diff --git a/apparmor.d/groups/apt/apt b/apparmor.d/groups/apt/apt
index caa340a6..80908a54 100644
--- a/apparmor.d/groups/apt/apt
+++ b/apparmor.d/groups/apt/apt
@@ -239,8 +239,9 @@ profile apt @{exec_path} flags=(attach_disconnected) {
 
     /{usr/,}bin/systemd-tty-ask-password-agent rix,
 
-    owner @{run}/systemd/ask-password/ rw,
     owner @{run}/systemd/ask-password-block/* rw,
+    owner @{run}/systemd/ask-password/ rw,
+    owner @{run}/systemd/private rw,
 
           @{PROC}/1/environ r,
           @{PROC}/1/sched r,
diff --git a/apparmor.d/groups/apt/apt-systemd-daily b/apparmor.d/groups/apt/apt-systemd-daily
index a60e4603..bbe124b4 100644
--- a/apparmor.d/groups/apt/apt-systemd-daily
+++ b/apparmor.d/groups/apt/apt-systemd-daily
@@ -46,6 +46,8 @@ profile apt-systemd-daily @{exec_path} {
 
   /etc/default/locale    r,
 
+  / r,
+
   # The /daily_lock file is only used when the /var/lib/apt/daily_lock can be accessed.
   #/daily_lock w,
   /var/lib/apt/daily_lock wk,
diff --git a/apparmor.d/groups/apt/dpkg-deb b/apparmor.d/groups/apt/dpkg-deb
index 27704dc9..4345c2d1 100644
--- a/apparmor.d/groups/apt/dpkg-deb
+++ b/apparmor.d/groups/apt/dpkg-deb
@@ -1,5 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2019-2021 Mikhail Morfikov
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
@@ -12,10 +13,8 @@ profile dpkg-deb @{exec_path} {
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
 
-  #capability sys_tty_config,
-
-  # For "mk-build-deps -i"
   capability dac_override,
+  capability dac_read_search,
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/apt/dpkg-genbuildinfo b/apparmor.d/groups/apt/dpkg-genbuildinfo
index f2f08eda..09027e8d 100644
--- a/apparmor.d/groups/apt/dpkg-genbuildinfo
+++ b/apparmor.d/groups/apt/dpkg-genbuildinfo
@@ -10,6 +10,7 @@ include <tunables/global>
 @{exec_path} = /{usr/,}bin/dpkg-genbuildinfo
 profile dpkg-genbuildinfo @{exec_path} flags=(complain) {
   include <abstractions/base>
+  include <abstractions/consoles>
   include <abstractions/perl>
 
   # For "mk-build-deps -i"
diff --git a/apparmor.d/groups/apt/dpkg-genchanges b/apparmor.d/groups/apt/dpkg-genchanges
index a4905691..bd9495ff 100644
--- a/apparmor.d/groups/apt/dpkg-genchanges
+++ b/apparmor.d/groups/apt/dpkg-genchanges
@@ -1,5 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2020-2021 Mikhail Morfikov
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
@@ -9,6 +10,7 @@ include <tunables/global>
 @{exec_path} = /{usr/,}bin/dpkg-genchanges
 profile dpkg-genchanges @{exec_path} flags=(complain) {
   include <abstractions/base>
+  include <abstractions/consoles>
   include <abstractions/perl>
 
   @{exec_path} r,
diff --git a/apparmor.d/groups/apt/dpkg-split b/apparmor.d/groups/apt/dpkg-split
index 6fa38e7a..9efa43c5 100644
--- a/apparmor.d/groups/apt/dpkg-split
+++ b/apparmor.d/groups/apt/dpkg-split
@@ -1,5 +1,6 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2019-2021 Mikhail Morfikov
+# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
@@ -11,6 +12,8 @@ profile dpkg-split @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
 
+  capability dac_read_search,
+
   @{exec_path} mr,
 
   # Do not strip env to avoid errors like the following: