diff --git a/apparmor.d/abstractions/chromium b/apparmor.d/abstractions/app/chromium
similarity index 98%
rename from apparmor.d/abstractions/chromium
rename to apparmor.d/abstractions/app/chromium
index 41efdd35..523a4d61 100644
--- a/apparmor.d/abstractions/chromium
+++ b/apparmor.d/abstractions/app/chromium
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: GPL-2.0-only
 
 # For chromium based browser. If your application requires chromium to run
-# (like electron) use abstractions/chromium-common instead.
+# (like electron) use abstractions/common/chromium instead.
 
 # This abstraction requires the following variables definied in the profile header:
 # @{name} = chromium
@@ -209,4 +209,4 @@
   deny @{lib_dirs}/** w,
   deny @{user_share_dirs}/gvfs-metadata/* r,
 
-  include if exists <abstractions/chromium.d>
+  include if exists <abstractions/app/chromium.d>
diff --git a/apparmor.d/abstractions/sudo b/apparmor.d/abstractions/app/sudo
similarity index 97%
rename from apparmor.d/abstractions/sudo
rename to apparmor.d/abstractions/app/sudo
index 5c0dc981..a6785915 100644
--- a/apparmor.d/abstractions/sudo
+++ b/apparmor.d/abstractions/app/sudo
@@ -64,4 +64,4 @@
 
   deny @{user_share_dirs}/gvfs-metadata/* r,
 
-  include if exists <abstractions/sudo.d>
+  include if exists <abstractions/app/sudo.d>
diff --git a/apparmor.d/abstractions/systemctl b/apparmor.d/abstractions/app/systemctl
similarity index 89%
rename from apparmor.d/abstractions/systemctl
rename to apparmor.d/abstractions/app/systemctl
index 4f83aba3..8440fae5 100644
--- a/apparmor.d/abstractions/systemctl
+++ b/apparmor.d/abstractions/app/systemctl
@@ -2,6 +2,7 @@
 # Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 
+  include <abstractions/bus-system>
   include <abstractions/consoles>
 
   ptrace (read) peer=@{systemd},
@@ -24,4 +25,4 @@
     owner @{PROC}/@{pid}/fd/ r,
     owner @{PROC}/@{pid}/stat r,
 
-  include if exists <abstractions/systemctl.d>
+  include if exists <abstractions/app/systemctl.d>
diff --git a/apparmor.d/abstractions/bwrap-app b/apparmor.d/abstractions/common/app
similarity index 92%
rename from apparmor.d/abstractions/bwrap-app
rename to apparmor.d/abstractions/common/app
index 7f28ce37..c57ff459 100644
--- a/apparmor.d/abstractions/bwrap-app
+++ b/apparmor.d/abstractions/common/app
@@ -13,9 +13,6 @@
   include <abstractions/bus-session>
   include <abstractions/bus-system>
   include <abstractions/bus/org.a11y>
-  include <abstractions/bus/org.freedesktop.Avahi>
-  include <abstractions/bus/org.freedesktop.NetworkManager>
-  include <abstractions/bus/org.freedesktop.portal.Desktop>
   include <abstractions/consoles>
   include <abstractions/deny-sensitive-home>
   include <abstractions/desktop>
@@ -55,8 +52,7 @@
   owner @{run}/user/@{uid}/{,**} rw,
   owner @{user_config_dirs}/** rwkl,
   owner @{user_share_dirs}/** rwkl,
-
-  @{user_games_dirs}/{,**} rm,
+  owner @{user_games_dirs}/{,**} rm,
 
   owner /tmp/** rmwk,
   owner /dev/shm/** rwlk -> /dev/shm/**,
@@ -114,4 +110,4 @@
   /dev/pts/ptmx rw,
   /dev/tty rw,
 
-  include if exists <abstractions/bwrap-app.d>
\ No newline at end of file
+  include if exists <abstractions/common/app.d>
\ No newline at end of file
diff --git a/apparmor.d/abstractions/apt-common b/apparmor.d/abstractions/common/apt
similarity index 94%
rename from apparmor.d/abstractions/apt-common
rename to apparmor.d/abstractions/common/apt
index dcfd601b..b45b0be8 100644
--- a/apparmor.d/abstractions/apt-common
+++ b/apparmor.d/abstractions/common/apt
@@ -25,7 +25,7 @@
   /var/lib/dpkg/status r,
   /var/lib/ubuntu-advantage/apt-esm/{,**} r,
 
-  owner /tmp/clearsigned.message.* rw,
   owner /tmp/#@{int} rw,
+  owner /tmp/clearsigned.message.* rw,
 
-  include if exists <abstractions/apt-common.d>
\ No newline at end of file
+  include if exists <abstractions/common/apt.d>
\ No newline at end of file
diff --git a/apparmor.d/abstractions/bwrap b/apparmor.d/abstractions/common/bwrap
similarity index 97%
rename from apparmor.d/abstractions/bwrap
rename to apparmor.d/abstractions/common/bwrap
index 95565cb4..c6bc167c 100644
--- a/apparmor.d/abstractions/bwrap
+++ b/apparmor.d/abstractions/common/bwrap
@@ -51,4 +51,4 @@
   owner @{PROC}/@{pid}/setgroups rw,
   owner @{PROC}/@{pid}/uid_map rw,
 
-  include if exists <abstractions/bwrap.d>
+  include if exists <abstractions/common/bwrap.d>
diff --git a/apparmor.d/abstractions/common/chromium b/apparmor.d/abstractions/common/chromium
new file mode 100644
index 00000000..7a5a2758
--- /dev/null
+++ b/apparmor.d/abstractions/common/chromium
@@ -0,0 +1,40 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2022 Mikhail Morfikov
+# Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
+# SPDX-License-Identifier: GPL-2.0-only
+
+# This abstraction is for chromium based application. Chromium based browsers
+# need to use abstractions/chromium instead.
+
+  # userns,
+
+  # Only needed when kernel.unprivileged_userns_clone is set to "1"
+  capability sys_admin,
+  capability sys_chroot,
+  capability setuid,
+  capability setgid,
+  owner @{PROC}/@{pid}/setgroups w,
+  owner @{PROC}/@{pid}/gid_map w,
+  owner @{PROC}/@{pid}/uid_map w,
+
+  owner @{HOME}/.pki/ rw,
+  owner @{HOME}/.pki/nssdb/ rw,
+  owner @{HOME}/.pki/nssdb/pkcs11.txt rw,
+  owner @{HOME}/.pki/nssdb/{cert9,key4}.db rwk,
+  owner @{HOME}/.pki/nssdb/{cert9,key4}.db-journal rw,
+
+  owner @{user_share_dirs}/.org.chromium.Chromium.* rw,
+
+        /tmp/ r,
+        /var/tmp/ r,
+  owner /tmp/.org.chromium.Chromium.* rw,
+  owner /tmp/.org.chromium.Chromium.*/{,**} rw,
+  owner /tmp/scoped_dir*/ rw,
+  owner /tmp/scoped_dir*/SingletonCookie w,
+  owner /tmp/scoped_dir*/SingletonSocket w,
+  owner /tmp/scoped_dir*/SS w,
+
+        /dev/shm/ r,
+  owner /dev/shm/.org.chromium.Chromium.* rw,
+
+  include if exists <abstractions/common/chromium.d>
\ No newline at end of file
diff --git a/apparmor.d/abstractions/systemd-common b/apparmor.d/abstractions/common/systemd
similarity index 92%
rename from apparmor.d/abstractions/systemd-common
rename to apparmor.d/abstractions/common/systemd
index 1de28a91..a1763342 100644
--- a/apparmor.d/abstractions/systemd-common
+++ b/apparmor.d/abstractions/common/systemd
@@ -18,4 +18,4 @@
 
   /dev/kmsg w,
 
-  include if exists <abstractions/systemd-common.d>
\ No newline at end of file
+  include if exists <abstractions/common/systemd.d>
\ No newline at end of file
diff --git a/apparmor.d/groups/_full/bwrap b/apparmor.d/groups/_full/bwrap
index bf74e172..cf3ea112 100644
--- a/apparmor.d/groups/_full/bwrap
+++ b/apparmor.d/groups/_full/bwrap
@@ -11,8 +11,8 @@ include <tunables/global>
 @{exec_path} = @{bin}/bwrap
 profile bwrap @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   include <abstractions/base>
-  include <abstractions/bwrap>
-  include <abstractions/bwrap-app>
+  include <abstractions/common/bwrap>
+  include <abstractions/common/app>
   include <abstractions/dbus>
   include <abstractions/fontconfig-cache-write>
 
diff --git a/apparmor.d/groups/_full/bwrap-app b/apparmor.d/groups/_full/bwrap-app
index 040cea78..8c82476b 100644
--- a/apparmor.d/groups/_full/bwrap-app
+++ b/apparmor.d/groups/_full/bwrap-app
@@ -10,7 +10,7 @@ include <tunables/global>
 
 profile bwrap-app flags=(attach_disconnected,mediate_deleted) {
   include <abstractions/base>
-  include <abstractions/bwrap-app>
+  include <abstractions/common/app>
   include <abstractions/fontconfig-cache-write>
 
   network inet dgram,
diff --git a/apparmor.d/groups/_full/default-sudo b/apparmor.d/groups/_full/default-sudo
index 629eb306..b2e72846 100644
--- a/apparmor.d/groups/_full/default-sudo
+++ b/apparmor.d/groups/_full/default-sudo
@@ -8,7 +8,7 @@ include <tunables/global>
 
 profile default-sudo @{exec_path} {
   include <abstractions/base>
-  include <abstractions/sudo>
+  include <abstractions/app/sudo>
 
