From f45c07dfa17305315b05d2a7a253163b6226e28d Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sat, 1 Oct 2022 19:10:00 +0100
Subject: [PATCH] feat(profiles): child-open integration 2/2

---
 apparmor.d/groups/freedesktop/xdg-desktop-portal | 5 +++--
 apparmor.d/groups/gnome/nautilus                 | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/apparmor.d/groups/freedesktop/xdg-desktop-portal b/apparmor.d/groups/freedesktop/xdg-desktop-portal
index 0f116b01..6a26e66c 100644
--- a/apparmor.d/groups/freedesktop/xdg-desktop-portal
+++ b/apparmor.d/groups/freedesktop/xdg-desktop-portal
@@ -47,8 +47,9 @@ profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) {
   /{usr/,}bin/{,ba,da}sh  rix,
   /{usr/,}bin/snap        rPx,
 
-  # Allowed apps to open
-  /{usr/,}bin/firefox rPx -> firefox,
+  /{usr/,}lib/@{multiarch}/glib-[0-9]*/gio-launch-desktop  rPx -> child-open,
+  /{usr/,}lib/gio-launch-desktop                           rPx -> child-open,
+
   /{usr/,}bin/nautilus rPx,
 
   / r,
diff --git a/apparmor.d/groups/gnome/nautilus b/apparmor.d/groups/gnome/nautilus
index 93c4e728..1fb5d94c 100644
--- a/apparmor.d/groups/gnome/nautilus
+++ b/apparmor.d/groups/gnome/nautilus
@@ -38,6 +38,7 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
 
   @{exec_path} mr,
   /{usr/,}bin/{,ba,da}sh rix,
+  /{usr/,}lib/gio-launch-desktop  rPx -> child-open,
 
   /usr/share/nautilus/{,**} r,
   /usr/share/poppler/{,**} r,