacking electron-quick-start-typescript (1.0.2) ...
Setting up electron-quick-start-typescript (1.0.2) ...
update-alternatives is /usr/bin/update-alternatives
update-alternatives: using /opt/electron-quick-start-typescript/electron-quick-start-typescript to provide /usr/bin/electron-quick-start-typescript (electron-qu
ick-start-typescript) in auto mode
Processing triggers for hicolor-icon-theme (0.17-2) ...
Processing triggers for gnome-menus (3.36.0-1.1ubuntu3) ...
Processing triggers for desktop-file-utils (0.27-2build1) ...

parallels@ubuntu-linux-2404:~$ electron-quick-start-typescript 
[3649:1027/174724.179392:FATAL:setuid_sandbox_host.cc(158)] The SUID sandbox helper binary was found, but is not configured correctly. Rather than run without sandboxing I'm aborting now. You need to make sure that /opt/electron-quick-start-typescript/chrome-sandbox is owned by root and has mode 4755.
Trace/breakpoint trap (core dumped)

With AppArmor template supplied by electron-builder:

parallels@ubuntu-linux-2404:~$ sudo apt install /home/parallels/Desktop/electron-quick-start-typescript_1.0.2_arm64-armor.deb 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'electron-quick-start-typescript' instead of '/home/parallels/Desktop/electron-quick-start-typescript_1.0.2_arm64-armor.deb'
The following packages will be upgraded:
  electron-quick-start-typescript
1 upgraded, 0 newly installed, 0 to remove and 5 not upgraded.
Need to get 0 B/63.7 MB of archives.
After this operation, 4,096 B of additional disk space will be used.
Get:1 /home/parallels/Desktop/electron-quick-start-typescript_1.0.2_arm64-armor.deb electron-quick-start-typescript arm64 1.0.2 [63.7 MB]
(Reading database ... 217112 files and directories currently installed.)
Preparing to unpack .../electron-quick-start-typescript_1.0.2_arm64-armor.deb ..
.
Unpacking electron-quick-start-typescript (1.0.2) over (1.0.2) ...
Setting up electron-quick-start-typescript (1.0.2) ...
update-alternatives is /usr/bin/update-alternatives
Processing triggers for hicolor-icon-theme (0.17-2) ...
Processing triggers for gnome-menus (3.36.0-1.1ubuntu3) ...
Processing triggers for desktop-file-utils (0.27-2build1) ...

parallels@ubuntu-linux-2404:~$ electron-quick-start-typescript 
Checking for beta autoupdate feature for deb/rpm distributions
Found package-type: deb
17:47:39.587 › Checking for update

[changeset-bot]

🦋 Changeset detected

Latest commit: 9110622

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 8 packages

Name	Type
app-builder-lib	Major
dmg-builder	Major
electron-builder-squirrel-windows	Major
electron-builder	Major
electron-forge-maker-appimage	Major
electron-forge-maker-nsis-web	Major
electron-forge-maker-nsis	Major
electron-forge-maker-snap	Major

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[Sytten]

Who do we need to bug to get that merged?

[mmaietta]

Released in 26.0.0-alpha.6