diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium
index 0aa8f5ef1..81d37113d 100644
--- a/apparmor.d/abstractions/app/chromium
+++ b/apparmor.d/abstractions/app/chromium
@@ -43,7 +43,7 @@
   include <abstractions/user-read-strict>
   include <abstractions/video>
 
-  # userns,
+  userns,
 
   capability setgid,
   capability setuid,
diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox
index 23a91593f..c94ef8476 100644
--- a/apparmor.d/abstractions/app/firefox
+++ b/apparmor.d/abstractions/app/firefox
@@ -30,7 +30,7 @@
   include <abstractions/thumbnails-cache-read>
   include <abstractions/uim>
 
-  # userns,
+  userns,
 
   capability sys_admin, # If kernel.unprivileged_userns_clone = 1
   capability sys_chroot, # If kernel.unprivileged_userns_clone = 1
diff --git a/apparmor.d/abstractions/common/bwrap b/apparmor.d/abstractions/common/bwrap
index a73626bb1..711117f6d 100644
--- a/apparmor.d/abstractions/common/bwrap
+++ b/apparmor.d/abstractions/common/bwrap
@@ -7,7 +7,7 @@
 # - the flag: attach_disconnected
 # - bwrap execution: '@{bin}/bwrap rix,'
 
-  # userns,
+  userns,
 
   capability net_admin,
   capability setpcap,
diff --git a/apparmor.d/abstractions/common/chromium b/apparmor.d/abstractions/common/chromium
index 28effd768..cad07669a 100644
--- a/apparmor.d/abstractions/common/chromium
+++ b/apparmor.d/abstractions/common/chromium
@@ -6,7 +6,7 @@
 # This abstraction is for chromium based application. Chromium based browsers
 # need to use abstractions/chromium instead.
 
-  # userns,
+  userns,
 
   capability setgid, # If kernel.unprivileged_userns_clone = 1
   capability setuid, # If kernel.unprivileged_userns_clone = 1
diff --git a/apparmor.d/abstractions/common/electron b/apparmor.d/abstractions/common/electron
index 9cf480718..da792131d 100644
--- a/apparmor.d/abstractions/common/electron
+++ b/apparmor.d/abstractions/common/electron
@@ -18,7 +18,7 @@
   include <abstractions/nameservice-strict>
   include <abstractions/ssl_certs>
 
-  # userns,
+  userns,
 
   capability setgid, # If kernel.unprivileged_userns_clone = 1
   capability setuid, # If kernel.unprivileged_userns_clone = 1
diff --git a/apparmor.d/groups/gnome/nautilus b/apparmor.d/groups/gnome/nautilus
index ccaf5d6f7..e4990a3e3 100644
--- a/apparmor.d/groups/gnome/nautilus
+++ b/apparmor.d/groups/gnome/nautilus
@@ -26,7 +26,7 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
   include <abstractions/nameservice-strict>
   include <abstractions/trash-strict>
 
-  # mqueue r type=posix /,
+  mqueue r type=posix /,
 
   #aa:dbus own bus=session name=org.gnome.Nautilus interface=org.gtk.{Application,Actions}
   #aa:dbus own bus=session name=org.freedesktop.FileManager1
diff --git a/apparmor.d/groups/kde/plasmashell b/apparmor.d/groups/kde/plasmashell
index 89e0dfeae..a7bde918e 100644
--- a/apparmor.d/groups/kde/plasmashell
+++ b/apparmor.d/groups/kde/plasmashell
@@ -28,7 +28,7 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) {
   include <abstractions/ssl_certs>
   include <abstractions/thumbnails-cache-read>
 
-  # userns,
+  userns,
 
   capability sys_ptrace,
 
diff --git a/apparmor.d/groups/systemd/systemd-coredump b/apparmor.d/groups/systemd/systemd-coredump
index 8c90be6f6..2e841dc51 100644
--- a/apparmor.d/groups/systemd/systemd-coredump
+++ b/apparmor.d/groups/systemd/systemd-coredump
@@ -13,7 +13,7 @@ profile systemd-coredump @{exec_path} flags=(attach_disconnected,mediate_deleted
   include <abstractions/nameservice-strict>
   include <abstractions/common/systemd>
 
-  # userns,
+  userns,
 
   capability dac_override,
   capability dac_read_search,
diff --git a/apparmor.d/groups/systemd/systemd-logind b/apparmor.d/groups/systemd/systemd-logind
index f4628c019..53dd0acf8 100644
--- a/apparmor.d/groups/systemd/systemd-logind
+++ b/apparmor.d/groups/systemd/systemd-logind
@@ -27,7 +27,7 @@ profile systemd-logind @{exec_path} flags=(attach_disconnected) {
 
   network netlink raw,
 
-  # mqueue r type=posix /,
+  mqueue r type=posix /,
 
   unix (bind) type=stream addr=@@{hex16}/bus/systemd-logind/system,
 
diff --git a/apparmor.d/groups/ubuntu/package-system-locked b/apparmor.d/groups/ubuntu/package-system-locked
index f4e040975..7398fc404 100644
--- a/apparmor.d/groups/ubuntu/package-system-locked
+++ b/apparmor.d/groups/ubuntu/package-system-locked
@@ -17,7 +17,7 @@ profile package-system-locked @{exec_path} flags=(attach_disconnected) {
   network inet dgram,
   network inet6 dgram,
 
-  # mqueue r type=posix /,
+  mqueue r type=posix /,
 
   ptrace (read),
 
diff --git a/apparmor.d/groups/virt/virtiofsd b/apparmor.d/groups/virt/virtiofsd
index 7389119b8..905e2c170 100644
--- a/apparmor.d/groups/virt/virtiofsd
+++ b/apparmor.d/groups/virt/virtiofsd
@@ -10,7 +10,7 @@ include <tunables/global>
 profile virtiofsd @{exec_path} {
   include <abstractions/base>
 
-  # userns,
+  userns,
 
   capability chown,
   capability dac_override,
diff --git a/apparmor.d/profiles-a-f/flatpak b/apparmor.d/profiles-a-f/flatpak
index 05873c4e2..b38a03537 100644
--- a/apparmor.d/profiles-a-f/flatpak
+++ b/apparmor.d/profiles-a-f/flatpak
@@ -18,7 +18,7 @@ profile flatpak @{exec_path} flags=(attach_disconnected,mediate_deleted,complain
   include <abstractions/nameservice-strict>
   include <abstractions/ssl_certs>
 
-  # userns,
+  userns,
 
   capability dac_override,
   capability dac_read_search,
diff --git a/apparmor.d/profiles-g-l/lvm b/apparmor.d/profiles-g-l/lvm
index e579d7a91..cff4ce186 100644
--- a/apparmor.d/profiles-g-l/lvm
+++ b/apparmor.d/profiles-g-l/lvm
@@ -23,7 +23,7 @@ profile lvm @{exec_path} flags=(attach_disconnected) {
 
   ptrace (read),
 
-  # mqueue r type=posix /,
+  mqueue r type=posix /,
 
   @{exec_path} rm,