diff --git a/apparmor.d/groups/desktop/dbus-daemon b/apparmor.d/groups/desktop/dbus-daemon
index 3c6d5373..752a4724 100644
--- a/apparmor.d/groups/desktop/dbus-daemon
+++ b/apparmor.d/groups/desktop/dbus-daemon
@@ -37,7 +37,7 @@ profile dbus-daemon @{exec_path} flags=(attach_disconnected) {
   /usr/share/defaults/**.conf r,
 
   owner @{user_share_dirs}/dbus-1/{,**} r,
-  owner @{user_share_dirs}/icc/{,edid-*} r,
+        @{user_share_dirs}/icc/{,edid-*} r,
 
   owner @{PROC}/@{pid}/mounts r,
   owner @{PROC}/@{pid}/oom_score_adj rw,
@@ -65,7 +65,7 @@ profile dbus-daemon @{exec_path} flags=(attach_disconnected) {
   /tmp/dbus-[0-9a-zA-Z]* rw,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  /dev/tty[0-9]* rw,
 
   include if exists <local/dbus-daemon>
 }
diff --git a/apparmor.d/groups/desktop/dbus-run-session b/apparmor.d/groups/desktop/dbus-run-session
index 1acbf607..107b2ecf 100644
--- a/apparmor.d/groups/desktop/dbus-run-session
+++ b/apparmor.d/groups/desktop/dbus-run-session
@@ -30,8 +30,8 @@ profile dbus-run-session @{exec_path} {
   /var/lib/gdm/.config/dconf/user r,
 
   # file_inherit
-  owner /dev/tty rw,
-  owner /dev/tty[0-9]* rw,
+  /dev/tty rw,
+  /dev/tty[0-9]* rw,
 
   include if exists <local/dbus-run-session>
 }
diff --git a/apparmor.d/groups/gnome/gnome-shell b/apparmor.d/groups/gnome/gnome-shell
index f20fa70a..4d1f53cf 100644
--- a/apparmor.d/groups/gnome/gnome-shell
+++ b/apparmor.d/groups/gnome/gnome-shell
@@ -141,5 +141,8 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
   owner /tmp/gdkpixbuf-xpm-tmp.[0-9A-Z]* rw,
         /tmp/.X11-unix/X[0-9] rw,
 
+  # file_inherit
+  /dev/tty[0-9]* rw,
+
   include if exists <local/gnome-shell>
 }
diff --git a/apparmor.d/profiles-a-l/git b/apparmor.d/profiles-a-l/git
index b67ca527..21352a13 100644
--- a/apparmor.d/profiles-a-l/git
+++ b/apparmor.d/profiles-a-l/git
@@ -18,9 +18,9 @@ include <tunables/global>
 profile git @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
+  include <abstractions/nameservice-strict>
   include <abstractions/openssl>
   include <abstractions/ssl_certs>
-  include <abstractions/nameservice-strict>
 
   network inet dgram,
   network inet6 dgram,
@@ -35,7 +35,7 @@ profile git @{exec_path} {
   # /usr/bin/ , so allow only this location.
   /{usr/,}bin/ r,
   deny /{usr/,}sbin/ r,
-  deny /usr/local/bin/ r,
+  deny /usr/local/{s,}bin/ r,
   deny /usr/games/ r,
   deny /usr/local/games/ r,
 
@@ -152,8 +152,13 @@ profile git @{exec_path} {
 
     owner @{HOME}/.selected_editor r,
 
+    /usr/share/terminfo/x/xterm-256color r,
+
     /usr/share/vim/{,**} r,
+    /etc/vimrc r,
     /etc/vim/{,**} r,
+    owner @{user_cache_dirs}/vim/{,**} rw,
+    owner @{user_config_dirs}/vim/{,**} r,
     owner @{HOME}/.viminfo{,.tmp} rw,
 
     owner @{HOME}/.fzf/plugin/ r,