OK, I updated the obfsproxy apparmor profile so it works for both standalone and managed obfs3. Needed to add a line to /etc/apparmor.d/local/system_tor too. Profiles below and included in the attachment along with an init.d definition.

/etc/apparmor.d/usr.bin.obfsproxy ------------------- #include <tunables/global>

# vim:syntax=apparmor

/usr/bin/obfsproxy { #include <abstractions/base> #include <abstractions/python>

network inet stream,

/dev/random r, /dev/urandom r, /etc/nsswitch.conf r, /etc/passwd r, /usr/** r, /usr/bin/obfsproxy rix, /var/log/tor/obfsproxy rw, signal (receive) set=("term") peer=system_tor,

} -------------------

/etc/apparmor.d/local/system_tor ------------------- # Site-specific additions and overrides for system_tor. # For more details, please see /etc/apparmor.d/local/README.

signal (send) set=("term") peer=/usr/bin/obfsproxy, -------------------