OK, I updated the obfsproxy apparmor profile so it works for both standalone and managed obfs3. Needed to add a line to /etc/apparmor.d/local/system_tor too. Profiles below and included in the attachment along with an init.d definition. /etc/apparmor.d/usr.bin.obfsproxy ------------------- #include <tunables/global> # vim:syntax=apparmor /usr/bin/obfsproxy { #include <abstractions/base> #include <abstractions/python> network inet stream, /dev/random r, /dev/urandom r, /etc/nsswitch.conf r, /etc/passwd r, /usr/** r, /usr/bin/obfsproxy rix, /var/log/tor/obfsproxy rw, signal (receive) set=("term") peer=system_tor, } ------------------- /etc/apparmor.d/local/system_tor ------------------- # Site-specific additions and overrides for system_tor. # For more details, please see /etc/apparmor.d/local/README. signal (send) set=("term") peer=/usr/bin/obfsproxy, -------------------