   capability chown,
   capability dac_override,
diff --git a/apparmor.d/groups/apps/calibre b/apparmor.d/groups/apps/calibre
index 0a413626..5283fbf1 100644
--- a/apparmor.d/groups/apps/calibre
+++ b/apparmor.d/groups/apps/calibre
@@ -19,7 +19,7 @@ profile calibre @{exec_path} {
   include <abstractions/bus-session>
   include <abstractions/bus/org.a11y>
   include <abstractions/bus/org.gtk.vfs.MountTracker>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
   include <abstractions/devices-usb>
   include <abstractions/fontconfig-cache-read>
   include <abstractions/fonts>
diff --git a/apparmor.d/groups/apps/discord b/apparmor.d/groups/apps/discord
index 65b1d4d8..a18ed14a 100644
--- a/apparmor.d/groups/apps/discord
+++ b/apparmor.d/groups/apps/discord
@@ -27,7 +27,7 @@ profile discord @{exec_path} {
   include <abstractions/mesa>
   include <abstractions/user-download-strict>
   include <abstractions/thumbnails-cache-read>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
 
   signal (send) set=(kill, term) peer=@{profile_name}//lsb_release,
 
diff --git a/apparmor.d/groups/apps/freetube b/apparmor.d/groups/apps/freetube
index 0ec71b8c..285f2aa2 100644
--- a/apparmor.d/groups/apps/freetube
+++ b/apparmor.d/groups/apps/freetube
@@ -14,7 +14,7 @@ include <tunables/global>
 profile freetube @{exec_path} {
   include <abstractions/base>
   include <abstractions/audio-client>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
   include <abstractions/consoles>
   include <abstractions/dconf-write>
   include <abstractions/desktop>
diff --git a/apparmor.d/groups/apps/signal-desktop b/apparmor.d/groups/apps/signal-desktop
index 312853c9..13970001 100644
--- a/apparmor.d/groups/apps/signal-desktop
+++ b/apparmor.d/groups/apps/signal-desktop
@@ -15,7 +15,7 @@ include <tunables/global>
 profile signal-desktop @{exec_path} {
   include <abstractions/base>
   include <abstractions/audio-client>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
   include <abstractions/consoles>
   include <abstractions/fontconfig-cache-read>
   include <abstractions/fonts>
diff --git a/apparmor.d/groups/apt/apt b/apparmor.d/groups/apt/apt
index 0b4ca979..9f2cb62a 100644
--- a/apparmor.d/groups/apt/apt
+++ b/apparmor.d/groups/apt/apt
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/apt @{bin}/apt-get @{bin}/aptd
 profile apt @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/bus-system>
   include <abstractions/bus/org.freedesktop.login1>
   include <abstractions/bus/org.freedesktop.PackageKit>
@@ -220,7 +220,7 @@ profile apt @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
     capability sys_resource,
diff --git a/apparmor.d/groups/apt/apt-cache b/apparmor.d/groups/apt/apt-cache
index 2d8db6de..32583eb9 100644
--- a/apparmor.d/groups/apt/apt-cache
+++ b/apparmor.d/groups/apt/apt-cache
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/apt-cache
 profile apt-cache @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/apt/apt-cdrom b/apparmor.d/groups/apt/apt-cdrom
index 9e0ad350..1b308646 100644
--- a/apparmor.d/groups/apt/apt-cdrom
+++ b/apparmor.d/groups/apt/apt-cdrom
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/apt-cdrom
 profile apt-cdrom @{exec_path} flags=(complain) {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/nameservice-strict>
 
   capability dac_read_search,
diff --git a/apparmor.d/groups/apt/apt-config b/apparmor.d/groups/apt/apt-config
index cac70dc4..0053232f 100644
--- a/apparmor.d/groups/apt/apt-config
+++ b/apparmor.d/groups/apt/apt-config
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/apt-config
 profile apt-config @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/apt/apt-extracttemplates b/apparmor.d/groups/apt/apt-extracttemplates
index c6841cb1..c93f890d 100644
--- a/apparmor.d/groups/apt/apt-extracttemplates
+++ b/apparmor.d/groups/apt/apt-extracttemplates
@@ -11,7 +11,7 @@ include <tunables/global>
 profile apt-extracttemplates @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
 
   capability dac_read_search,
 
diff --git a/apparmor.d/groups/apt/apt-file b/apparmor.d/groups/apt/apt-file
index 2df3269b..0ffa14ad 100644
--- a/apparmor.d/groups/apt/apt-file
+++ b/apparmor.d/groups/apt/apt-file
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/apt-file
 profile apt-file @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/perl>
 
   @{exec_path} r,
diff --git a/apparmor.d/groups/apt/apt-forktracer b/apparmor.d/groups/apt/apt-forktracer
index cb8f15da..74a718f5 100644
--- a/apparmor.d/groups/apt/apt-forktracer
+++ b/apparmor.d/groups/apt/apt-forktracer
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/apt-forktracer
 profile apt-forktracer @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/python>
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/apt/apt-helper b/apparmor.d/groups/apt/apt-helper
index 5c57f6bf..170d79fa 100644
--- a/apparmor.d/groups/apt/apt-helper
+++ b/apparmor.d/groups/apt/apt-helper
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/apt/apt-helper
 profile apt-helper @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
 
   @{exec_path} mr,
 
@@ -21,7 +21,7 @@ profile apt-helper @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     capability net_admin,
 
diff --git a/apparmor.d/groups/apt/apt-mark b/apparmor.d/groups/apt/apt-mark
index d0dcc232..e82bf5c7 100644
--- a/apparmor.d/groups/apt/apt-mark
+++ b/apparmor.d/groups/apt/apt-mark
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/apt-mark
 profile apt-mark @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/apt/apt-show-versions b/apparmor.d/groups/apt/apt-show-versions
index d4624a40..7056aa41 100644
--- a/apparmor.d/groups/apt/apt-show-versions
+++ b/apparmor.d/groups/apt/apt-show-versions
@@ -12,7 +12,7 @@ profile apt-show-versions @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/perl>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
 
   @{exec_path} r,
   @{bin}/perl r,
diff --git a/apparmor.d/groups/apt/aptitude b/apparmor.d/groups/apt/aptitude
index c26045c6..09d3362f 100644
--- a/apparmor.d/groups/apt/aptitude
+++ b/apparmor.d/groups/apt/aptitude
@@ -12,7 +12,7 @@ profile aptitude @{exec_path} flags=(complain) {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
 
   # To remove the following errors:
   #  W: chmod 0700 of directory /var/lib/apt/lists/partial failed - SetupAPTPartialDirectory
diff --git a/apparmor.d/groups/apt/command-not-found b/apparmor.d/groups/apt/command-not-found
index ac49546d..56d44299 100644
--- a/apparmor.d/groups/apt/command-not-found
+++ b/apparmor.d/groups/apt/command-not-found
@@ -12,7 +12,7 @@ include <tunables/global>
 @{exec_path} += @{lib}/command-not-found
 profile command-not-found @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
   include <abstractions/python>
diff --git a/apparmor.d/groups/apt/debtags b/apparmor.d/groups/apt/debtags
index 1ff32c93..877b367d 100644
--- a/apparmor.d/groups/apt/debtags
+++ b/apparmor.d/groups/apt/debtags
@@ -11,7 +11,7 @@ include <tunables/global>
 profile debtags @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/python>
 
   #capability sys_tty_config,
diff --git a/apparmor.d/groups/apt/dpkg b/apparmor.d/groups/apt/dpkg
index 5cf330c6..0f60c730 100644
--- a/apparmor.d/groups/apt/dpkg
+++ b/apparmor.d/groups/apt/dpkg
@@ -78,7 +78,7 @@ profile dpkg @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     include if exists <local/dpkg_systemctl>
   }
diff --git a/apparmor.d/groups/apt/dpkg-preconfigure b/apparmor.d/groups/apt/dpkg-preconfigure
index 2a2bcf91..6627aa16 100644
--- a/apparmor.d/groups/apt/dpkg-preconfigure
+++ b/apparmor.d/groups/apt/dpkg-preconfigure
@@ -23,7 +23,9 @@ profile dpkg-preconfigure @{exec_path} {
   @{bin}/{,e}grep   rix,
   @{bin}/locale     rix,
   @{bin}/sed        rix,
+  @{bin}/sort       rix,
   @{bin}/stty       rix,
+  @{bin}/tr         rix,
 
   @{bin}/dpkg                 rPx -> child-dpkg,
   @{bin}/apt-extracttemplates rPx,
diff --git a/apparmor.d/groups/apt/querybts b/apparmor.d/groups/apt/querybts
index d4e4f7a8..db4fe274 100644
--- a/apparmor.d/groups/apt/querybts
+++ b/apparmor.d/groups/apt/querybts
@@ -17,7 +17,7 @@ profile querybts @{exec_path} {
   include <abstractions/nameservice-strict>
   include <abstractions/python>
   include <abstractions/ssl_certs>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
 
   network inet dgram,
   network inet6 dgram,
diff --git a/apparmor.d/groups/apt/reportbug b/apparmor.d/groups/apt/reportbug
index 5e814f26..eb91add8 100644
--- a/apparmor.d/groups/apt/reportbug
+++ b/apparmor.d/groups/apt/reportbug
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/reportbug
 profile reportbug @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
   include <abstractions/dconf-write>
   include <abstractions/desktop>
@@ -109,7 +109,7 @@ profile reportbug @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/reportbug_systemctl>
   }
diff --git a/apparmor.d/groups/apt/synaptic b/apparmor.d/groups/apt/synaptic
index 0ce7a757..fca72cb7 100644
--- a/apparmor.d/groups/apt/synaptic
+++ b/apparmor.d/groups/apt/synaptic
@@ -15,7 +15,7 @@ profile synaptic @{exec_path} {
   include <abstractions/fonts>
   include <abstractions/fontconfig-cache-read>
   include <abstractions/freedesktop.org>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/nameservice-strict>
 
