diff --git a/apparmor.d/groups/gnome/gsd-wacom b/apparmor.d/groups/gnome/gsd-wacom
index e87dc32f7..601ec28c5 100644
--- a/apparmor.d/groups/gnome/gsd-wacom
+++ b/apparmor.d/groups/gnome/gsd-wacom
@@ -9,6 +9,7 @@ include <tunables/global>
 @{exec_path} = /{usr/,}lib/gsd-wacom
 profile gsd-wacom @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
+  include <abstractions/fontconfig-cache-write>
   include <abstractions/fonts>
   include <abstractions/gtk>
 
diff --git a/apparmor.d/groups/gvfs/gvfsd-trash b/apparmor.d/groups/gvfs/gvfsd-trash
index 37783436d..b5d54ab85 100644
--- a/apparmor.d/groups/gvfs/gvfsd-trash
+++ b/apparmor.d/groups/gvfs/gvfsd-trash
@@ -29,5 +29,10 @@ profile gvfsd-trash @{exec_path} {
   owner @{run}/user/[0-9]*/gvfsd/ rw,
   owner @{run}/user/[0-9]*/gvfsd/socket-[a-zA-z0-9]* rw,
 
+  # Can restore all user files
+  owner @{HOME}/{,**} rw,
+  owner /media/*/{,**} rw,
+  owner /mnt/*/{,**} rw,
+
   include if exists <local/gvfsd-trash>
 }
diff --git a/apparmor.d/profiles-a-l/aa-notify b/apparmor.d/profiles-a-l/aa-notify
index 9327024b6..0c4d127b1 100644
--- a/apparmor.d/profiles-a-l/aa-notify
+++ b/apparmor.d/profiles-a-l/aa-notify
@@ -12,6 +12,8 @@ profile aa-notify @{exec_path} {
   include <abstractions/python>
   include <abstractions/nameservice-strict>
 
+  capability sys_ptrace,
+
   ptrace (read),
 
   @{exec_path} mr,
diff --git a/apparmor.d/profiles-a-l/auditd b/apparmor.d/profiles-a-l/auditd
index 6044e1570..3fb7e2d61 100644
--- a/apparmor.d/profiles-a-l/auditd
+++ b/apparmor.d/profiles-a-l/auditd
@@ -11,6 +11,7 @@ profile auditd @{exec_path} {
   include <abstractions/base>
   include <abstractions/nameservice-strict>
 
+  capability audit_control,
   capability fsetid,
   capability chown,
 
diff --git a/apparmor.d/profiles-a-l/freefall b/apparmor.d/profiles-a-l/freefall
index afa3ee9f3..2ca9dc67b 100644
--- a/apparmor.d/profiles-a-l/freefall
+++ b/apparmor.d/profiles-a-l/freefall
@@ -16,7 +16,7 @@ profile freefall @{exec_path} {
 
   @{exec_path} mr,
 
-  /dev/freefall r,
+  /dev/freefall rw,
   /dev/sd[a-z] rk,
   /dev/sd[a-z][0-9]* rk,
 
diff --git a/profiles.manifest b/profiles.manifest
index 9f4dafd38..cf048d3cc 100644
--- a/profiles.manifest
+++ b/profiles.manifest
@@ -174,7 +174,6 @@ nm-initrd-generator complain
 nm-openvpn-auth-dialog complain
 nm-openvpn-service complain
 nm-openvpn-service-openvpn-helper complain
-notify-send complain
 ntfs-3g complain
 ntfs-3g-probe complain
 obex-folder-listing complain