diff --git a/apparmor.d/groups/hypr/hyprctl b/apparmor.d/groups/hypr/hyprctl
new file mode 100644
index 000000000..e59150c49
--- /dev/null
+++ b/apparmor.d/groups/hypr/hyprctl
@@ -0,0 +1,21 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 odomingao
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/hyprctl
+
+profile hyprctl /{,usr/}{,s}bin/hyprctl {
+  include <abstractions/base>
+  include <abstractions/nameservice-strict>
+
+  @{exec_path} mr,
+
+  include if exists <local/hyprctl>
+}
+
+# vim:syntax=apparmor
+
diff --git a/apparmor.d/groups/hypr/hyprlock b/apparmor.d/groups/hypr/hyprlock
new file mode 100644
index 000000000..c42950629
--- /dev/null
+++ b/apparmor.d/groups/hypr/hyprlock
@@ -0,0 +1,47 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 odomingao
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/hyprlock
+
+profile hyprlock /{,usr/}{,s}bin/hyprlock {
+  include <abstractions/base>
+  include <abstractions/dri>
+  include <abstractions/fonts>
+  include <abstractions/mesa>
+  include <abstractions/nameservice-strict>
+  include <abstractions/opencl-mesa>
+  include <abstractions/vulkan>
+  include <abstractions/vulkan-strict>
+
+  capability audit_write,
+
+  network netlink raw,
+
+  @{exec_path} mr,
+  @{bin}/unix_chkpwd mrix,
+
+  /etc/login.defs r,
+  /etc/pam.d/* r,
+  /etc/security/faillock.conf r,
+  /etc/shells r,
+  owner /etc/shadow r,
+
+  owner @{XDG_PICTURES_DIR}/** r,
+  owner @{XDG_WALLPAPERS_DIR}/** r,
+
+  owner @{user_config_dirs}/hypr/hyprlock.conf r,
+
+  owner @{run}/faillock/@{user} rwk,
+
+  owner /dev/tty@{int} rw,
+
+  include if exists <local/hyprlock>
+}
+
+# vim:syntax=apparmor
+
diff --git a/apparmor.d/groups/hypr/hyprpaper b/apparmor.d/groups/hypr/hyprpaper
new file mode 100644
index 000000000..5b12d009c
--- /dev/null
+++ b/apparmor.d/groups/hypr/hyprpaper
@@ -0,0 +1,32 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 odomingao
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/hyprpaper
+
+profile hyprpaper /{,usr/}{,s}bin/hyprpaper flags=(attach_disconnected) {
+  include <abstractions/base>
+  include <abstractions/nameservice-strict>
+
+  @{exec_path} mr,
+
+  /usr/share/icons/** r,
+
+  owner @{XDG_WALLPAPERS_DIR}/** r,
+
+  owner @{user_config_dirs}/hypr/hyprpaper.conf r,
+
+  owner @{run}/user/*/ r,
+  owner @{run}/user/*/.hyprpaper* rw,
+  owner @{run}/user/*/hypr/*/.hyprpaper.sock w,
+  owner @{run}/user/*/hyprpaper.lock rw,
+
+  include if exists <local/hyprpaper>
+}
+
+# vim:syntax=apparmor
+
diff --git a/apparmor.d/groups/hypr/hyprpicker b/apparmor.d/groups/hypr/hyprpicker
new file mode 100644
index 000000000..3e26bdbf8
--- /dev/null
+++ b/apparmor.d/groups/hypr/hyprpicker
@@ -0,0 +1,25 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 odomingao
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/hyprpicker
+
+profile hyprpicker /{,usr/}{,s}bin/hyprpicker {
+  include <abstractions/base>
+
+  @{exec_path} mr,
+  @{bin}/wl-copy Px,
+
+  /usr/share/icons/** r,
+
+  owner @{run}/user/*/.hyprpicker* rw,
+
+  include if exists <local/hyprpicker>
+}
+
+# vim:syntax=apparmor
+
diff --git a/apparmor.d/groups/hypr/hyprpm b/apparmor.d/groups/hypr/hyprpm
new file mode 100644
index 000000000..8a8270052
--- /dev/null
+++ b/apparmor.d/groups/hypr/hyprpm
@@ -0,0 +1,43 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 odomingao
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/hyprpm
+
+profile hyprpm /{,usr/}{,s}bin/hyprpm {
+  include <abstractions/base>
+  include <abstractions/nameservice-strict>
+  include <abstractions/ssl_certs>
+  include <abstractions/user-tmp>
+
+  network inet dgram,
+  network inet stream,
+  network inet6 dgram,
+
+  @{exec_path} mr,
+
+  @{bin}/** rix,
+  @{lib}/gcc/** rix,
+  @{lib}/gcc/*/*/** rix,
+  @{lib}/git-core/** rix,
+
+  /usr/include/** r,
+  /usr/share/git-core/** r,
+  /usr/share/pkgconfig/** r,
+
+  owner @{user_share_dirs}/hyprpm/ r,
+  owner @{user_share_dirs}/hyprpm/** rw,
+  owner @{user_share_dirs}/hyprpm/*/*/** rw,
+
+  /tmp/hyprpm/** rw,
+  /tmp/hyprpm/*/*/** rw,
+
+  include if exists <local/hyprpm>
+}
+
+# vim:syntax=apparmor
+
diff --git a/apparmor.d/profiles-s-z/waybar b/apparmor.d/profiles-s-z/waybar
new file mode 100644
index 000000000..1caa0af2e
--- /dev/null
+++ b/apparmor.d/profiles-s-z/waybar
@@ -0,0 +1,45 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 odomingao
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/3.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/waybar
+
+profile waybar /{,usr/}{,s}bin/waybar flags=(attach_disconnected) {
+  include <abstractions/audio>
+  include <abstractions/base>
+  include <abstractions/dconf-write>
+  include <abstractions/desktop>
+  include <abstractions/nameservice-strict>
+
+  network inet dgram,
+  network inet6 dgram,
+  network netlink raw,
+
+  @{exec_path} mr,
+
+  @{bin}/** rPUx,
+  @{user_bin_dirs}/** rPUx,
+
+  /usr/share/icons/** r,
+  /usr/share/pixmaps/** r,
+
+  owner @{HOME}/.icons/** r,
+  owner @{HOME}/.themes/** r,
+
+  owner @{user_config_dirs}/waybar/config.jsonc r,
+  owner @{user_config_dirs}/waybar/style.css r,
+  owner @{user_config_dirs}/waybar/themes/** r,
+
+  owner @{user_share_dirs}/icons/** r,
+
+  owner /dev/tty@{int} rw,
+
+  include if exists <local/waybar>
+}
+
+# vim:syntax=apparmor
+