   # To remove the following errors:
diff --git a/apparmor.d/groups/apt/unattended-upgrade b/apparmor.d/groups/apt/unattended-upgrade
index 9ce820ac..aa0b7bde 100644
--- a/apparmor.d/groups/apt/unattended-upgrade
+++ b/apparmor.d/groups/apt/unattended-upgrade
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/unattended-upgrade
 profile unattended-upgrade @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/bus-system>
   include <abstractions/bus/org.freedesktop.login1>
   include <abstractions/bus/org.freedesktop.NetworkManager>
diff --git a/apparmor.d/groups/apt/update-apt-xapian-index b/apparmor.d/groups/apt/update-apt-xapian-index
index 27594518..1177f2e3 100644
--- a/apparmor.d/groups/apt/update-apt-xapian-index
+++ b/apparmor.d/groups/apt/update-apt-xapian-index
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/update-apt-xapian-index
 profile update-apt-xapian-index @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/python>
 
   @{exec_path} r,
diff --git a/apparmor.d/groups/browsers/brave b/apparmor.d/groups/browsers/brave
index d393904a..af3ea866 100644
--- a/apparmor.d/groups/browsers/brave
+++ b/apparmor.d/groups/browsers/brave
@@ -16,7 +16,7 @@ include <tunables/global>
 @{exec_path} = @{lib_dirs}/@{name}
 profile brave @{exec_path} {
   include <abstractions/base>
-  include <abstractions/chromium>
+  include <abstractions/app/chromium>
 
   unix (send, receive) type=stream peer=(label=brave-crashpad-handler),
 
diff --git a/apparmor.d/groups/browsers/chrome b/apparmor.d/groups/browsers/chrome
index f13bf042..7dd5f300 100644
--- a/apparmor.d/groups/browsers/chrome
+++ b/apparmor.d/groups/browsers/chrome
@@ -16,7 +16,7 @@ include <tunables/global>
 @{exec_path} = @{lib_dirs}/@{name}
 profile chrome @{exec_path} {
   include <abstractions/base>
-  include <abstractions/chromium>
+  include <abstractions/app/chromium>
 
   @{exec_path} mrix,
 
diff --git a/apparmor.d/groups/browsers/chromium b/apparmor.d/groups/browsers/chromium
index 5597d93e..45a464e3 100644
--- a/apparmor.d/groups/browsers/chromium
+++ b/apparmor.d/groups/browsers/chromium
@@ -16,7 +16,7 @@ include <tunables/global>
 @{exec_path} = @{lib_dirs}/@{name}
 profile chromium @{exec_path} {
   include <abstractions/base>
-  include <abstractions/chromium>
+  include <abstractions/app/chromium>
 
   @{exec_path} mrix,
 
diff --git a/apparmor.d/groups/browsers/opera b/apparmor.d/groups/browsers/opera
index 8ffec2c2..aa5688f1 100644
--- a/apparmor.d/groups/browsers/opera
+++ b/apparmor.d/groups/browsers/opera
@@ -16,7 +16,7 @@ include <tunables/global>
 @{exec_path} = @{lib_dirs}/@{name}
 profile opera @{exec_path} {
   include <abstractions/base>
-  include <abstractions/chromium>
+  include <abstractions/app/chromium>
 
   @{exec_path} mrix,
 
diff --git a/apparmor.d/groups/children/child-systemctl b/apparmor.d/groups/children/child-systemctl
index 599efa9e..ca7bc90d 100644
--- a/apparmor.d/groups/children/child-systemctl
+++ b/apparmor.d/groups/children/child-systemctl
@@ -18,7 +18,7 @@ profile child-systemctl flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
   include <abstractions/wutmp>
 
   capability mknod,
diff --git a/apparmor.d/groups/gnome/gdm-xsession b/apparmor.d/groups/gnome/gdm-xsession
index 5bcedbcf..af4cbad9 100644
--- a/apparmor.d/groups/gnome/gdm-xsession
+++ b/apparmor.d/groups/gnome/gdm-xsession
@@ -84,7 +84,7 @@ profile gdm-xsession @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     owner /dev/tty@{int} rw,
 
diff --git a/apparmor.d/groups/gnome/gnome-desktop-thumbnailers b/apparmor.d/groups/gnome/gnome-desktop-thumbnailers
index 73b81b85..139641d5 100644
--- a/apparmor.d/groups/gnome/gnome-desktop-thumbnailers
+++ b/apparmor.d/groups/gnome/gnome-desktop-thumbnailers
@@ -8,7 +8,7 @@ include <tunables/global>
 
 profile gnome-desktop-thumbnailers flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/bwrap>
+  include <abstractions/common/bwrap>
   include <abstractions/gnome-strict>
   include <abstractions/gstreamer>
 
diff --git a/apparmor.d/groups/gnome/loupe b/apparmor.d/groups/gnome/loupe
index a2df1c19..5510b700 100644
--- a/apparmor.d/groups/gnome/loupe
+++ b/apparmor.d/groups/gnome/loupe
@@ -34,7 +34,7 @@ profile loupe @{exec_path} flags=(attach_disconnected) {
 
   profile bwrap flags=(attach_disconnected) {
     include <abstractions/base>
-    include <abstractions/bwrap>
+    include <abstractions/common/bwrap>
 
     signal (receive) set=(kill) peer=loupe,
 
diff --git a/apparmor.d/groups/grub/grub-sort-version b/apparmor.d/groups/grub/grub-sort-version
index d91ccffd..e9501652 100644
--- a/apparmor.d/groups/grub/grub-sort-version
+++ b/apparmor.d/groups/grub/grub-sort-version
@@ -10,7 +10,7 @@ include <tunables/global>
 profile grub-sort-version @{exec_path} {
   include <abstractions/base>
   include <abstractions/python>
-  include if exists <abstractions/apt-common>
+  include if exists <abstractions/common/apt>
 
   capability dac_read_search,
 
diff --git a/apparmor.d/groups/network/NetworkManager b/apparmor.d/groups/network/NetworkManager
index bf4cdf51..271805b7 100644
--- a/apparmor.d/groups/network/NetworkManager
+++ b/apparmor.d/groups/network/NetworkManager
@@ -154,7 +154,7 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     include if exists <local/NetworkManager_systemctl>
   }
diff --git a/apparmor.d/groups/network/mullvad-gui b/apparmor.d/groups/network/mullvad-gui
index 7789b88e..a4dbedec 100644
--- a/apparmor.d/groups/network/mullvad-gui
+++ b/apparmor.d/groups/network/mullvad-gui
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = /opt/Mullvad*/mullvad-gui
 profile mullvad-gui @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
   include <abstractions/dconf-write>
   include <abstractions/dri-common>
   include <abstractions/dri-enumerate>
diff --git a/apparmor.d/groups/network/netplan.script b/apparmor.d/groups/network/netplan.script
index 762749e8..b72b5c8a 100644
--- a/apparmor.d/groups/network/netplan.script
+++ b/apparmor.d/groups/network/netplan.script
@@ -34,7 +34,7 @@ profile netplan.script @{exec_path} flags=(attach_disconnected) {
 
   profile udevadm {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
 
     @{bin}/udevadm mr,
 
@@ -49,7 +49,7 @@ profile netplan.script @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
 
diff --git a/apparmor.d/groups/network/nm-dispatcher b/apparmor.d/groups/network/nm-dispatcher
index 17776b97..e32ba1b6 100644
--- a/apparmor.d/groups/network/nm-dispatcher
+++ b/apparmor.d/groups/network/nm-dispatcher
@@ -70,7 +70,7 @@ profile nm-dispatcher @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
 
diff --git a/apparmor.d/groups/network/tailscaled b/apparmor.d/groups/network/tailscaled
index 68359291..ec0d44d8 100644
--- a/apparmor.d/groups/network/tailscaled
+++ b/apparmor.d/groups/network/tailscaled
@@ -88,7 +88,7 @@ profile tailscaled @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability mknod,
     capability net_admin,
diff --git a/apparmor.d/groups/pacman/pacman b/apparmor.d/groups/pacman/pacman
index d6d58c81..ac6bafdd 100644
--- a/apparmor.d/groups/pacman/pacman
+++ b/apparmor.d/groups/pacman/pacman
@@ -186,7 +186,7 @@ profile pacman @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
 
diff --git a/apparmor.d/groups/pacman/pacman-hook-systemd b/apparmor.d/groups/pacman/pacman-hook-systemd
index 6d33ddcd..3377ba85 100644
--- a/apparmor.d/groups/pacman/pacman-hook-systemd
+++ b/apparmor.d/groups/pacman/pacman-hook-systemd
@@ -40,7 +40,7 @@ profile pacman-hook-systemd @{exec_path} {
 
