diff --git a/apparmor.d/nix-electron b/apparmor.d/nix-electron
new file mode 100644
index 0000000..222614e
--- /dev/null
+++ b/apparmor.d/nix-electron
@@ -0,0 +1,12 @@
+# this AppArmor profile needs to be added to /etc/apparmor.d/ and be owned by
+# root in order to allow SUID sandbox helper to run, otherwise electron apps
+# installed with nix cannot be started
+# see: https://github.com/NixOS/nixpkgs/issues/121694
+# see: https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-notes/39890#p-99950-unprivileged-user-namespace-restrictions
+abi <abi/4.0>,
+
+include <tunables/global>
+
+profile nix-electron /nix/store/*-electron-*/**/* flags=(default_allow) {
+  userns,
+}
diff --git a/nix/home-manager/home.nix b/nix/home-manager/home.nix
index 5ffff07..398b3d1 100644
--- a/nix/home-manager/home.nix
+++ b/nix/home-manager/home.nix
@@ -118,6 +118,13 @@ in
     # media
     (nixGuiWrap { pkg = pkgs.spotify; })
     (nixGuiWrap { pkg = pkgs.vlc; })
+    # the AppArmor profile ./apparmor.d/nix-electron needs to be added to
+    # /etc/apparmor.d/ and be owned by root in order to allow SUID sandbox
+    # helper to run, otherwise electron apps installed with nix cannot be
+    # started
+    # see: https://github.com/NixOS/nixpkgs/issues/121694
+    # see: https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-notes/39890#p-99950-unprivileged-user-namespace-restrictions
+    (nixGuiWrap { pkg = pkgs.freetube; })
 
     # messaging
     pkgs.weechat