diff --git a/apparmor.d/groups/systemd/systemd-networkd b/apparmor.d/groups/systemd/systemd-networkd
index 619ca9dbb..20b396a72 100644
--- a/apparmor.d/groups/systemd/systemd-networkd
+++ b/apparmor.d/groups/systemd/systemd-networkd
@@ -14,10 +14,12 @@ profile systemd-networkd @{exec_path} flags=(attach_disconnected) {
   include <abstractions/bus/org.freedesktop.hostname1>
   include <abstractions/common/systemd>
 
+  capability bpf,
   capability net_admin,
   capability net_bind_service,
   capability net_broadcast,
   capability net_raw,
+  capability sys_admin,
 
   network inet dgram,
   network inet6 dgram,
@@ -61,12 +63,14 @@ profile systemd-networkd @{exec_path} flags=(attach_disconnected) {
 
   @{run}/udev/data/n@{int} r,
 
+  @{sys}/devices/@{pci}/ r,
   @{sys}/devices/@{pci}/rfkill@{int}/* r,
   @{sys}/devices/**/net/** r,
-  @{sys}/devices/@{pci}/ r,
   @{sys}/devices/virtual/dmi/id/{sys,board,bios}_vendor r,
   @{sys}/devices/virtual/dmi/id/product_name r,
   @{sys}/devices/virtual/dmi/id/product_version r,
+  @{sys}/fs/cgroup/ r,
+  @{sys}/kernel/btf/vmlinux r,
 
         @{PROC}/@{pid}/cgroup r,
         @{PROC}/pressure/* r,