   profile systemctl flags=(attach_disconnected) {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/bootctl b/apparmor.d/groups/systemd/bootctl
index 80e7e2b3..1405e365 100644
--- a/apparmor.d/groups/systemd/bootctl
+++ b/apparmor.d/groups/systemd/bootctl
@@ -11,7 +11,7 @@ profile bootctl @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/disks-read>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability mknod,
   capability net_admin,
diff --git a/apparmor.d/groups/systemd/busctl b/apparmor.d/groups/systemd/busctl
index b80b23e2..2ee18a27 100644
--- a/apparmor.d/groups/systemd/busctl
+++ b/apparmor.d/groups/systemd/busctl
@@ -13,7 +13,7 @@ profile busctl @{exec_path} {
   include <abstractions/bus-system>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_ptrace,
diff --git a/apparmor.d/groups/systemd/journalctl b/apparmor.d/groups/systemd/journalctl
index e58edb01..490293a9 100644
--- a/apparmor.d/groups/systemd/journalctl
+++ b/apparmor.d/groups/systemd/journalctl
@@ -12,7 +12,7 @@ profile journalctl @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability dac_override,
   capability dac_read_search,
diff --git a/apparmor.d/groups/systemd/localectl b/apparmor.d/groups/systemd/localectl
index 2c21f75a..ca756e60 100644
--- a/apparmor.d/groups/systemd/localectl
+++ b/apparmor.d/groups/systemd/localectl
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/localectl
 profile localectl @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/loginctl b/apparmor.d/groups/systemd/loginctl
index 3196b186..fc527ec4 100644
--- a/apparmor.d/groups/systemd/loginctl
+++ b/apparmor.d/groups/systemd/loginctl
@@ -12,7 +12,7 @@ profile loginctl @{exec_path} {
   include <abstractions/bus-system>
   include <abstractions/bus/org.freedesktop.login1.Session>
   include <abstractions/bus/org.freedesktop.login1>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_resource,
diff --git a/apparmor.d/groups/systemd/systemd-analyze b/apparmor.d/groups/systemd/systemd-analyze
index 8c00ac11..91fd63c9 100644
--- a/apparmor.d/groups/systemd/systemd-analyze
+++ b/apparmor.d/groups/systemd/systemd-analyze
@@ -12,7 +12,7 @@ profile systemd-analyze @{exec_path} {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability sys_resource,
   capability net_admin,
diff --git a/apparmor.d/groups/systemd/systemd-backlight b/apparmor.d/groups/systemd/systemd-backlight
index ca08040f..4eed2dc9 100644
--- a/apparmor.d/groups/systemd/systemd-backlight
+++ b/apparmor.d/groups/systemd/systemd-backlight
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-backlight
 profile systemd-backlight @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-binfmt b/apparmor.d/groups/systemd/systemd-binfmt
index 14d617b8..8ea9e443 100644
--- a/apparmor.d/groups/systemd/systemd-binfmt
+++ b/apparmor.d/groups/systemd/systemd-binfmt
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-binfmt
 profile systemd-binfmt @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-cgtop b/apparmor.d/groups/systemd/systemd-cgtop
index 7dd8444d..cd61e530 100644
--- a/apparmor.d/groups/systemd/systemd-cgtop
+++ b/apparmor.d/groups/systemd/systemd-cgtop
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-cgtop @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-coredump b/apparmor.d/groups/systemd/systemd-coredump
index e62e9bfa..54c46a35 100644
--- a/apparmor.d/groups/systemd/systemd-coredump
+++ b/apparmor.d/groups/systemd/systemd-coredump
@@ -11,7 +11,7 @@ include <tunables/global>
 profile systemd-coredump @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   include <abstractions/base>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   # userns,
 
diff --git a/apparmor.d/groups/systemd/systemd-cryptsetup b/apparmor.d/groups/systemd/systemd-cryptsetup
index 6f749483..93f647a8 100644
--- a/apparmor.d/groups/systemd/systemd-cryptsetup
+++ b/apparmor.d/groups/systemd/systemd-cryptsetup
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/systemd-cryptsetup @{lib}/systemd/systemd-cryptsetup
 profile systemd-cryptsetup @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
   include <abstractions/disks-write>
 
   capability ipc_lock,
diff --git a/apparmor.d/groups/systemd/systemd-detect-virt b/apparmor.d/groups/systemd/systemd-detect-virt
index 1467a177..28980ee2 100644
--- a/apparmor.d/groups/systemd/systemd-detect-virt
+++ b/apparmor.d/groups/systemd/systemd-detect-virt
@@ -11,7 +11,7 @@ include <tunables/global>
 profile systemd-detect-virt @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-escape b/apparmor.d/groups/systemd/systemd-escape
index 03403372..dd0795e8 100644
--- a/apparmor.d/groups/systemd/systemd-escape
+++ b/apparmor.d/groups/systemd/systemd-escape
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/systemd-escape
 profile systemd-escape @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-fsck b/apparmor.d/groups/systemd/systemd-fsck
index 954a8de5..28b0f637 100644
--- a/apparmor.d/groups/systemd/systemd-fsck
+++ b/apparmor.d/groups/systemd/systemd-fsck
@@ -12,7 +12,7 @@ profile systemd-fsck @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/disks-read>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_resource,
diff --git a/apparmor.d/groups/systemd/systemd-fsckd b/apparmor.d/groups/systemd/systemd-fsckd
index e811e699..3b4395b5 100644
--- a/apparmor.d/groups/systemd/systemd-fsckd
+++ b/apparmor.d/groups/systemd/systemd-fsckd
@@ -11,7 +11,7 @@ include <tunables/global>
 profile systemd-fsckd @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_tty_config,
diff --git a/apparmor.d/groups/systemd/systemd-generator-bless-boot b/apparmor.d/groups/systemd/systemd-generator-bless-boot
index d296f3d0..cc2b3025 100644
--- a/apparmor.d/groups/systemd/systemd-generator-bless-boot
+++ b/apparmor.d/groups/systemd/systemd-generator-bless-boot
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-bless-boot-generator
 profile systemd-generator-bless-boot @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-cryptsetup b/apparmor.d/groups/systemd/systemd-generator-cryptsetup
index ec637a0d..88036edb 100644
--- a/apparmor.d/groups/systemd/systemd-generator-cryptsetup
+++ b/apparmor.d/groups/systemd/systemd-generator-cryptsetup
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-generator-cryptsetup @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-debug b/apparmor.d/groups/systemd/systemd-generator-debug
index ca9ef2f7..9ceb2bc0 100644
--- a/apparmor.d/groups/systemd/systemd-generator-debug
+++ b/apparmor.d/groups/systemd/systemd-generator-debug
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-debug-generator
 profile systemd-generator-debug @{exec_path} flags=(attach_disconnected)  {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-fstab b/apparmor.d/groups/systemd/systemd-generator-fstab
index b3cb63b1..3ccf25c3 100644
--- a/apparmor.d/groups/systemd/systemd-generator-fstab
+++ b/apparmor.d/groups/systemd/systemd-generator-fstab
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-fstab-generator
 profile systemd-generator-fstab @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability dac_override,
   capability dac_read_search,
diff --git a/apparmor.d/groups/systemd/systemd-generator-getty b/apparmor.d/groups/systemd/systemd-generator-getty
index d354c3de..2da3072f 100644
--- a/apparmor.d/groups/systemd/systemd-generator-getty
+++ b/apparmor.d/groups/systemd/systemd-generator-getty
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-generator-getty @{exec_path} flags=(attach_disconnected)  {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-gpt-auto b/apparmor.d/groups/systemd/systemd-generator-gpt-auto
index 051a8b6f..b1b9fbc9 100644
--- a/apparmor.d/groups/systemd/systemd-generator-gpt-auto
+++ b/apparmor.d/groups/systemd/systemd-generator-gpt-auto
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-generator-gpt-auto @{exec_path} flags=(attach_disconnected)  {
   include <abstractions/base>
   include <abstractions/disks-read>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability sys_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-hibernate-resume b/apparmor.d/groups/systemd/systemd-generator-hibernate-resume
index ebfebe2e..e1fc81c6 100644
--- a/apparmor.d/groups/systemd/systemd-generator-hibernate-resume
+++ b/apparmor.d/groups/systemd/systemd-generator-hibernate-resume
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-hibernate-resume-generator
 profile systemd-generator-hibernate-resume @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-integritysetup b/apparmor.d/groups/systemd/systemd-generator-integritysetup
index 2e123d71..95d6d63b 100644
--- a/apparmor.d/groups/systemd/systemd-generator-integritysetup
+++ b/apparmor.d/groups/systemd/systemd-generator-integritysetup
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-integritysetup-generator
 profile systemd-generator-integritysetup @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-run b/apparmor.d/groups/systemd/systemd-generator-run
index 31be95d7..928e6b35 100644
--- a/apparmor.d/groups/systemd/systemd-generator-run
+++ b/apparmor.d/groups/systemd/systemd-generator-run
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-run-generator
 profile systemd-generator-run @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   ptrace (read) peer=@{systemd},
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-system-update b/apparmor.d/groups/systemd/systemd-generator-system-update
index f1389820..4a01648e 100644
--- a/apparmor.d/groups/systemd/systemd-generator-system-update
+++ b/apparmor.d/groups/systemd/systemd-generator-system-update
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-system-update-generator
 profile systemd-generator-system-update @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-generator-user-autostart b/apparmor.d/groups/systemd/systemd-generator-user-autostart
index f73915e2..2d2cd811 100644
--- a/apparmor.d/groups/systemd/systemd-generator-user-autostart
+++ b/apparmor.d/groups/systemd/systemd-generator-user-autostart
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/user-generators/systemd-xdg-autostart-generator
 profile systemd-generator-user-autostart @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
   include <abstractions/nameservice-strict>
 
   capability net_admin,
diff --git a/apparmor.d/groups/systemd/systemd-generator-user-environment b/apparmor.d/groups/systemd/systemd-generator-user-environment
index 1a25124d..9fd28866 100644
--- a/apparmor.d/groups/systemd/systemd-generator-user-environment
+++ b/apparmor.d/groups/systemd/systemd-generator-user-environment
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/user-environment-generators/*
 profile systemd-generator-user-environment @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
   include <abstractions/nameservice-strict>
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/systemd/systemd-generator-veritysetup b/apparmor.d/groups/systemd/systemd-generator-veritysetup
index 2b7d5a0a..035cc01d 100644
--- a/apparmor.d/groups/systemd/systemd-generator-veritysetup
+++ b/apparmor.d/groups/systemd/systemd-generator-veritysetup
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/system-generators/systemd-veritysetup-generator
 profile systemd-generator-veritysetup @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   ptrace (read) peer=@{systemd},
 
