diff --git a/apparmor.d/profiles-s-z/sing-box b/apparmor.d/profiles-s-z/sing-box
index 211e11128..0ebe76ad7 100644
--- a/apparmor.d/profiles-s-z/sing-box
+++ b/apparmor.d/profiles-s-z/sing-box
@@ -7,14 +7,10 @@ abi <abi/3.0>,
 
 include <tunables/global>
 
-@{exec_path} = /{,usr/}{,local/}bin/sing-box
+@{exec_path} = @{bin}/sing-box
 profile sing-box @{exec_path} {
   include <abstractions/base>
-  include <abstractions/nameservice>
-  include <abstractions/nis>
-  include <abstractions/ssl_certs>
-  include <abstractions/ssl_keys>
-  include <abstractions/tor>
+  include <abstractions/nameservice-strict>
   include <abstractions/user-tmp>
 
   capability net_bind_service,
@@ -27,11 +23,11 @@ profile sing-box @{exec_path} {
   /proc/meminfo r,
   /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,
 
-  /usr/bin/tor mrix,
-  /usr/{,local/}bin/sing-box mr,
+  @{bin}/tor mrix,
+  @{bin}/sing-box mr,
   /usr/{,local/}share/sing-box/geoip.db r,
   /usr/{,local/}share/sing-box/geosite.db r,
 
   owner /{,usr/local/}etc/sing-box/config.json r,
-  owner @{home_dirs}/.local/share/certmagic/** rw,
+  owner @{user_share_dirs}/certmagic/** rw,
 }