Comment 4 for bug 1948752

with in the profile block, eg.

   profile redshift {

or something similar, add the following rules

   dbus send bus="system" path="/org/freedesktop/DBus"
        interface="org.freedesktop.DBus"
        member="{GetNameOwner,StartServiceByName,AddMatch}",

   dbus send bus="system" path="/org/freedesktop/GeoClue2/Manager"
        interface="org.freedesktop.DBus.Properties" member="GetAll",

   dbus send bus="system" path="/org/freedesktop/GeoClue2/Manager"
        interface="org.freedesktop.GeoClue2.Manager" member="GetClient",

I think I got everything that is needed but its possible I missed a couple cases, also there may be other rules needed not covered by the above logs

after adding the above rules you need to reload the profile.

  systemctl reload apparmor

should do it