diff --git a/apparmor.d/groups/freedesktop/polkit-kde-authentication-agent b/apparmor.d/groups/freedesktop/polkit-kde-authentication-agent
index 82bc555d..164d40ab 100644
--- a/apparmor.d/groups/freedesktop/polkit-kde-authentication-agent
+++ b/apparmor.d/groups/freedesktop/polkit-kde-authentication-agent
@@ -9,7 +9,7 @@ include <tunables/global>
 
 @{exec_path}  = @{lib}/@{multiarch}/{,libexec/}polkit-kde-authentication-agent-[0-9]
 @{exec_path} += @{lib}/polkit-kde-authentication-agent-[0-9]
-profile polkit-kde-authentication-agent @{exec_path} flags=(attach_disconnected) {
+profile polkit-kde-authentication-agent @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/fontconfig-cache-read>
@@ -34,9 +34,14 @@ profile polkit-kde-authentication-agent @{exec_path} flags=(attach_disconnected)
   /var/lib/dbus/machine-id r,
 
   owner @{user_config_dirs}/breezerc r,
+  owner @{user_config_dirs}/kdedefaults/plasmarc r,
 
   owner @{user_cache_dirs}/icon-cache.kcache rw,
-
+  owner @{user_cache_dirs}/polkit-kde-authentication-agent-@{int}/ rw,
+  owner @{user_cache_dirs}/polkit-kde-authentication-agent-@{int}/** rwk,
+  owner link @{user_cache_dirs}/polkit-kde-authentication-agent-@{int}/** -> @{user_cache_dirs}/polkit-kde-authentication-agent-@{int}/**,
+  owner @{user_cache_dirs}/qtshadercache-*/* r,
+  
   owner @{tmp}/#@{int} rw,
   owner @{tmp}/polkit-kde-authentication-agent-[0-9].* rwl -> /tmp/#@{int},
   # owner /tmp/xauth_@{rand6} r,
diff --git a/apparmor.d/groups/systemd/systemd-oomd b/apparmor.d/groups/systemd/systemd-oomd
index 2ad2a82d..64b03e02 100644
--- a/apparmor.d/groups/systemd/systemd-oomd
+++ b/apparmor.d/groups/systemd/systemd-oomd
@@ -32,6 +32,8 @@ profile systemd-oomd @{exec_path} flags=(attach_disconnected) {
   @{sys}/fs/cgroup/cgroup.controllers r,
   @{sys}/fs/cgroup/memory.pressure r,
   @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/memory.* r,
+  @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/app.slice/memory.* r,
+  @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/session.slice/memory.* r,
 
