diff --git a/apparmor.d/profiles-s-z/zed b/apparmor.d/profiles-s-z/zed
index 4f39770e..607feb10 100644
--- a/apparmor.d/profiles-s-z/zed
+++ b/apparmor.d/profiles-s-z/zed
@@ -38,12 +38,13 @@ profile zed @{exec_path} flags=(complain) {
   @{run}/zed.pid rwkl,
   @{run}/zed.state rwkl,
   @{run}/zfs-list.cache@* rw,
-  
-  @{PROC}/@{pids}/mounts r,
-  owner @{PROC}/@{pids}/fd/ r,
-  @{PROC}/@{pid}/task/@{tid}/comm rw,
 
   @{sys}/bus/pci/slots/ r,
+  @{sys}/bus/pci/slots/[0-9]*/address r,
+  
+        @{PROC}/@{pids}/mounts r,
+  owner @{PROC}/@{pids}/fd/ r,
+        @{PROC}/@{pid}/task/@{tid}/comm rw,
 
   /dev/zfs rw,
 
diff --git a/apparmor.d/profiles-s-z/zfs b/apparmor.d/profiles-s-z/zfs
index 388e569d..4532b912 100644
--- a/apparmor.d/profiles-s-z/zfs
+++ b/apparmor.d/profiles-s-z/zfs
@@ -11,15 +11,20 @@ profile zfs @{exec_path} flags=(complain) {
   include <abstractions/base>
   
   capability sys_admin,
+  capability dac_read_search,
+
+  mount fstype=zfs,
+  umount fstype=zfs,
   
   @{exec_path} mr,
 
   /etc/zfs/zfs-list.cache/{,*} rwk,
-  
-  @{PROC}/@{pids}/mounts r,
 
   @{run}/zfs-list.cache@* rw,
 
+  @{PROC}/@{pids}/mounts r,
+  @{PROC}/sys/fs/pipe-max-size r,
+
   /dev/zfs rw,
 
   include if exists <local/zfs>
diff --git a/apparmor.d/profiles-s-z/zpool b/apparmor.d/profiles-s-z/zpool
index d39b710d..0a35b291 100644
--- a/apparmor.d/profiles-s-z/zpool
+++ b/apparmor.d/profiles-s-z/zpool
@@ -19,11 +19,15 @@ profile zpool @{exec_path} flags=(complain) {
   /{usr/,}{local/,}lib/zfs-linux/zpool.d/* rix,
 
   /etc/hostid r,
+  /etc/zfs/*.cache rwk,
 
   @{run}/blkid/blkid.tab rw,
   @{run}/blkid/blkid.tab.old l,
   @{run}/blkid/blkid.tab-* rwl,
 
+  @{sys}/bus/pci/slots/
+  @{sys}/bus/pci/slots/[0-9]*/address
+
   @{PROC}/@{pids}/mounts r,
   @{PROC}/sys/kernel/spl/hostid r,