diff --git a/CMakeLists.txt b/CMakeLists.txt
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -352,6 +352,8 @@
 
 install(FILES akonadi.categories akonadi.renamecategories  DESTINATION  ${KDE_INSTALL_LOGGINGCATEGORIESDIR})
 
+install(FILES apparmor/usr.bin.akonadiserver apparmor/mysqld_akonadi DESTINATION "/etc/apparmor.d")
+
 install(FILES
     ${CMAKE_CURRENT_BINARY_DIR}/akonadi_version.h
     DESTINATION ${KDE_INSTALL_INCLUDEDIR_KF5} COMPONENT Devel
diff --git a/apparmor/mysqld_akonadi b/apparmor/mysqld_akonadi
new file mode 100644
--- /dev/null
+++ b/apparmor/mysqld_akonadi
@@ -0,0 +1,25 @@
+# Last Modified: Thu Sep 12 15:23:46 2019
+#include <tunables/global>
+
+profile mysqld_akonadi {
+  #include <abstractions/base>
+  #include <abstractions/nameservice>
+  #include <abstractions/user-tmp>
+
+  capability setgid,
+  capability setuid,
+
+  /etc/mysql/ r,
+  /etc/mysql/** r,
+  /sys/devices/system/cpu/ r,
+  /usr/bin/mysql_install_db mrix,
+  /usr/bin/mysqladmin mrix,
+  /usr/bin/mysqlcheck mrix,
+  /usr/sbin/mysqld mrix,
+  /usr/share/mysql/** r,
+  owner ${HOME}*/.local/share/akonadi/** rwk,
+  owner ${PROC}*/loginuid r,
+
+  # Site-specific additions and overrides. See local/README for details.
+  #include <local/mysqld_akonadi>
+}
diff --git a/apparmor/usr.bin.akonadiserver b/apparmor/usr.bin.akonadiserver
new file mode 100644
--- /dev/null
+++ b/apparmor/usr.bin.akonadiserver
@@ -0,0 +1,39 @@
+# Last Modified: Thu Sep 12 15:23:46 2019
+#include <tunables/global>
+
+/usr/bin/akonadiserver flags=(complain) {
+  #include <abstractions/base>
+  #include <abstractions/bash>
+  #include <abstractions/dbus-session-strict>
+  #include <abstractions/evince>
+  #include <abstractions/nameservice>
+  #include <abstractions/tor>
+  #include <abstractions/user-tmp>
+
+  /etc/mysql/* r,
+  /etc/mysql/** r,
+  ${PROC}sys/kernel/core_pattern r,
+  ${PROC}sys/kernel/random/boot_id r,
+  /usr/bin/akonadiserver mr,
+  /usr/bin/mysql_install_db Px -> mysqld_akonadi,
+  /usr/bin/mysql_install_db r,
+  /usr/bin/mysqladmin Px -> mysqld_akonadi,
+  /usr/bin/mysqladmin r,
+  /usr/bin/mysqlcheck Px -> mysqld_akonadi,
+  /usr/bin/mysqlcheck r,
+  /usr/sbin/mysqld Px -> mysqld_akonadi,
+  /usr/sbin/mysqld r,
+  owner ${HOME}*/.config/* r,
+  owner ${HOME}*/.config/QtProject/qtlogging.ini r,
+  owner ${HOME}*/.config/akonadi/ rw,
+  owner ${HOME}*/.config/akonadi/* rwl,
+  owner ${HOME}*/.config/akonadi/akonadiconnectionrc wl,
+  owner ${HOME}*/.config/akonadi/akonadiconnectionrc.lock rwk,
+  owner ${HOME}*/.config/akonadi/akonadiserverrc.lock rwk,
+  owner ${HOME}*/.local/share/akonadi/* rwlk,
+  owner ${HOME}*/.local/share/akonadi/** rwk,
+  owner ${PROC}/loginuid r,
+
+  # Site-specific additions and overrides. See local/README for details.
+  #include <local/usr.bin.akonadiserver>
+}