   @{PROC}/pressure/cpu r,
   @{PROC}/pressure/io r,
diff --git a/apparmor.d/profiles-a-f/atool b/apparmor.d/profiles-a-f/atool
new file mode 100644
index 00000000..3a117708
--- /dev/null
+++ b/apparmor.d/profiles-a-f/atool
@@ -0,0 +1,50 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/atool
+profile atool @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/perl>
+  include <abstractions/user-write-strict>
+
+  @{exec_path} mr,
+
+  @{bin}/7z rix,
+  @{bin}/arc rix,
+  @{bin}/arj rix,
+  @{bin}/bzip2 rix,
+  @{bin}/bzip2 rix,
+  @{bin}/bzip rix,
+  @{bin}/compress rix,
+  @{bin}/cpio rix,
+  @{bin}/gunzip rix,
+  @{bin}/gzip rix,
+  @{bin}/gzip rix,
+  @{bin}/jar rix,
+  @{bin}/lha rix,
+  @{bin}/lrunzip rix,
+  @{bin}/lrzcat rix,
+  @{bin}/lrzip rix,
+  @{bin}/lrz rix,
+  @{bin}/lrztar rix,
+  @{bin}/lrzuntar rix,
+  @{bin}/lzip rix,
+  @{bin}/lzma rix,
+  @{bin}/lzop rix,
+  @{bin}/lzop rix,
+  @{bin}/rar rix,
+  @{bin}/tar rix,
+  @{bin}/unace rix,
+  @{bin}/unrar rix,
+  @{bin}/unxz rix,
+  @{bin}/unzip rix,
+  @{bin}/xz rix,
+  @{bin}/zip rix,
+
+  include if exists <local/atool>
+}
diff --git a/apparmor.d/profiles-a-f/exiftool b/apparmor.d/profiles-a-f/exiftool
new file mode 100644
index 00000000..c21f991c
--- /dev/null
+++ b/apparmor.d/profiles-a-f/exiftool
@@ -0,0 +1,18 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/vendor_perl/exiftool
+profile exiftool @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/perl>
+  include <abstractions/user-read-strict>
+
+  @{exec_path} mr,
+
+  include if exists <local/exiftool>
+}
diff --git a/apparmor.d/profiles-g-l/highlight b/apparmor.d/profiles-g-l/highlight
new file mode 100644
index 00000000..4a5ef140
--- /dev/null
+++ b/apparmor.d/profiles-g-l/highlight
@@ -0,0 +1,22 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/highlight
+profile highlight @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/nameservice-strict>
+  include <abstractions/user-read-strict>
+
+  @{exec_path} mr,
+
+  /etc/machine-id r,
+  /etc/highlight/{,**} r,
+  /usr/share/highlight/{,**} r,
+
+  include if exists <local/highlight>
+}
diff --git a/apparmor.d/groups/apps/imv-wayland b/apparmor.d/profiles-g-l/imv-wayland
similarity index 90%
rename from apparmor.d/groups/apps/imv-wayland
rename to apparmor.d/profiles-g-l/imv-wayland
index 2479e8bf..6bac7898 100644
--- a/apparmor.d/groups/apps/imv-wayland
+++ b/apparmor.d/profiles-g-l/imv-wayland
@@ -1,5 +1,5 @@
 # apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
diff --git a/apparmor.d/profiles-m-r/mediainfo b/apparmor.d/profiles-m-r/mediainfo
index 788b1245..bd1d1e41 100644
--- a/apparmor.d/profiles-m-r/mediainfo
+++ b/apparmor.d/profiles-m-r/mediainfo
@@ -10,12 +10,9 @@ include <tunables/global>
 @{exec_path} = @{bin}/mediainfo
 profile mediainfo @{exec_path} {
   include <abstractions/base>
-  include <abstractions/user-download-strict>
+  include <abstractions/user-read-strict>
 
   @{exec_path} mr,
 
-  owner @{user_music_dirs}/** r,
-  owner @{user_videos_dirs}/** r,
-
   include if exists <local/mediainfo>
 }
diff --git a/apparmor.d/profiles-m-r/mediainfo-gui b/apparmor.d/profiles-m-r/mediainfo-gui
index 72dc273a..4315a815 100644
--- a/apparmor.d/profiles-m-r/mediainfo-gui
+++ b/apparmor.d/profiles-m-r/mediainfo-gui
@@ -15,14 +15,12 @@ profile mediainfo-gui @{exec_path} {
   include <abstractions/fonts>
   include <abstractions/freedesktop.org>
   include <abstractions/gtk>
-  include <abstractions/user-download-strict>
+  include <abstractions/user-read-strict>
 
   @{exec_path} mr,
 
   @{bin}/xdg-open    rCx -> open,
 
-  owner @{user_music_dirs}/** r,
-  owner @{user_videos_dirs}/** r,
 
   profile open {
     include <abstractions/base>
diff --git a/apparmor.d/groups/apps/zathura b/apparmor.d/profiles-s-z/zathura
similarity index 91%
rename from apparmor.d/groups/apps/zathura
rename to apparmor.d/profiles-s-z/zathura
index 0c86abde..98f218e1 100644
--- a/apparmor.d/groups/apps/zathura
+++ b/apparmor.d/profiles-s-z/zathura
@@ -1,5 +1,5 @@
 # apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
 # SPDX-License-Identifier: GPL-2.0-only
 
 abi <abi/3.0>,
diff --git a/dists/flags/main.flags b/dists/flags/main.flags
index 436c1c28..733f75ee 100644
--- a/dists/flags/main.flags
+++ b/dists/flags/main.flags
@@ -269,7 +269,7 @@ plasmashell attach_disconnected,mediate_deleted,complain
 plymouth complain
 plymouth-set-default-theme attach_disconnected,complain
 plymouthd complain
-polkit-kde-authentication-agent attach_disconnected,complain
+polkit-kde-authentication-agent attach_disconnected,complain,mediate_deleted
 qdbus complain
 realmd complain
 remmina complain