nscd: add permission to allow supporting unscd

unscd is a drop-in replacement for nscd that uses the same binary location (/usr/sbin/nscd) and config file (/etc/nscd.conf). The usr.sbin.nscd profile only needs one additional permission to support it.

May 9 18:07:42 darkstar kernel: [ 2706.138823] audit: type=1400
audit(1683670062.580:839): apparmor="DENIED" operation="sendmsg"
profile="nscd" name="/run/systemd/notify" pid=4343 comm="nscd"
requested_mask="w" denied_mask="w" fsuid=125 ouid=0

profiles/apparmor.d/usr.sbin.nscd

@@ -45,6 +45,9 @@ profile nscd /usr/{bin,sbin}/nscd {
   /{etc,run,run/host,/usr/lib}/userdb/ r,
   /{etc,run,run/host,/usr/lib}/userdb/*.{user,user-privileged,group,group-privileged} r,
 
+  # needed by unscd
+  @{run}/systemd/notify w,
+
   # Site-specific additions and overrides. See local/README for details.
   include if exists <local/usr.sbin.nscd>
 }