diff --git a/files/apparmor/usr.bin.ceph-osd b/files/apparmor/usr.bin.ceph-osd
index 04c5865b..14084ab8 100644
--- a/files/apparmor/usr.bin.ceph-osd
+++ b/files/apparmor/usr.bin.ceph-osd
@@ -1,5 +1,4 @@
 # vim:syntax=apparmor
-# Author: Chris Holcombe <xfactor973 at gmail_com>
 #include <tunables/global>
 
 /usr/bin/ceph-osd {
@@ -18,25 +17,29 @@
   network inet6 stream,
 
   /etc/ceph/* r,
-
-  @{PROC}/@{pids}/auxv r,
-  @{PROC}/@{pids}/net/dev r,
-  @{PROC}/loadavg r,
-
-  /run/ceph/* rw,
-  /srv/ceph/** rwkl,
-  /tmp/ r,
-  /var/lib/ceph/** rwk,
-  /var/lib/ceph/osd/** l,
   /var/lib/charm/*/ceph.conf r,
+
+  owner @{PROC}/@{pids}/auxv r,
+  owner @{PROC}/@{pids}/net/dev r,
+  owner @{PROC}/@{pids}/task/*/comm rw,
+
+  @{PROC}/loadavg r,
+  @{PROC}/1/cmdline r,
+  @{PROC}/partitions r,
+  @{PROC}/sys/kernel/random/uuid r,
+
+  /var/lib/ceph/** rwkl,
+  /srv/ceph/** rwkl,
+
   /var/log/ceph/* rwk,
-  /var/run/ceph/* rwk,
-  /var/tmp/ r,
+
+  /{,var/}run/ceph/* rwk,
+  /{,var/}tmp/ r,
 
   /dev/ r,
   /dev/** rw,
   /sys/devices/** r,
-  /proc/partitions r,
+
   /run/blkid/blkid.tab r,
 
   /bin/dash rix,