feat(firefox): minor firefox update.

apparmor.d/groups/browsers/firefox

@@ -24,6 +24,7 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
   include <abstractions/fontconfig-cache-read>
   include <abstractions/fonts>
   include <abstractions/freedesktop.org>
+  include <abstractions/gstreamer>
   include <abstractions/gtk>
   include <abstractions/mesa>
   include <abstractions/nameservice-strict>
@@ -173,6 +174,7 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
 
   /etc/@{firefox_name}/{,**} r,
   /etc/fstab r,
+  /etc/cups/client.conf r,
   /etc/igfx_user_feature{,_next}.txt w,
   /etc/libva.conf r,
   /etc/mailcap r,
@@ -183,10 +185,9 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
   /var/lib/nscd/services r,
 
   owner @{HOME}/ r,
+  owner @{HOME}/.cups/lpoptions r,
 
   owner @{user_cache_dirs}/ rw,
-  owner @{user_cache_dirs}/gstreamer-@{int}/ rw,
-  owner @{user_cache_dirs}/gstreamer-@{int}/registry.*.bin{,.tmp*} rw,
 
   owner @{user_config_dirs}/ r,
   owner @{user_config_dirs}/gtk-{3,4}.0/assets/*.svg r,
@@ -240,7 +241,7 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
   @{sys}/devices/pci[0-9]*/**/drm/card@{int}/ r,
   @{sys}/devices/pci[0-9]*/**/drm/renderD[0-9]*/ r,
   @{sys}/devices/pci[0-9]*/**/irq r,
-  @{sys}/devices/system/cpu/cpu[0-9]/cache/index[0-9]/size r,
+  @{sys}/devices/system/cpu/cpu@{int}/cache/index[0-9]/size r,
   @{sys}/devices/system/cpu/cpufreq/policy[0-9]/cpuinfo_max_freq r,
   @{sys}/devices/system/cpu/present r,
   @{sys}/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us r,

apparmor.d/groups/browsers/firefox-glxtest

@@ -19,6 +19,7 @@ profile firefox-glxtest @{exec_path} {
   include <abstractions/nameservice-strict>
   include <abstractions/opencl-nvidia>
   include <abstractions/vulkan>
+  include <abstractions/X-strict>
 
   @{exec_path} mr,
 
@@ -26,12 +27,8 @@ profile firefox-glxtest @{exec_path} {
 
   owner /tmp/firefox/.parentlock rw,
 
-  owner /tmp/xauth_@{rand6} r,
-
-  owner @{run}/user/@{uid}/xauth_@{rand6} r,
-
   @{sys}/bus/pci/devices/ r,
-  @{sys}/devices/pci[0-9]*/**/class r,
+  @{sys}/devices/@{pci}/class r,
 
   include if exists <local/firefox-glxtest>
 }

apparmor.d/groups/browsers/firefox-kmozillahelper

@@ -16,21 +16,30 @@ profile firefox-kmozillahelper @{exec_path} {
   include <abstractions/mesa>
   include <abstractions/nameservice-strict>
   include <abstractions/qt5>
+  include <abstractions/thumbnails-cache-read>
 
   ptrace (read) peer=firefox,
 
   @{exec_path} mr,
 
+  @{lib}/libheif/            r,
+  @{lib}/libheif/*.so*      rm,
+
   /usr/share/hwdata/*.ids r,
   /usr/share/icu/@{int}.@{int}/*.dat r,
+  /usr/share/knotifications5/*.notifyrc r,
   /usr/share/kservices5/{,**} r,
   /usr/share/mime/ r,
+  /usr/share/sounds/{,**} r,
 
   /etc/xdg/kdeglobals r,
   /etc/xdg/kwinrc r,
   /etc/xdg/menus/ r,
   /etc/xdg/menus/applications-merged/ r,
 
+  owner @{HOME}/@{XDG_DESKTOP_DIR}/ r,
+  owner @{HOME}/@{XDG_DESKTOP_DIR}/*.desktop r,
+
   owner @{user_cache_dirs}/icon-cache.kcache rw,
   owner @{user_cache_dirs}/ksycoca5_* r,
 
@@ -38,11 +47,18 @@ profile firefox-kmozillahelper @{exec_path} {
   owner @{user_config_dirs}/kdedefaults/kwinrc r,
   owner @{user_config_dirs}/kdeglobals r,
   owner @{user_config_dirs}/kmozillahelperrc r,
+  owner @{user_config_dirs}/kmozillahelperrc.@{rand6} rwl,
   owner @{user_config_dirs}/kwinrc r,
 
+  owner @{user_share_dirs}/RecentDocuments/ r,
+  owner @{user_share_dirs}/RecentDocuments/*.desktop w,
+  owner @{user_share_dirs}/recently-used.xbel.@{rand6} l,
+
+  owner @{run}/user/@{uid}/kmozillahelper@{rand6}.@{int}.kioworker.socket wl,
   owner @{run}/user/@{uid}/xauth_@{rand6} rl,
 
         @{PROC}/sys/kernel/core_pattern r,
+  owner @{PROC}/@{pid}/mountinfo r,
 
   /dev/tty r,