allow ro access to .local/share/flatpak/exports

$PATH and $XDG_DATA_DIRS can contain subdirs of flatpak/exports,
some applications crash if they cann't access these files.

Layout on my system:
~/.local/share/flatpak/exports
|-bin
|-share
  |-applications
  |-icons

3 files changed, 8 insertions, 3 deletions

diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index bf29cd137..6f9149dee 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -444,7 +444,14 @@ blacklist /.snapshots
 
 # flatpak
 blacklist ${HOME}/.config/flatpak
-blacklist ${HOME}/.local/share/flatpak
+blacklist ${HOME}/.local/share/flatpak/app
+blacklist ${HOME}/.local/share/flatpak/appstream
+blacklist ${HOME}/.local/share/flatpak/db
+read-only ${HOME}/.local/share/flatpak/exports
+blacklist ${HOME}/.local/share/flatpak/oci
+blacklist ${HOME}/.local/share/flatpak/overrides
+blacklist ${HOME}/.local/share/flatpak/repo
+blacklist ${HOME}/.local/share/flatpak/runtime
 blacklist ${HOME}/.var
 blacklist /usr/share/flatpak
 blacklist /var/lib/flatpak
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile
index 62350b862..12415a937 100644
--- a/etc/gnome-maps.profile
+++ b/etc/gnome-maps.profile
@@ -13,7 +13,6 @@ include globals.local
 
 noblacklist ${HOME}/.cache/champlain
 noblacklist ${HOME}/.cache/org.gnome.Maps
-noblacklist ${HOME}/.local/share/flatpak
 noblacklist ${HOME}/.local/share/maps-places.json
 
 # Allow gjs (blacklisted by disable-interpreters.inc)
diff --git a/etc/gnome-sound-recorder.profile b/etc/gnome-sound-recorder.profile
index 7f8fc8a0c..a64ec25a9 100644
--- a/etc/gnome-sound-recorder.profile
+++ b/etc/gnome-sound-recorder.profile
@@ -7,7 +7,6 @@ include gnome-sound-recorder.local
 include globals.local
 
 noblacklist ${MUSIC}
-noblacklist ${HOME}/.local/share/flatpak
 noblacklist ${HOME}/.local/share/Trash
 
 # Allow gjs (blacklisted by disable-interpreters.inc)