diff --git a/apparmor.d/groups/systemd/hostnamectl b/apparmor.d/groups/systemd/hostnamectl
index 65e6ed11..91fc31b5 100644
--- a/apparmor.d/groups/systemd/hostnamectl
+++ b/apparmor.d/groups/systemd/hostnamectl
@@ -14,6 +14,8 @@ profile hostnamectl @{exec_path} {
 
   capability net_admin,
 
+  unix bind type=stream addr=@@{hex16}/bus/hostnamectl/system,
+
   #aa:dbus talk bus=system name=org.freedesktop.hostname1 label=systemd-hostnamed
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/systemd/systemd-cgls b/apparmor.d/groups/systemd/systemd-cgls
index e74280f6..b25f861b 100644
--- a/apparmor.d/groups/systemd/systemd-cgls
+++ b/apparmor.d/groups/systemd/systemd-cgls
@@ -9,6 +9,7 @@ include <tunables/global>
 @{exec_path} = @{bin}/systemd-cgls
 profile systemd-cgls @{exec_path} {
   include <abstractions/base>
+  include <abstractions/bus-system>
 
   capability sys_ptrace,
 
diff --git a/apparmor.d/groups/systemd/systemd-logind b/apparmor.d/groups/systemd/systemd-logind
index 53dd0acf..206c0957 100644
--- a/apparmor.d/groups/systemd/systemd-logind
+++ b/apparmor.d/groups/systemd/systemd-logind
@@ -94,10 +94,11 @@ profile systemd-logind @{exec_path} flags=(attach_disconnected) {
   @{run}/udev/data/c226:@{int} r,         # For /dev/dri/card*
   @{run}/udev/data/c@{dynamic}:@{int} r,  # For dynamic assignment range 234 to 254, 384 to 511
 
+  @{att}/@{run}/systemd/notify w,
+
   @{run}/systemd/inhibit/ rw,
   @{run}/systemd/inhibit/.#* rw,
   @{run}/systemd/inhibit/@{int}{,.ref} rw,
-  @{run}/systemd/notify rw,
   @{run}/systemd/seats/ rw,
   @{run}/systemd/seats/.#seat* rw,
   @{run}/systemd/seats/seat@{int} rw,
diff --git a/apparmor.d/groups/systemd/systemd-modules-load b/apparmor.d/groups/systemd/systemd-modules-load
index abb437f8..d3527c22 100644
--- a/apparmor.d/groups/systemd/systemd-modules-load
+++ b/apparmor.d/groups/systemd/systemd-modules-load
@@ -13,6 +13,7 @@ profile systemd-modules-load @{exec_path} {
   include <abstractions/common/systemd>
 
   capability net_admin,
+  capability perfmon,
   capability sys_module,
 
   @{exec_path} mr,
diff --git a/apparmor.d/groups/systemd/systemd-oomd b/apparmor.d/groups/systemd/systemd-oomd
index e5dce916..469f72b0 100644
--- a/apparmor.d/groups/systemd/systemd-oomd
+++ b/apparmor.d/groups/systemd/systemd-oomd
@@ -24,9 +24,10 @@ profile systemd-oomd @{exec_path} flags=(attach_disconnected) {
   /etc/systemd/oomd.conf r,
   /etc/systemd/oomd.conf.d/{,**} r,
 
+  @{att}/@{run}/systemd/notify w,
+
   @{run}/systemd/io.system.ManagedOOM rw,
   @{run}/systemd/io.systemd.ManagedOOM rw,
-  @{run}/systemd/notify rw,
 
   @{sys}/fs/cgroup/cgroup.controllers r,
   @{sys}/fs/cgroup/memory.* r,
diff --git a/apparmor.d/groups/systemd/systemd-timesyncd b/apparmor.d/groups/systemd/systemd-timesyncd
index de544c9d..9f9136bc 100644
--- a/apparmor.d/groups/systemd/systemd-timesyncd
+++ b/apparmor.d/groups/systemd/systemd-timesyncd
@@ -34,9 +34,10 @@ profile systemd-timesyncd @{exec_path} flags=(attach_disconnected) {
 
   owner /var/lib/systemd/timesync/clock rw,
 
+  @{att}/@{run}/systemd/notify rw,
+
         @{run}/resolvconf/*.conf r,
         @{run}/systemd/netif/state r,
-        @{run}/systemd/notify rw,
         @{run}/systemd/timesyncd.conf.d/{,**} r,
   owner @{run}/systemd/timesync/synchronized rw,
 
diff --git a/apparmor.d/groups/systemd/systemd-udevd b/apparmor.d/groups/systemd/systemd-udevd
index dae5ae67..b8a0c7e4 100644
--- a/apparmor.d/groups/systemd/systemd-udevd
+++ b/apparmor.d/groups/systemd/systemd-udevd
@@ -21,6 +21,7 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected,complain) {
   capability fsetid,
   capability mknod,
   capability net_admin,
+  capability perfmon,
   capability sys_admin,
   capability sys_module,
   capability sys_ptrace,