feat(profiles): general update.

apparmor.d/groups/gnome/gdm-wayland-session

@@ -11,6 +11,7 @@ profile gdm-wayland-session @{exec_path} {
   include <abstractions/base>
   include <abstractions/bash>
   include <abstractions/consoles>
+  include <abstractions/dbus-session-strict>
   include <abstractions/dbus-strict>
   include <abstractions/dconf-write>
   include <abstractions/nameservice-strict>
@@ -53,7 +54,6 @@ profile gdm-wayland-session @{exec_path} {
 
   /etc/default/im-config r,
   /etc/gdm{3,}/custom.conf r,
-  /etc/machine-id r,
   /etc/shells r,
   /etc/X11/xinit/xinputrc r,
   /etc/X11/Xsession.d/*im-config_launch r,
@@ -61,8 +61,7 @@ profile gdm-wayland-session @{exec_path} {
   /usr/share/gdm/gdm.schemas r,
   /usr/share/glib-2.0/schemas/gschemas.compiled r,
 
-  owner @{run}/user/@{uid}/bus rw,
-        @{run}/gdm/custom.conf r,
+  @{run}/gdm/custom.conf r,
 
   owner @{PROC}/@{pid}/fd/ r,
   owner @{PROC}/@{pid}/loginuid r,

apparmor.d/groups/gnome/gnome-characters-backgroudservice

@@ -24,6 +24,8 @@ profile gnome-characters-backgroudservice @{exec_path} {
 
   /etc/gtk-3.0/settings.ini r,
 
+  owner @{run}/user/@{uid}/wayland-[0-9]* rw,
+
   owner @{PROC}/@{pid}/mounts r,
   owner @{PROC}/@{pid}/stat r,
   owner @{PROC}/@{pid}/task/@{tid}/stat r,

apparmor.d/groups/gnome/gnome-extension-ding

@@ -34,6 +34,9 @@ profile gnome-extension-ding @{exec_path} {
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 
+  dbus bind bus=session
+       name=com.rastersoft.ding,
+
   @{exec_path} mr,
 
   /{usr/,}bin/{,ba,da}sh            rix,

apparmor.d/groups/gnome/gnome-terminal-server

@@ -10,6 +10,7 @@ include <tunables/global>
 profile gnome-terminal-server @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
+  include <abstractions/dbus-session-strict>
   include <abstractions/dconf-write>
   include <abstractions/fonts>
   include <abstractions/freedesktop.org>
@@ -34,8 +35,6 @@ profile gnome-terminal-server @{exec_path} {
 
   /etc/shells r,
 
-  owner @{run}/user/@{uid}/at-spi/bus rw,
-  owner @{run}/user/@{uid}/bus rw,
   owner @{run}/user/@{uid}/gdm/Xauthority r,
   owner @{run}/user/@{uid}/wayland-[0-9]* rw,
 

apparmor.d/groups/gnome/nautilus

@@ -10,6 +10,7 @@ include <tunables/global>
 profile nautilus @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/app-launcher-user>
+  include <abstractions/dbus-session-strict>
   include <abstractions/dbus-strict>
   include <abstractions/dconf-write>
   include <abstractions/gnome>
@@ -21,6 +22,20 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 
+  dbus (send, receive) bus=session path=/org/gnome/Nautilus{,/*}
+       interface={org.freedesktop.DBus.{Properties,Introspectable},org.gtk.Actions},
+
+  dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor
+       interface=org.gtk.Private.RemoteVolumeMonitor
+       member={IsSupported,List}
+       peer=(name=:*),
+
+  dbus bind bus=session
+       name=org.gnome.Nautilus,
+
+  dbus bind bus=session
+       name=org.freedesktop.FileManager1,
+
   @{exec_path} mr,
   /{usr/,}bin/{,ba,da}sh rix,
 

apparmor.d/groups/gnome/tracker-extract

@@ -9,6 +9,7 @@ include <tunables/global>
 @{exec_path} = @{libexec}/tracker-extract-3
 profile tracker-extract @{exec_path} {
   include <abstractions/base>
+  include <abstractions/dbus-session-strict>
   include <abstractions/dconf-write>
   include <abstractions/disks-read>
   include <abstractions/fonts>
@@ -51,8 +52,7 @@ profile tracker-extract @{exec_path} {
 
   owner /tmp/tracker-extract-3-files.*/{,*} rw,
 
-  owner @{run}/user/@{uid}/bus rw,
-        @{run}/blkid/blkid.tab r,
+  @{run}/blkid/blkid.tab r,
 
   @{run}/udev/data/c235:* r,
   @{run}/udev/data/c236:* r,