diff --git a/apparmor.d/groups/systemd/systemd-homed b/apparmor.d/groups/systemd/systemd-homed
index 6af35549..50cb9a44 100644
--- a/apparmor.d/groups/systemd/systemd-homed
+++ b/apparmor.d/groups/systemd/systemd-homed
@@ -12,7 +12,7 @@ profile systemd-homed @{exec_path} flags=(attach_disconnected) {
   include <abstractions/bus-system>
   include <abstractions/disks-write>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability chown,
   capability dac_override,
diff --git a/apparmor.d/groups/systemd/systemd-homework b/apparmor.d/groups/systemd/systemd-homework
index e4a34f05..724a1622 100644
--- a/apparmor.d/groups/systemd/systemd-homework
+++ b/apparmor.d/groups/systemd/systemd-homework
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-homework @{exec_path} {
   include <abstractions/base>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/systemd/systemd-hostnamed b/apparmor.d/groups/systemd/systemd-hostnamed
index 1971822e..b4efcdc5 100644
--- a/apparmor.d/groups/systemd/systemd-hostnamed
+++ b/apparmor.d/groups/systemd/systemd-hostnamed
@@ -12,7 +12,7 @@ profile systemd-hostnamed @{exec_path}  flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/bus/org.freedesktop.PolicyKit1>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability sys_admin,  # To set a hostname
 
diff --git a/apparmor.d/groups/systemd/systemd-journald b/apparmor.d/groups/systemd/systemd-journald
index 1f1052b7..03bedb62 100644
--- a/apparmor.d/groups/systemd/systemd-journald
+++ b/apparmor.d/groups/systemd/systemd-journald
@@ -11,7 +11,7 @@ include <tunables/global>
 profile systemd-journald @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability audit_control,
   capability audit_read,
diff --git a/apparmor.d/groups/systemd/systemd-localed b/apparmor.d/groups/systemd/systemd-localed
index 4074b806..b994b658 100644
--- a/apparmor.d/groups/systemd/systemd-localed
+++ b/apparmor.d/groups/systemd/systemd-localed
@@ -12,7 +12,7 @@ profile systemd-localed @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   # Needed?
   audit capability net_admin,
diff --git a/apparmor.d/groups/systemd/systemd-logind b/apparmor.d/groups/systemd/systemd-logind
index 0f0f64b9..03788680 100644
--- a/apparmor.d/groups/systemd/systemd-logind
+++ b/apparmor.d/groups/systemd/systemd-logind
@@ -16,7 +16,7 @@ profile systemd-logind @{exec_path} flags=(attach_disconnected) {
   include <abstractions/devices-usb>
   include <abstractions/disks-write>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability chown,
   capability dac_override,
diff --git a/apparmor.d/groups/systemd/systemd-machined b/apparmor.d/groups/systemd/systemd-machined
index f95e48e4..c68295a6 100644
--- a/apparmor.d/groups/systemd/systemd-machined
+++ b/apparmor.d/groups/systemd/systemd-machined
@@ -11,7 +11,7 @@ profile systemd-machined @{exec_path} {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability chown,
   capability dac_override,
diff --git a/apparmor.d/groups/systemd/systemd-makefs b/apparmor.d/groups/systemd/systemd-makefs
index 343f3b0d..f50ae9c9 100644
--- a/apparmor.d/groups/systemd/systemd-makefs
+++ b/apparmor.d/groups/systemd/systemd-makefs
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-makefs @{exec_path} {
   include <abstractions/base>
   include <abstractions/disks-write>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_resource,
diff --git a/apparmor.d/groups/systemd/systemd-modules-load b/apparmor.d/groups/systemd/systemd-modules-load
index 1100e9c8..d44b6c3b 100644
--- a/apparmor.d/groups/systemd/systemd-modules-load
+++ b/apparmor.d/groups/systemd/systemd-modules-load
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-modules-load
 profile systemd-modules-load @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_module,
diff --git a/apparmor.d/groups/systemd/systemd-networkd b/apparmor.d/groups/systemd/systemd-networkd
index e3a7bad0..019e1ff2 100644
--- a/apparmor.d/groups/systemd/systemd-networkd
+++ b/apparmor.d/groups/systemd/systemd-networkd
@@ -12,7 +12,7 @@ profile systemd-networkd @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/bus/org.freedesktop.hostname1>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability net_bind_service,
diff --git a/apparmor.d/groups/systemd/systemd-networkd-wait-online b/apparmor.d/groups/systemd/systemd-networkd-wait-online
index 6df4b1c3..d396a97d 100644
--- a/apparmor.d/groups/systemd/systemd-networkd-wait-online
+++ b/apparmor.d/groups/systemd/systemd-networkd-wait-online
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-networkd-wait-online
 profile systemd-networkd-wait-online @{exec_path} flags=(complain) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-oomd b/apparmor.d/groups/systemd/systemd-oomd
index 6cdfdfb4..7cea1f32 100644
--- a/apparmor.d/groups/systemd/systemd-oomd
+++ b/apparmor.d/groups/systemd/systemd-oomd
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-oomd @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/bus-system>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability dac_override,
   capability kill,
diff --git a/apparmor.d/groups/systemd/systemd-portabled b/apparmor.d/groups/systemd/systemd-portabled
index d4e5d234..c03eb460 100644
--- a/apparmor.d/groups/systemd/systemd-portabled
+++ b/apparmor.d/groups/systemd/systemd-portabled
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-portabled
 profile systemd-portabled @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability chown,
   capability dac_override,
diff --git a/apparmor.d/groups/systemd/systemd-random-seed b/apparmor.d/groups/systemd/systemd-random-seed
index 71949838..18ed1952 100644
--- a/apparmor.d/groups/systemd/systemd-random-seed
+++ b/apparmor.d/groups/systemd/systemd-random-seed
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-random-seed
 profile systemd-random-seed @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-remount-fs b/apparmor.d/groups/systemd/systemd-remount-fs
index 3ced5a3c..0c87565a 100644
--- a/apparmor.d/groups/systemd/systemd-remount-fs
+++ b/apparmor.d/groups/systemd/systemd-remount-fs
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-remount-fs @{exec_path} {
   include <abstractions/base>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_admin,
diff --git a/apparmor.d/groups/systemd/systemd-resolved b/apparmor.d/groups/systemd/systemd-resolved
index 6a3bc076..9c37f8a1 100644
--- a/apparmor.d/groups/systemd/systemd-resolved
+++ b/apparmor.d/groups/systemd/systemd-resolved
@@ -14,7 +14,7 @@ profile systemd-resolved @{exec_path} flags=(attach_disconnected) {
   include <abstractions/nameservice-strict>
   include <abstractions/p11-kit>
   include <abstractions/ssl_certs>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_bind_service,
   capability net_raw,
diff --git a/apparmor.d/groups/systemd/systemd-rfkill b/apparmor.d/groups/systemd/systemd-rfkill
index 235d68e5..08825264 100644
--- a/apparmor.d/groups/systemd/systemd-rfkill
+++ b/apparmor.d/groups/systemd/systemd-rfkill
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-rfkill
 profile systemd-rfkill @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_ptrace,
diff --git a/apparmor.d/groups/systemd/systemd-shutdown b/apparmor.d/groups/systemd/systemd-shutdown
index fcb341f5..6de9639c 100644
--- a/apparmor.d/groups/systemd/systemd-shutdown
+++ b/apparmor.d/groups/systemd/systemd-shutdown
@@ -10,7 +10,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-shutdown
 profile systemd-shutdown @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability kill,
   capability sys_boot,
diff --git a/apparmor.d/groups/systemd/systemd-sleep b/apparmor.d/groups/systemd/systemd-sleep
index 9ee9f2ae..fbd1c21a 100644
--- a/apparmor.d/groups/systemd/systemd-sleep
+++ b/apparmor.d/groups/systemd/systemd-sleep
@@ -11,7 +11,7 @@ profile systemd-sleep @{exec_path} {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_admin,
diff --git a/apparmor.d/groups/systemd/systemd-socket-proxyd b/apparmor.d/groups/systemd/systemd-socket-proxyd
index 768e2ffc..90fc2d14 100644
--- a/apparmor.d/groups/systemd/systemd-socket-proxyd
+++ b/apparmor.d/groups/systemd/systemd-socket-proxyd
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-socket-proxyd
 profile systemd-socket-proxyd @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-sulogin-shell b/apparmor.d/groups/systemd/systemd-sulogin-shell
index 09e3ea31..a04cf876 100644
--- a/apparmor.d/groups/systemd/systemd-sulogin-shell
+++ b/apparmor.d/groups/systemd/systemd-sulogin-shell
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-sulogin-shell
 profile systemd-sulogin-shell @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_resource,
diff --git a/apparmor.d/groups/systemd/systemd-sysctl b/apparmor.d/groups/systemd/systemd-sysctl
index c00c10cb..72f02563 100644
--- a/apparmor.d/groups/systemd/systemd-sysctl
+++ b/apparmor.d/groups/systemd/systemd-sysctl
@@ -11,7 +11,7 @@ include <tunables/global>
 profile systemd-sysctl @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability mknod,
   capability net_admin,
diff --git a/apparmor.d/groups/systemd/systemd-sysusers b/apparmor.d/groups/systemd/systemd-sysusers
index 6bddd8a5..52184e48 100644
--- a/apparmor.d/groups/systemd/systemd-sysusers
+++ b/apparmor.d/groups/systemd/systemd-sysusers
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-sysusers @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability chown,
   capability fsetid,
diff --git a/apparmor.d/groups/systemd/systemd-timedated b/apparmor.d/groups/systemd/systemd-timedated
index e619d368..8449a37c 100644
--- a/apparmor.d/groups/systemd/systemd-timedated
+++ b/apparmor.d/groups/systemd/systemd-timedated
@@ -11,7 +11,7 @@ include <tunables/global>
 profile systemd-timedated @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/bus-system>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability sys_time,
 
