diff --git a/apparmor.d/groups/gnome/gnome-software b/apparmor.d/groups/gnome/gnome-software
index ee3a87bf..57237123 100644
--- a/apparmor.d/groups/gnome/gnome-software
+++ b/apparmor.d/groups/gnome/gnome-software
@@ -130,6 +130,7 @@ profile gnome-software @{exec_path} {
     owner /tmp/ostree-gpg-*/ r,
     owner /tmp/ostree-gpg-*/** rwkl -> /tmp/ostree-gpg-*/**,
 
+    include if exists <local/gnome-software_gpg>
   }
 
   profile fusermount {
@@ -149,6 +150,7 @@ profile gnome-software @{exec_path} {
 
     /dev/fuse rw,
 
+    include if exists <local/gnome-software_fusermount>
   }
 
   include if exists <local/gnome-software>
diff --git a/apparmor.d/groups/systemd/systemd-generator-cryptsetup b/apparmor.d/groups/systemd/systemd-generator-cryptsetup
index 3cd68e6e..a244e9aa 100644
--- a/apparmor.d/groups/systemd/systemd-generator-cryptsetup
+++ b/apparmor.d/groups/systemd/systemd-generator-cryptsetup
@@ -16,5 +16,9 @@ profile systemd-generator-cryptsetup @{exec_path} flags=(attach_disconnected) {
 
   /etc/crypttab r,
 
+  @{run}/systemd/generator/{,**} rw,
+
+  @{PROC}/@{pid}/cgroup r,
+
   include if exists <local/systemd-generator-cryptsetup>
 }
\ No newline at end of file
diff --git a/apparmor.d/groups/systemd/systemd-generator-environment-flatpak b/apparmor.d/groups/systemd/systemd-generator-environment-flatpak
index cd056d24..dd63c8c3 100644
--- a/apparmor.d/groups/systemd/systemd-generator-environment-flatpak
+++ b/apparmor.d/groups/systemd/systemd-generator-environment-flatpak
@@ -9,10 +9,13 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-environment-generators/60-flatpak-system-only
 profile systemd-generator-environment-flatpak @{exec_path} {
   include <abstractions/base>
+  include <abstractions/nameservice-strict>
 
   @{exec_path} mr,
 
   @{bin}/flatpak rix,
 
+  /dev/tty rw,
+
   include if exists <local/systemd-generator-environment-flatpak>
 }
\ No newline at end of file
diff --git a/apparmor.d/groups/systemd/systemd-generator-ostree b/apparmor.d/groups/systemd/systemd-generator-ostree
index 8cf48056..f4eb2337 100644
--- a/apparmor.d/groups/systemd/systemd-generator-ostree
+++ b/apparmor.d/groups/systemd/systemd-generator-ostree
@@ -12,5 +12,7 @@ profile systemd-generator-ostree @{exec_path} flags=(attach_disconnected) {
 
   @{exec_path} mr,
 
+  @{PROC}/cmdline r,
+
   include if exists <local/systemd-generator-ostree>
 }
\ No newline at end of file
diff --git a/apparmor.d/groups/systemd/systemd-udevd b/apparmor.d/groups/systemd/systemd-udevd
index 0ac7717c..90029673 100644
--- a/apparmor.d/groups/systemd/systemd-udevd
+++ b/apparmor.d/groups/systemd/systemd-udevd
@@ -46,13 +46,16 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected,complain) {
   @{bin}/dmsetup          rPUx,
   @{bin}/ethtool           rix,
   @{bin}/kmod              rPx,
+  @{bin}/less              rPx -> child-pager,
   @{bin}/ln                rix,
   @{bin}/logger            rix,
   @{bin}/lvm               rPx,
   @{bin}/mknod             rPx,
+  @{bin}/more              rPx -> child-pager,
   @{bin}/multipath         rPx,
   @{bin}/nfsrahead         rix,
   @{bin}/nohup             rix,
+  @{bin}/pager             rPx -> child-pager,
   @{bin}/perl              rix,
   @{bin}/readlink          rix,
   @{bin}/sed               rix,
diff --git a/apparmor.d/profiles-a-f/file-roller b/apparmor.d/profiles-a-f/file-roller
index 5269c450..f00e86a5 100644
--- a/apparmor.d/profiles-a-f/file-roller
+++ b/apparmor.d/profiles-a-f/file-roller
@@ -40,6 +40,9 @@ profile file-roller @{exec_path} {
   @{bin}/zstd          rix,
   @{lib}/p7zip/7z      rix,
 
+  @{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop  rPx -> child-open,
+  @{lib}/gio-launch-desktop                           rPx -> child-open,
+
   /usr/share/themes/{,**} r,
   /usr/share/X11/xkb/{,**} r,
 
diff --git a/apparmor.d/profiles-a-f/flatpak-app b/apparmor.d/profiles-a-f/flatpak-app
index 14a32bd3..8bc18f82 100644
--- a/apparmor.d/profiles-a-f/flatpak-app
+++ b/apparmor.d/profiles-a-f/flatpak-app
@@ -19,9 +19,9 @@ profile flatpak-app flags=(attach_disconnected,mediate_deleted) {
   network inet6 stream,
   network netlink raw,
 
-  ptrace peer=flatpak-bwrap//&flatpak-app,
+  ptrace peer=flatpak-app//&flatpak-bwrap,
 
-  signal peer=flatpak-bwrap//&flatpak-app,
+  signal peer=flatpak-app//&flatpak-bwrap,
 
   @{bin}/**                       rmix,
   @{lib}/**                       rmix,
diff --git a/apparmor.d/profiles-a-f/flatpak-bwrap b/apparmor.d/profiles-a-f/flatpak-bwrap
index de6e31c9..f142f2f5 100644
--- a/apparmor.d/profiles-a-f/flatpak-bwrap
+++ b/apparmor.d/profiles-a-f/flatpak-bwrap
@@ -31,9 +31,9 @@ profile flatpak-bwrap flags=(attach_disconnected,mediate_deleted) {
   pivot_root oldroot=/newroot/ -> /newroot/,
   pivot_root oldroot=/tmp/oldroot/ -> /tmp/,
 
-  ptrace peer=flatpak-bwrap//&flatpak-app,
+  ptrace peer=flatpak-app//&flatpak-bwrap,
 
-  signal peer=flatpak-bwrap//&flatpak-app,
+  signal peer=flatpak-app//&flatpak-bwrap,
 
   @{bin}/**                         rmix,
   @{lib}/**                         rmix,