--- a/profiles/apparmor.d/usr.sbin.dnsmasq
+++ b/profiles/apparmor.d/usr.sbin.dnsmasq
@@ -18,6 +18,7 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq
   include <abstractions/base>
   include <abstractions/dbus>
   include <abstractions/nameservice>
+  include <abstractions/user-tmp>
 
   capability chown,
   capability net_bind_service,
@@ -38,6 +39,8 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq
 
   @{PROC}/@{pid}/fd/ r,
 
+  /tmp/** r,
+
   /etc/dnsmasq.conf r,
   /etc/dnsmasq.d/ r,
   /etc/dnsmasq.d/* r,