diff --git a/apparmor.d/groups/systemd/systemd-timesyncd b/apparmor.d/groups/systemd/systemd-timesyncd
index fba798ac..53c0885b 100644
--- a/apparmor.d/groups/systemd/systemd-timesyncd
+++ b/apparmor.d/groups/systemd/systemd-timesyncd
@@ -12,7 +12,7 @@ profile systemd-timesyncd @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability sys_time,
 
diff --git a/apparmor.d/groups/systemd/systemd-tmpfiles b/apparmor.d/groups/systemd/systemd-tmpfiles
index 0302e832..1aa38369 100644
--- a/apparmor.d/groups/systemd/systemd-tmpfiles
+++ b/apparmor.d/groups/systemd/systemd-tmpfiles
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/systemd-tmpfiles
 profile systemd-tmpfiles @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
   include <abstractions/nameservice-strict>
 
   capability chown,
diff --git a/apparmor.d/groups/systemd/systemd-tty-ask-password-agent b/apparmor.d/groups/systemd/systemd-tty-ask-password-agent
index df840052..8ee9dadf 100644
--- a/apparmor.d/groups/systemd/systemd-tty-ask-password-agent
+++ b/apparmor.d/groups/systemd/systemd-tty-ask-password-agent
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-tty-ask-password-agent @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability dac_override,
   capability net_admin,
diff --git a/apparmor.d/groups/systemd/systemd-udevd b/apparmor.d/groups/systemd/systemd-udevd
index 1045ae59..ee776063 100644
--- a/apparmor.d/groups/systemd/systemd-udevd
+++ b/apparmor.d/groups/systemd/systemd-udevd
@@ -12,7 +12,7 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected,complain) {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability chown,
   capability dac_override,
@@ -132,7 +132,7 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected,complain) {
 
   profile systemctl flags=(attach_disconnected,complain) {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
     capability sys_ptrace,
diff --git a/apparmor.d/groups/systemd/systemd-update-utmp b/apparmor.d/groups/systemd/systemd-update-utmp
index d4859606..7dc00c97 100644
--- a/apparmor.d/groups/systemd/systemd-update-utmp
+++ b/apparmor.d/groups/systemd/systemd-update-utmp
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-update-utmp
 profile systemd-update-utmp @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
   include <abstractions/wutmp>
 
   capability audit_write,
diff --git a/apparmor.d/groups/systemd/systemd-user-runtime-dir b/apparmor.d/groups/systemd/systemd-user-runtime-dir
index d80e4a24..224123fa 100644
--- a/apparmor.d/groups/systemd/systemd-user-runtime-dir
+++ b/apparmor.d/groups/systemd/systemd-user-runtime-dir
@@ -12,7 +12,7 @@ profile systemd-user-runtime-dir @{exec_path} {
   include <abstractions/bus-system>
   include <abstractions/bus/org.freedesktop.login1>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability dac_override,
   capability dac_read_search,
diff --git a/apparmor.d/groups/systemd/systemd-user-sessions b/apparmor.d/groups/systemd/systemd-user-sessions
index 41d0e20e..833ba08c 100644
--- a/apparmor.d/groups/systemd/systemd-user-sessions
+++ b/apparmor.d/groups/systemd/systemd-user-sessions
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/systemd/systemd-user-sessions
 profile systemd-user-sessions @{exec_path} {
   include <abstractions/base>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability net_admin,
 
diff --git a/apparmor.d/groups/systemd/systemd-userdbd b/apparmor.d/groups/systemd/systemd-userdbd
index 8bf9676e..07156972 100644
--- a/apparmor.d/groups/systemd/systemd-userdbd
+++ b/apparmor.d/groups/systemd/systemd-userdbd
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-userdbd @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   include <abstractions/base>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability dac_read_search,
   capability sys_resource,
diff --git a/apparmor.d/groups/systemd/systemd-userwork b/apparmor.d/groups/systemd/systemd-userwork
index cc83b3ae..8be6f311 100644
--- a/apparmor.d/groups/systemd/systemd-userwork
+++ b/apparmor.d/groups/systemd/systemd-userwork
@@ -10,7 +10,7 @@ include <tunables/global>
 profile systemd-userwork @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability sys_resource,
 
diff --git a/apparmor.d/groups/systemd/systemd-vconsole-setup b/apparmor.d/groups/systemd/systemd-vconsole-setup
index 55a45f4f..fceccb43 100644
--- a/apparmor.d/groups/systemd/systemd-vconsole-setup
+++ b/apparmor.d/groups/systemd/systemd-vconsole-setup
@@ -11,7 +11,7 @@ profile systemd-vconsole-setup @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
 
   capability dac_override,
   capability net_admin,
diff --git a/apparmor.d/groups/ubuntu/apport b/apparmor.d/groups/ubuntu/apport
index 09d2da63..f939deb1 100644
--- a/apparmor.d/groups/ubuntu/apport
+++ b/apparmor.d/groups/ubuntu/apport
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = /usr/share/apport/apport 
 profile apport @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/bus-session>
   include <abstractions/bus/org.gnome.SessionManager>
   include <abstractions/nameservice-strict>
diff --git a/apparmor.d/groups/ubuntu/apport-gtk b/apparmor.d/groups/ubuntu/apport-gtk
index 89a6cda0..ff9ecb4e 100644
--- a/apparmor.d/groups/ubuntu/apport-gtk
+++ b/apparmor.d/groups/ubuntu/apport-gtk
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = /usr/share/apport/apport-gtk
 profile apport-gtk @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/audio-client>
   include <abstractions/bus-accessibility>
   include <abstractions/bus-session>
@@ -119,7 +119,7 @@ profile apport-gtk @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     include if exists <local/apport-gtk_systemctl>
   }
diff --git a/apparmor.d/groups/ubuntu/apt-esm-hook b/apparmor.d/groups/ubuntu/apt-esm-hook
index 302adf6f..2950eb11 100644
--- a/apparmor.d/groups/ubuntu/apt-esm-hook
+++ b/apparmor.d/groups/ubuntu/apt-esm-hook
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/ubuntu-advantage/apt-esm-hook
 profile apt-esm-hook @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/ubuntu/apt-esm-json-hook b/apparmor.d/groups/ubuntu/apt-esm-json-hook
index 9184e31d..f55a68ad 100644
--- a/apparmor.d/groups/ubuntu/apt-esm-json-hook
+++ b/apparmor.d/groups/ubuntu/apt-esm-json-hook
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/ubuntu-advantage/apt-esm-json-hook
 profile apt-esm-json-hook @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
 
   unix (receive, send) type=stream peer=(label=apt),
diff --git a/apparmor.d/groups/ubuntu/check-new-release-gtk b/apparmor.d/groups/ubuntu/check-new-release-gtk
index 0b4043fd..745ef81d 100644
--- a/apparmor.d/groups/ubuntu/check-new-release-gtk
+++ b/apparmor.d/groups/ubuntu/check-new-release-gtk
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/ubuntu-release-upgrader/check-new-release-gtk
 profile check-new-release-gtk @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/bus-accessibility>
   include <abstractions/bus-session>
   include <abstractions/bus/org.a11y>
diff --git a/apparmor.d/groups/ubuntu/do-release-upgrade b/apparmor.d/groups/ubuntu/do-release-upgrade
index 519cf655..9e367725 100644
--- a/apparmor.d/groups/ubuntu/do-release-upgrade
+++ b/apparmor.d/groups/ubuntu/do-release-upgrade
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/do-release-upgrade
 profile do-release-upgrade @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
   include <abstractions/python>
diff --git a/apparmor.d/groups/ubuntu/hwe-support-status b/apparmor.d/groups/ubuntu/hwe-support-status
index 8f6ca752..1842a73b 100644
--- a/apparmor.d/groups/ubuntu/hwe-support-status
+++ b/apparmor.d/groups/ubuntu/hwe-support-status
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/hwe-support-status
 profile hwe-support-status @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/python>
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/ubuntu/list-oem-metapackages b/apparmor.d/groups/ubuntu/list-oem-metapackages
index fdd3eba3..95816e68 100644
--- a/apparmor.d/groups/ubuntu/list-oem-metapackages
+++ b/apparmor.d/groups/ubuntu/list-oem-metapackages
@@ -10,7 +10,7 @@ include <tunables/global>
 profile list-oem-metapackages @{exec_path} {
   include <abstractions/base>
   include <abstractions/python>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
 
   @{exec_path} mr,
 
diff --git a/apparmor.d/groups/ubuntu/package-data-downloader b/apparmor.d/groups/ubuntu/package-data-downloader
index bd23d3ff..c4b9a7fd 100644
--- a/apparmor.d/groups/ubuntu/package-data-downloader
+++ b/apparmor.d/groups/ubuntu/package-data-downloader
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/update-notifier/package-data-downloader
 profile package-data-downloader @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/nameservice-strict>
   include <abstractions/python>
 
