diff --git a/apparmor.d/profiles-a-f/evince b/apparmor.d/profiles-a-f/evince
index 8d1687bc..b7950c8f 100644
--- a/apparmor.d/profiles-a-f/evince
+++ b/apparmor.d/profiles-a-f/evince
@@ -9,15 +9,16 @@ include <tunables/global>
 @{exec_path} = @{bin}/evince @{lib}/evinced
 profile evince @{exec_path} {
   include <abstractions/base>
+  include <abstractions/dbus-accessibility-strict>
+  include <abstractions/dbus-session-strict>
   include <abstractions/dconf-write>
   include <abstractions/gnome>
+  include <abstractions/ibus>
+  include <abstractions/nameservice-strict>
   include <abstractions/openssl>
   include <abstractions/user-download-strict>
   include <abstractions/user-read>
   include <abstractions/user-write>
-  include <abstractions/dbus-session-strict>
-  include <abstractions/dbus-accessibility-strict>
-  include <abstractions/ibus>
 
   # also denies network mounts
   deny network inet,
@@ -111,26 +112,3 @@ profile evince @{exec_path} {
 
   include if exists <local/evince>
 }
-
-profile evince-previewer /{,usr/}bin/evince-previewer {
-  include <abstractions/base>
-  include <abstractions/dbus-accessibility-strict>
-  include <abstractions/dbus-session-strict>
-
-  unix (send, receive, connect) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*", label=xorg),
-
-  /{,usr/}bin/evince-previewer mr,
-
-  # X-tiny
-  owner @{HOME}/.Xauthority r,
-
-  include if exists <local/evince-previewer>
-}
-
-profile evince-thumbnailer /{,usr/}bin/evince-thumbnailer {
-  include <abstractions/base>
-
-  /{,usr/}bin/evince-thumbnailer mr,
-
-  include if exists <local/evince-thumbnailer>
-}
diff --git a/apparmor.d/profiles-a-f/evince-previewer b/apparmor.d/profiles-a-f/evince-previewer
new file mode 100644
index 00000000..3fd79a15
--- /dev/null
+++ b/apparmor.d/profiles-a-f/evince-previewer
@@ -0,0 +1,21 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/evince-previewer
+profile evince-previewer @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/dbus-accessibility-strict>
+  include <abstractions/dbus-session-strict>
+  include <abstractions/dconf-write>
+  include <abstractions/freedesktop.org>
+  include <abstractions/X-strict>
+
+  @{exec_path} mr,
+
+  include if exists <local/evince-previewer>
+}
\ No newline at end of file
diff --git a/apparmor.d/profiles-a-f/evince-thumbnailer b/apparmor.d/profiles-a-f/evince-thumbnailer
new file mode 100644
index 00000000..94d3169c
--- /dev/null
+++ b/apparmor.d/profiles-a-f/evince-thumbnailer
@@ -0,0 +1,16 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/evince-thumbnailer
+profile evince-thumbnailer @{exec_path} {
+  include <abstractions/base>
+
+  @{exec_path} mr,
+
+  include if exists <local/evince-thumbnailer>
+}
\ No newline at end of file