Comment 10 for bug 1648143

My /etc/apparmor.d/system_tor:

# Last Modified: Sun Jan 1 21:47:33 2017
#include <tunables/global>

# vim:syntax=apparmor

profile system_tor flags=(attach_disconnected) {
  #include <abstractions/tor>

  /run/systemd/journal/stdout rw,
  /usr/bin/tor mr,
  owner /var/lib/tor/ r,
  owner /var/lib/tor/** wk,
  /var/lib/tor/** r,
  owner /var/log/tor/* w,
  /{,var/}run/systemd/notify w,
  /{,var/}run/tor/ r,
  /{,var/}run/tor/control w,
  /{,var/}run/tor/control.authcookie w,
  /{,var/}run/tor/control.authcookie.tmp rw,
  /{,var/}run/tor/socks w,
  /{,var/}run/tor/tor.pid w,

}