diff --git a/apparmor.d/groups/ubuntu/pro b/apparmor.d/groups/ubuntu/pro
index 4b1eeeaf..dcd19c36 100644
--- a/apparmor.d/groups/ubuntu/pro
+++ b/apparmor.d/groups/ubuntu/pro
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/pro
 profile pro @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/python>
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/ubuntu/software-properties-dbus b/apparmor.d/groups/ubuntu/software-properties-dbus
index f83d5930..ad3a2d56 100644
--- a/apparmor.d/groups/ubuntu/software-properties-dbus
+++ b/apparmor.d/groups/ubuntu/software-properties-dbus
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/software-properties/software-properties-dbus
 profile software-properties-dbus @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/bus-system>
   include <abstractions/nameservice-strict>
   include <abstractions/python>
diff --git a/apparmor.d/groups/ubuntu/software-properties-gtk b/apparmor.d/groups/ubuntu/software-properties-gtk
index 6e949941..d1c8bcdd 100644
--- a/apparmor.d/groups/ubuntu/software-properties-gtk
+++ b/apparmor.d/groups/ubuntu/software-properties-gtk
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/software-properties-gtk
 profile software-properties-gtk @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/bus-accessibility>
   include <abstractions/bus-session>
   include <abstractions/bus-system>
diff --git a/apparmor.d/groups/ubuntu/ubuntu-advantage b/apparmor.d/groups/ubuntu/ubuntu-advantage
index d0aa8d9d..be70afcb 100644
--- a/apparmor.d/groups/ubuntu/ubuntu-advantage
+++ b/apparmor.d/groups/ubuntu/ubuntu-advantage
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/ubuntu-advantage
 profile ubuntu-advantage @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
   include <abstractions/python>
diff --git a/apparmor.d/groups/ubuntu/update-manager b/apparmor.d/groups/ubuntu/update-manager
index 14773b95..5b251715 100644
--- a/apparmor.d/groups/ubuntu/update-manager
+++ b/apparmor.d/groups/ubuntu/update-manager
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/update-manager
 profile update-manager @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/audio-client>
   include <abstractions/bus-accessibility>
   include <abstractions/bus-session>
diff --git a/apparmor.d/groups/ubuntu/update-motd-updates-available b/apparmor.d/groups/ubuntu/update-motd-updates-available
index c20464fe..03665ec0 100644
--- a/apparmor.d/groups/ubuntu/update-motd-updates-available
+++ b/apparmor.d/groups/ubuntu/update-motd-updates-available
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/update-notifier/update-motd-updates-available
 profile update-motd-updates-available @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
   include <abstractions/python>
diff --git a/apparmor.d/groups/ubuntu/update-notifier b/apparmor.d/groups/ubuntu/update-notifier
index 0a7701cf..53eafc12 100644
--- a/apparmor.d/groups/ubuntu/update-notifier
+++ b/apparmor.d/groups/ubuntu/update-notifier
@@ -9,7 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/update-notifier
 profile update-notifier @{exec_path} {
   include <abstractions/base>
-  include <abstractions/apt-common>
+  include <abstractions/common/apt>
   include <abstractions/audio-client>
   include <abstractions/bus-accessibility>
   include <abstractions/bus-session>
@@ -82,7 +82,7 @@ profile update-notifier @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
     include <abstractions/bus-system>
 
     unix (bind) type=stream addr=@@{hex}/bus/systemctl/system,
diff --git a/apparmor.d/groups/virt/cockpit-update-motd b/apparmor.d/groups/virt/cockpit-update-motd
index 9e89b7b3..970a0de1 100644
--- a/apparmor.d/groups/virt/cockpit-update-motd
+++ b/apparmor.d/groups/virt/cockpit-update-motd
@@ -25,7 +25,7 @@ profile cockpit-update-motd @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     capability net_admin,
     capability sys_ptrace,
diff --git a/apparmor.d/groups/whonix/torbrowser-wrapper b/apparmor.d/groups/whonix/torbrowser-wrapper
index d2280cf6..7b40db8c 100644
--- a/apparmor.d/groups/whonix/torbrowser-wrapper
+++ b/apparmor.d/groups/whonix/torbrowser-wrapper
@@ -46,7 +46,7 @@ profile torbrowser-wrapper @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     /etc/machine-id r,
 
diff --git a/apparmor.d/groups/whonix/whonix-firewall-restarter b/apparmor.d/groups/whonix/whonix-firewall-restarter
index 2d326107..31e52b9d 100644
--- a/apparmor.d/groups/whonix/whonix-firewall-restarter
+++ b/apparmor.d/groups/whonix/whonix-firewall-restarter
@@ -10,7 +10,7 @@ include <tunables/global>
 profile whonix-firewall-restarter @{exec_path} {
   include <abstractions/base>
   include <abstractions/consoles>
-  include <abstractions/systemd-common>
+  include <abstractions/common/systemd>
   include <abstractions/nameservice-strict>
 
   capability chown,
diff --git a/apparmor.d/profiles-a-f/acpi-powerbtn b/apparmor.d/profiles-a-f/acpi-powerbtn
index 82b6930c..5ead7e3e 100644
--- a/apparmor.d/profiles-a-f/acpi-powerbtn
+++ b/apparmor.d/profiles-a-f/acpi-powerbtn
@@ -48,7 +48,7 @@ profile acpi-powerbtn flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/acpi-powerbtn_systemctl>
   }
diff --git a/apparmor.d/profiles-a-f/deltachat-desktop b/apparmor.d/profiles-a-f/deltachat-desktop
index 4fda1bb9..5d6aa5ce 100644
--- a/apparmor.d/profiles-a-f/deltachat-desktop
+++ b/apparmor.d/profiles-a-f/deltachat-desktop
@@ -25,7 +25,7 @@ profile deltachat-desktop @{exec_path} {
   include <abstractions/nameservice-strict>
   include <abstractions/ssl_certs>
   include <abstractions/user-download-strict>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
 
   network inet dgram,
   network inet6 dgram,
diff --git a/apparmor.d/profiles-a-f/dkms-autoinstaller b/apparmor.d/profiles-a-f/dkms-autoinstaller
index fe9b5309..bf81fe31 100644
--- a/apparmor.d/profiles-a-f/dkms-autoinstaller
+++ b/apparmor.d/profiles-a-f/dkms-autoinstaller
@@ -39,7 +39,7 @@ profile dkms-autoinstaller @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/dkms-autoinstaller_systemctl>
   }
diff --git a/apparmor.d/profiles-a-f/element-desktop b/apparmor.d/profiles-a-f/element-desktop
index 7a3d3ccf..8aaf9eee 100644
--- a/apparmor.d/profiles-a-f/element-desktop
+++ b/apparmor.d/profiles-a-f/element-desktop
@@ -10,7 +10,7 @@ include <tunables/global>
 profile element-desktop @{exec_path} {
   include <abstractions/base>
   include <abstractions/audio-client>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
   include <abstractions/dconf-write>
   include <abstractions/desktop>
   include <abstractions/graphics>
diff --git a/apparmor.d/profiles-a-f/flatpak-app b/apparmor.d/profiles-a-f/flatpak-app
index 84cb7275..c91bf26e 100644
--- a/apparmor.d/profiles-a-f/flatpak-app
+++ b/apparmor.d/profiles-a-f/flatpak-app
@@ -25,8 +25,8 @@ profile flatpak-app flags=(attach_disconnected,mediate_deleted) {
   include <abstractions/base>
   include <abstractions/bus-system>
   include <abstractions/bus/org.freedesktop.NetworkManager>
-  include <abstractions/bwrap-app>
-  include <abstractions/bwrap>
+  include <abstractions/common/app>
+  include <abstractions/common/bwrap>
 
   capability dac_override,
   capability dac_read_search,
diff --git a/apparmor.d/profiles-g-l/gparted b/apparmor.d/profiles-g-l/gparted
index 6bd0ef24..1e6be52c 100644
--- a/apparmor.d/profiles-g-l/gparted
+++ b/apparmor.d/profiles-g-l/gparted
@@ -60,7 +60,7 @@ profile gparted @{exec_path} {
 
   profile udevadm {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
 
     @{bin}/udevadm mr,
 
@@ -97,7 +97,7 @@ profile gparted @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/gparted_systemctl>
   }
diff --git a/apparmor.d/profiles-g-l/hw-probe b/apparmor.d/profiles-g-l/hw-probe
index e1c2d984..2aa80f90 100644
--- a/apparmor.d/profiles-g-l/hw-probe
+++ b/apparmor.d/profiles-g-l/hw-probe
@@ -165,7 +165,7 @@ profile hw-probe @{exec_path} {
 
   profile udevadm {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
 
     @{bin}/udevadm mr,
 
@@ -222,7 +222,7 @@ profile hw-probe @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/hw-probe_systemctl>
   }
diff --git a/apparmor.d/profiles-g-l/initd-kexec b/apparmor.d/profiles-g-l/initd-kexec
index e7471d64..fcda63e8 100644
--- a/apparmor.d/profiles-g-l/initd-kexec
+++ b/apparmor.d/profiles-g-l/initd-kexec
@@ -40,7 +40,7 @@ profile initd-kexec @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     capability sys_resource,
 
diff --git a/apparmor.d/profiles-g-l/inxi b/apparmor.d/profiles-g-l/inxi
index 2d200377..9f563229 100644
--- a/apparmor.d/profiles-g-l/inxi
+++ b/apparmor.d/profiles-g-l/inxi
@@ -127,7 +127,7 @@ profile inxi @{exec_path} {
 
   profile systemd {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
 
     @{lib}/systemd/systemd mr,
 
@@ -138,7 +138,7 @@ profile inxi @{exec_path} {
 
   profile udevadm {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
 
     @{bin}/udevadm mr,
 
@@ -164,7 +164,7 @@ profile inxi @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/inxi_systemctl>
   }
diff --git a/apparmor.d/profiles-g-l/lightdm-gtk-greeter b/apparmor.d/profiles-g-l/lightdm-gtk-greeter
index 984b9877..104939f2 100644
--- a/apparmor.d/profiles-g-l/lightdm-gtk-greeter
+++ b/apparmor.d/profiles-g-l/lightdm-gtk-greeter
@@ -40,7 +40,7 @@ profile lightdm-gtk-greeter @{exec_path} {
 
   profile systemd {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
     include <abstractions/nameservice-strict>
 
