Tunable @{user_share_dirs} declaration does not work as expected

tunables/share has this declaration [0]:

```
@{user_share_dirs} = @{HOME}/.local/{,share/@{flatpak_exports_root}}/share
```

`@{user_share_dirs}` itself is used in `abstractions/freedesktop.org` [1]:

```
owner @{user_share_dirs}/mime/{**,} r,
```

Nevertheless, recently I've started getting denies related to mime-related files in my home, from Thunderbird, Firefox, and more:

```
type=AVC msg=audit(1549821514.141:9496): apparmor="DENIED" operation="open" profile="thunderbird" name="/home/vincas/.local/share/mime/mime.cache" pid=3084 comm="thunderbird" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000

```

```
type=AVC msg=audit(1549821514.141:9502): apparmor="DENIED" operation="open" profile="thunderbird" name="/home/vincas/.local/share/mime/generic-icons" pid=3084 comm="thunderbird" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
```

Denies disappear if I change `@{user_share_dirs}` declaration into two separate declarations likes this:

```
@{user_share_dirs} = @{HOME}/.local/share
@{user_share_dirs} += @{HOME}/.local/share/@{flatpak_exports_root}/share
```

Or, into simpler one-liner with two paths (thanks to Christian Boltz):

```
@{user_share_dirs} = @{HOME}/.local/share @{HOME}/.local/share/@{flatpak_exports_root}/share

```

This is what `apparmor_parser -d` outputs for related mime rule:
```
Mode: r: Name: ({/home//*//.local/{,share/{flatpak/exports,flatpak/{app,runtime}/*/*/*/*/export}}/share,/root//.local/{,share/{flatpak/exports,flatpak/{app,runtime}/*/*/*/*/export}}/share}/mime/{**,})
```

There are two related Debian bug reports:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920833
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921888

[0] https://gitlab.com/apparmor/apparmor/blob/5e5b02b7227bf2ee4d25f2d945c07317af0637ec/profiles/apparmor.d/tunables/share#L15

[1] https://gitlab.com/apparmor/apparmor/blob/5e5b02b7227bf2ee4d25f2d945c07317af0637ec/profiles/apparmor.d/abstractions/freedesktop.org#L28