Comment 18 for bug 1861408

i have reenabled the capability rules ans added these to them, also from the chromium profile:

    owner @{PROC}/@{pid}/setgroups w,
    owner @{PROC}/@{pid}/uid_map w,
    owner @{PROC}/@{pid}/gid_map w,
.

i have prepared dbus rules:

dbus send
    bus=system
    path=/org/freedesktop/RealtimeKit1
    interface=org.freedesktop.DBus.Properties
    member=Get
    peer=(name=org.freedesktop.RealtimeKit1|label="/usr/lib/firefox/firefox{,*[^s][^h]}")

dbus send
    bus=session
    path=/org/gtk/vfs/Daemon
    interface=org.gtk.vfs.Daemon
    member=ListMonitorImplementations
    peer=(name=":1.10" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )

dbus send
    bus="session"
    path="/org/gtk/Private/RemoteVolumeMonitor"
    interface="org.gtk.Private.RemoteVolumeMonitor"
    member="IsSupported"
    peer=(name=":1.35" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )

dbus send
    bus="session"
    path="/org/gtk/vfs/mounttracker"
    interface="org.gtk.vfs.MountTracker"
    member="ListMounts2"
    peer=( name=":1.10" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )

dbus send
    bus="session"
    path="/org/gtk/vfs/mounttracker"
    interface="org.gtk.vfs.MountTracker"
    member="LookupMount"
    peer=( name=":1.10" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )

dbus send
    bus="system"
    path="/org/freedesktop/hostname1"
    interface="org.freedesktop.DBus.Properties"
    member="GetAll"
    peer=( name=":1.120" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )

dbus send
    bus="session"
    path="/ca/desrt/dconf/Writer/user"
    interface="ca.desrt.dconf.Writer"
    member="Change"
    peer=( name="ca.desrt.dconf" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )

dbus receive
    bus="session"
    path="/ca/desrt/dconf/Writer/user"
    interface="ca.desrt.dconf.Writer"
    member="Notify"
    peer=( name=":1.21" | label="/usr/lib/firefox/firefox{,*[^s][^h]}" )

please somebody correct them and say to which file they should be added.