     @{lib}/systemd/systemd mr,
diff --git a/apparmor.d/profiles-g-l/logrotate b/apparmor.d/profiles-g-l/logrotate
index 4c2876a5..5c9ced99 100644
--- a/apparmor.d/profiles-g-l/logrotate
+++ b/apparmor.d/profiles-g-l/logrotate
@@ -86,7 +86,7 @@ profile logrotate @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl flags=(attach_disconnected) {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
     capability sys_ptrace,
diff --git a/apparmor.d/profiles-m-r/molly-guard b/apparmor.d/profiles-m-r/molly-guard
index fa268a2d..c6eb2a2a 100644
--- a/apparmor.d/profiles-m-r/molly-guard
+++ b/apparmor.d/profiles-m-r/molly-guard
@@ -35,7 +35,7 @@ profile molly-guard @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/molly-guard_systemctl>
   }
diff --git a/apparmor.d/profiles-m-r/mount-nfs b/apparmor.d/profiles-m-r/mount-nfs
index 9b06bcb7..9e7a488d 100644
--- a/apparmor.d/profiles-m-r/mount-nfs
+++ b/apparmor.d/profiles-m-r/mount-nfs
@@ -63,7 +63,7 @@ profile mount-nfs @{exec_path} flags=(complain) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/mount-nfs_systemctl>
   }
diff --git a/apparmor.d/profiles-m-r/needrestart b/apparmor.d/profiles-m-r/needrestart
index 574782b8..d01c714f 100644
--- a/apparmor.d/profiles-m-r/needrestart
+++ b/apparmor.d/profiles-m-r/needrestart
@@ -74,7 +74,7 @@ profile needrestart @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     capability net_admin,
 
diff --git a/apparmor.d/profiles-m-r/packagekitd b/apparmor.d/profiles-m-r/packagekitd
index e0fe8a65..601ebfc7 100644
--- a/apparmor.d/profiles-m-r/packagekitd
+++ b/apparmor.d/profiles-m-r/packagekitd
@@ -15,7 +15,7 @@ profile packagekitd @{exec_path} flags=(attach_disconnected) {
   include <abstractions/bus/org.freedesktop.PolicyKit1>
   include <abstractions/nameservice-strict>
   include <abstractions/ssl_certs>
-  include if exists <abstractions/apt-common>
+  include if exists <abstractions/common/apt>
 
   capability chown,
   capability dac_override,
diff --git a/apparmor.d/profiles-m-r/rustdesk b/apparmor.d/profiles-m-r/rustdesk
index 8be7412f..c711530e 100644
--- a/apparmor.d/profiles-m-r/rustdesk
+++ b/apparmor.d/profiles-m-r/rustdesk
@@ -60,10 +60,8 @@ profile rustdesk @{exec_path} {
   profile sudo {
     include <abstractions/base>
     include <abstractions/python>
-    include <abstractions/sudo>
+    include <abstractions/app/sudo>
 
-    @{bin}/sudo rm,
-  
     @{bin}/rustdesk rPx,
     @{bin}/python3.@{int}    rPx -> rustdesk_python,
 
diff --git a/apparmor.d/profiles-s-z/sensors-detect b/apparmor.d/profiles-s-z/sensors-detect
index 9ea6e2bf..820c31d1 100644
--- a/apparmor.d/profiles-s-z/sensors-detect
+++ b/apparmor.d/profiles-s-z/sensors-detect
@@ -41,7 +41,7 @@ profile sensors-detect @{exec_path} {
 
   profile udevadm {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
 
     capability sys_ptrace,
 
@@ -67,7 +67,7 @@ profile sensors-detect @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     include if exists <local/sensors-detect_systemctl>
   }
diff --git a/apparmor.d/profiles-s-z/snap b/apparmor.d/profiles-s-z/snap
index 5bd39e11..1d9e0bc2 100644
--- a/apparmor.d/profiles-s-z/snap
+++ b/apparmor.d/profiles-s-z/snap
@@ -112,7 +112,7 @@ profile snap @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/snap_systemctl>
   }
diff --git a/apparmor.d/profiles-s-z/snap-failure b/apparmor.d/profiles-s-z/snap-failure
index 86dbe1ab..9f639906 100644
--- a/apparmor.d/profiles-s-z/snap-failure
+++ b/apparmor.d/profiles-s-z/snap-failure
@@ -25,7 +25,7 @@ profile snap-failure @{exec_path} {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
   
     include if exists <local/snap-failure_systemctl>
   }
diff --git a/apparmor.d/profiles-s-z/spotify b/apparmor.d/profiles-s-z/spotify
index a9088dfd..fee251d0 100644
--- a/apparmor.d/profiles-s-z/spotify
+++ b/apparmor.d/profiles-s-z/spotify
@@ -16,7 +16,7 @@ include <tunables/global>
 profile spotify @{exec_path} {
   include <abstractions/base>
   include <abstractions/audio-client>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
   include <abstractions/dconf-write>
   include <abstractions/desktop>
   include <abstractions/graphics>
diff --git a/apparmor.d/profiles-s-z/steam b/apparmor.d/profiles-s-z/steam
index 9e9333f0..25f911cc 100644
--- a/apparmor.d/profiles-s-z/steam
+++ b/apparmor.d/profiles-s-z/steam
@@ -11,7 +11,7 @@ include <tunables/global>
 profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted,complain) {
   include <abstractions/base>
   include <abstractions/audio-client>
-  include <abstractions/chromium-common>
+  include <abstractions/common/chromium>
   include <abstractions/consoles>
   include <abstractions/dconf-write>
   include <abstractions/desktop>
diff --git a/apparmor.d/profiles-s-z/steam-game b/apparmor.d/profiles-s-z/steam-game
index eda180a3..e4d1f82a 100644
--- a/apparmor.d/profiles-s-z/steam-game
+++ b/apparmor.d/profiles-s-z/steam-game
@@ -24,7 +24,7 @@ include <tunables/global>
 profile steam-game @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/audio-client>
-  include <abstractions/bwrap>
+  include <abstractions/common/bwrap>
   include <abstractions/desktop>
   include <abstractions/devices-usb>
   include <abstractions/fontconfig-cache-write>
diff --git a/apparmor.d/profiles-s-z/su b/apparmor.d/profiles-s-z/su
index ed8049f7..940536a0 100644
--- a/apparmor.d/profiles-s-z/su
+++ b/apparmor.d/profiles-s-z/su
@@ -11,10 +11,9 @@ include <tunables/global>
 profile su @{exec_path} {
   include <abstractions/base>
   include <abstractions/app-launcher-root>
-  include <abstractions/sudo>
+  include <abstractions/app/sudo>
 
   capability chown,  # pseudo-terminal
-  capability dac_read_search,
 
   signal (send)    set=(term,kill),
   signal (receive) set=(int,quit,term),
diff --git a/apparmor.d/profiles-s-z/sudo b/apparmor.d/profiles-s-z/sudo
index f513bce7..3d7e8ed7 100644
--- a/apparmor.d/profiles-s-z/sudo
+++ b/apparmor.d/profiles-s-z/sudo
@@ -11,11 +11,9 @@ include <tunables/global>
 profile sudo @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/app-launcher-root>
-  include <abstractions/sudo>
+  include <abstractions/app/sudo>
 
   capability chown,
-  capability dac_override,
-  capability dac_read_search,
   capability mknod,
   capability sys_ptrace,
 
@@ -27,32 +25,26 @@ profile sudo @{exec_path} flags=(attach_disconnected) {
   signal (send,receive) peer=cockpit-bridge,
   signal (send) peer=@{systemd},
   signal (send) set=(cont,hup) peer=su,
-  signal (send) set=(winch),
+  # signal (send) set=(winch),
+  signal (send) set=(winch) peer=child-pager,
+  signal (send) set=(winch) peer=journalctl,
 
-  @{exec_path} mr,
-
-  @{bin}/@{shells}                 rUx,
+  @{bin}/@{shells}                  rUx,
   @{lib}/**                         PUx,
   /opt/*/**                         PUx,
   /snap/snapd/@{int}@{bin}/snap    rPUx,
 
         /var/db/sudo/lectured/ r,
-        /var/lib/extrausers/shadow r,
-        /var/lib/sudo/lectured/ r,
-        /var/lib/sudo/ts/ rw,
-        /var/lib/sudo/ts/* rwk,
-        /var/log/sudo.log wk,
   owner /var/db/sudo/lectured/@{uid} rw,
-  owner /var/lib/sudo/lectured/* rw,
+  owner /var/lib/extrausers/shadow r,
+
+        /var/lib/sudo/lectured/ r,
+  owner /var/lib/sudo/lectured/@{uid} rw,
 
   owner @{HOME}/.sudo_as_admin_successful rw,
 
-        @{run}/ r,
-        @{run}/faillock/{,*} rwk,
-        @{run}/systemd/sessions/* r,
-  owner @{run}/sudo/ rw,
-  owner @{run}/sudo/ts/ rw,
-  owner @{run}/sudo/ts/* rwk,
+  @{run}/ r,
+  @{run}/systemd/sessions/* r,
 
   include if exists <local/sudo>
 }
diff --git a/apparmor.d/profiles-s-z/udisksd b/apparmor.d/profiles-s-z/udisksd
index f994d869..dcb786f1 100644
--- a/apparmor.d/profiles-s-z/udisksd
+++ b/apparmor.d/profiles-s-z/udisksd
@@ -141,7 +141,7 @@ profile udisksd @{exec_path} flags=(attach_disconnected) {
 
   profile systemctl {
     include <abstractions/base>
-    include <abstractions/systemctl>
+    include <abstractions/app/systemctl>
 
     include if exists <local/udisksd_systemctl>
   }
diff --git a/apparmor.d/profiles-s-z/x11-xsession b/apparmor.d/profiles-s-z/x11-xsession
index d93d9c6e..6228ff5c 100644
--- a/apparmor.d/profiles-s-z/x11-xsession
+++ b/apparmor.d/profiles-s-z/x11-xsession
@@ -114,7 +114,7 @@ profile x11-xsession @{exec_path} {
 
   profile udevadm {
     include <abstractions/base>
-    include <abstractions/systemd-common>
+    include <abstractions/common/systemd>
 
     @{bin}/udevadm mr,