feat(dbus): dbus rules cleanup (3)

apparmor.d/profiles-a-f/atril

@@ -11,6 +11,7 @@ include <tunables/global>
 profile atril @{exec_path} {
   include <abstractions/base>
   include <abstractions/bus/atspi>
+  include <abstractions/bus/vfs>
   include <abstractions/dbus-accessibility-strict>
   include <abstractions/dbus-session-strict>
   include <abstractions/dconf-write>
@@ -25,11 +26,6 @@ profile atril @{exec_path} {
 
   network netlink raw,
 
-  dbus send bus=session path=/org/gtk/vfs/mounttracker
-       interface=org.gtk.vfs.MountTracker
-       member=ListMountableInfo
-       peer=(name=:*),
-
   dbus send bus=session path=/org/mate/atril/{,**}
        peer=(name=org.freedesktop.DBus, label=atrild),  # all interfaces and members
 

apparmor.d/profiles-a-f/atrild

@@ -11,17 +11,11 @@ profile atrild @{exec_path} {
   include <abstractions/base>
   include <abstractions/dbus-session-strict>
 
-  dbus send bus=session path=/org/freedesktop/DBus
-     interface=org.freedesktop.DBus
-     member={RequestName,ReleaseName}
-     peer=(name=org.freedesktop.DBus, label=dbus-daemon),
+  dbus bind bus=session name=org.mate.atril.Daemon,
 
   dbus (send, receive) bus=session path=/org/mate/atril/**
        peer=(name="{:*,org.freedesktop.DBus}", label=atril),  # all interfaces and members
 
-  dbus bind bus=session
-       name=org.mate.atril.Daemon,
-
   @{exec_path} mr,
 
   include if exists <local/atrild>

apparmor.d/profiles-a-f/engrampa

@@ -11,6 +11,7 @@ include <tunables/global>
 profile engrampa @{exec_path} {
   include <abstractions/base>
   include <abstractions/bus/atspi>
+  include <abstractions/bus/vfs>
   include <abstractions/dbus-accessibility-strict>
   include <abstractions/dbus-session-strict>
   include <abstractions/dconf-write>
@@ -34,21 +35,6 @@ profile engrampa @{exec_path} {
        member={IsSupported,List}
        peer=(name=:*),
 
-  dbus send bus=session path=/org/gtk/vfs/mounttracker
-       interface=org.gtk.vfs.MountTracker
-       member={ListMounts2,LookupMount}
-       peer=(name=:*),
- 
-  dbus receive bus=session path=/org/gtk/vfs/mounttracker
-       interface=org.gtk.vfs.MountTracker
-       member=Mounted
-       peer=(name=:*),
-
-  dbus send bus=session path=/org/gtk/vfs/Daemon
-       interface=org.gtk.vfs.Daemon
-       member=GetConnection
-       peer=(name=:*),
-
   dbus receive bus=session path=/org/gtk/Application/anonymous
        interface=org.freedesktop.DBus.Properties
        member=GetAll

apparmor.d/profiles-a-f/evince

@@ -25,11 +25,6 @@ profile evince @{exec_path} {
   deny network inet,
   deny network inet6,
 
-  dbus send bus=session path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={RequestName,ReleaseName}
-       peer=(name=org.freedesktop.DBus),
-
   dbus send bus=session path=/org/gtk/vfs/metadata
        interface=org.gtk.vfs.Metadata
        member={Set,GetTreeFromDevice}

apparmor.d/profiles-a-f/fprintd

@@ -18,22 +18,16 @@ profile fprintd @{exec_path} flags=(attach_disconnected) {
 
   network netlink raw,
 
+  dbus bind bus=system name=net.reactivated.Fprint,
   dbus receive bus=system path=/net/reactivated/Fprint/Manager
-       interface={org.freedesktop.DBus.Properties,net.reactivated.Fprint.Manager},
-
-  dbus send bus=system path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={RequestName,ReleaseName}
-        peer=(name=org.freedesktop.DBus),
+       interface={org.freedesktop.DBus.Properties,net.reactivated.Fprint.Manager}
+       peer=(name=:*),
 
   dbus send bus=system path=/org/freedesktop/login1
        interface=org.freedesktop.login1.Manager
        member=Inhibit
        peer=(name=org.freedesktop.login1),
 
-  dbus bind bus=system 
-       name=net.reactivated.Fprint,
-
   @{exec_path} mr,
 
   /etc/fprintd.conf r,