diff --git a/apparmor.d/tunables/multiarch.d/profiles b/apparmor.d/tunables/multiarch.d/profiles
index e966623d4..92ab19fc9 100644
--- a/apparmor.d/tunables/multiarch.d/profiles
+++ b/apparmor.d/tunables/multiarch.d/profiles
@@ -9,7 +9,9 @@
 
 # Name of the systemd profiles. Can be `unconfined` or `systemd`, `systemd-user`
 @{p_systemd}=unconfined
+@{p_systemd_executor}=unconfined
 @{p_systemd_user}=unconfined
+@{p_systemd_user_executor}=unconfined
 
 # Name of the dbus daemon profiles
 @{p_dbus_accessibility}=dbus-accessibility
diff --git a/pkg/prebuild/prepare/fsp.go b/pkg/prebuild/prepare/fsp.go
index e46efe0e8..0d4c23076 100644
--- a/pkg/prebuild/prepare/fsp.go
+++ b/pkg/prebuild/prepare/fsp.go
@@ -40,7 +40,9 @@ func (p FullSystemPolicy) Apply() ([]string, error) {
 		return res, err
 	}
 	out = strings.ReplaceAll(out, "@{p_systemd}=unconfined", "@{p_systemd}=systemd")
+	out = strings.ReplaceAll(out, "@{p_systemd_executor}=unconfined", "@{p_systemd_executor}=systemd-executor")
 	out = strings.ReplaceAll(out, "@{p_systemd_user}=unconfined", "@{p_systemd_user}=systemd-user")
+	out = strings.ReplaceAll(out, "@{p_systemd_user_executor}=unconfined", "@{p_systemd_user_executor}=systemd-user-executor")
 	if err := path.WriteFile([]byte(out)); err != nil {
 		return res, err
 	}