--- a/profiles/apparmor.d/sbin.syslog-ng.old	2008-11-05 15:53:00.000000000 +0100
+++ b/profiles/apparmor.d/sbin.syslog-ng	2010-11-05 09:11:23.186489224 +0100
@@ -19,12 +19,14 @@
   #include <abstractions/base>
   #include <abstractions/consoles>
   #include <abstractions/nameservice>
+  #include <abstractions/mysql>
 
   capability chown,
   capability dac_override,
   capability fsetid,
   capability fowner,
   capability sys_tty_config,
+  capability sys_resource,
 
   /dev/log w,
   /dev/syslog w,
@@ -35,11 +37,14 @@
   /etc/hosts.deny r,
   /etc/hosts.allow r,
   /sbin/syslog-ng mr,
+  /usr/share/syslog-ng/** r,
   # chrooted applications
   @{CHROOT_BASE}/var/lib/*/dev/log w,
-  @{CHROOT_BASE}/var/lib/syslog-ng/syslog-ng.persist rw,
+  @{CHROOT_BASE}/var/lib/syslog-ng/syslog-ng.persist* rw,
   @{CHROOT_BASE}/var/log/** w,
   @{CHROOT_BASE}/var/run/syslog-ng.pid krw,
+  @{CHROOT_BASE}/var/run/syslog-ng.ctl rw,
+  /var/run/syslog-ng/additional-log-sockets.conf r,
 
 }