diff --git a/apparmor.d/groups/systemd/busctl b/apparmor.d/groups/systemd/busctl
index d251e9b2..dcb60493 100644
--- a/apparmor.d/groups/systemd/busctl
+++ b/apparmor.d/groups/systemd/busctl
@@ -43,6 +43,7 @@ profile busctl @{exec_path} {
         @{PROC}/@{pid}/comm r,
         @{PROC}/@{pid}/stat r,
   owner @{PROC}/@{pid}/cmdline r,
+  owner @{PROC}/@{pid}/fdinfo/@{int} r,
   owner @{PROC}/@{pid}/loginuid r,
   owner @{PROC}/@{pid}/sessionid r,
 
diff --git a/apparmor.d/groups/systemd/loginctl b/apparmor.d/groups/systemd/loginctl
index 681d1438..5386662c 100644
--- a/apparmor.d/groups/systemd/loginctl
+++ b/apparmor.d/groups/systemd/loginctl
@@ -9,18 +9,24 @@ include <tunables/global>
 @{exec_path} = @{bin}/loginctl
 profile loginctl @{exec_path} {
   include <abstractions/base>
+  include <abstractions/consoles>
   include <abstractions/bus-system>
-  include <abstractions/bus/org.freedesktop.login1.Session>
-  include <abstractions/bus/org.freedesktop.login1>
   include <abstractions/common/systemd>
 
   capability net_admin,
   capability sys_resource,
 
+  signal send set=cont peer=child-pager,
+
+  #aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
+
   @{exec_path} mr,
 
   @{pager_path} rPx -> child-pager,
 
+        @{PROC}/sys/fs/nr_open r,
+  owner @{PROC}/@{pid}/cgroup r,
+
   include if exists <local/loginctl>
 }
 
diff --git a/apparmor.d/groups/systemd/userdbctl b/apparmor.d/groups/systemd/userdbctl
index db1a3dda..0e3a99ba 100644
--- a/apparmor.d/groups/systemd/userdbctl
+++ b/apparmor.d/groups/systemd/userdbctl
@@ -21,7 +21,7 @@ profile userdbctl @{exec_path} {
   /etc/shadow r,
   /etc/gshadow r,
 
-  @{PROC}/@{pid}/cgroup r,
+  @{PROC}/1/cgroup r,
 
   include if exists <local/userdbctl>
 }