diff --git a/apparmor.d/abstractions/app/systemctl b/apparmor.d/abstractions/app/systemctl
index 4ecfbecad..b707add4d 100644
--- a/apparmor.d/abstractions/app/systemctl
+++ b/apparmor.d/abstractions/app/systemctl
@@ -15,6 +15,8 @@
 
   @{bin}/systemctl mr,
 
+  @{att}/@{run}/systemd/private rw,
+
   owner @{run}/systemd/private rw,
 
           @{PROC}/1/cgroup r,
diff --git a/apparmor.d/abstractions/attached/consoles b/apparmor.d/abstractions/attached/consoles
index bf76e4a43..82c3c3f7a 100644
--- a/apparmor.d/abstractions/attached/consoles
+++ b/apparmor.d/abstractions/attached/consoles
@@ -5,8 +5,21 @@
 
   abi <abi/4.0>,
 
-        @{att}/dev/tty@{int} rw,
-  owner @{att}/dev/pts/@{int} rw,
+  # There are the common ways to refer to consoles
+  /dev/console          rw,
+  /dev/tty              rw,
+  /dev/tty@{u16}        rw,
+  @{att}/dev/tty        rw,
+  @{att}/dev/tty@{u16}  rw,
+
+  # These entries are a bit unfortunate; /dev/tty will always be
+  # associated with the controlling terminal by the kernel, but if a
+  # program uses the /dev/pts/ interface, it actually has access to
+  # -all- xterm, sshd, etc, terminals on the system.
+        /dev/pts/ r,
+  owner /dev/pts/@{u16} rw,
+        @{att}/pts/ r,
+  owner @{att}/dev/pts/@{u16} rw,
 
   include if exists <abstractions/attached/consoles.d>
 
diff --git a/apparmor.d/groups/systemd/systemd-coredump b/apparmor.d/groups/systemd/systemd-coredump
index 856bee914..52efea3db 100644
--- a/apparmor.d/groups/systemd/systemd-coredump
+++ b/apparmor.d/groups/systemd/systemd-coredump
@@ -43,6 +43,9 @@ profile systemd-coredump @{exec_path} flags=(attach_disconnected,mediate_deleted
 
   /var/lib/systemd/coredump/{,**} rwl,
 
+  @{att}/@{run}/systemd/coredump rw,
+  @{run}/systemd/coredump rw,
+
         @{PROC}/@{pids}/cgroup r,
         @{PROC}/@{pids}/cmdline r,
         @{PROC}/@{pids}/comm r,