diff --git a/profiles/apparmor.d/iotop-c b/profiles/apparmor.d/iotop-c
index 4571540b5..fc473e7ce 100644
--- a/profiles/apparmor.d/iotop-c
+++ b/profiles/apparmor.d/iotop-c
@@ -5,7 +5,7 @@ include <tunables/global>
 profile iotop-c /usr/sbin/iotop-c {
   include <abstractions/base>
   include <abstractions/bash>
-  include <abstractions/nameservice>
+  include <abstractions/nameservice-strict>
 
   capability net_admin,
   capability sys_admin,
@@ -13,12 +13,10 @@ profile iotop-c /usr/sbin/iotop-c {
   /proc/*/cmdline r,
   /proc/*/task/ r,
   /usr/sbin/iotop-c mr,
-  owner /etc/nsswitch.conf r,
-  owner /etc/passwd r,
-  owner /proc/ r,
-  owner /proc/sys/kernel/task_delayacct rw,
-  owner /proc/vmstat r,
+  /proc/ r,
+  /proc/sys/kernel/task_delayacct rw,
+  /proc/vmstat r,
   owner @{HOME}/.config/iotop/iotoprc rw,
 
+  include if exists <local/iotop-c>
 }
-