@troubadour - yes, here:
user@host:/etc/apparmor.d/local$ cat /etc/apparmor.d/local/system_tor.anondist
## Copyright (C) 2012 - 2018 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
## See the file COPYING for copying conditions.
## Begin Tor Local AppArmor Profile for Anonymity Distributions
## Workaround for: config-package-dev clashes with AppArmor profiles
## https://github.com/Whonix/Whonix/issues/66
## A profile /etc/apparmor.d/anondist could not cover the system_tor
## profile, since that is enforced by the Tor systemd unit file.
## https://github.com/Whonix/Whonix/issues/67
## Anonymity Distributions
/etc/hosts.anondist r,
/etc/resolv.conf.anondist r,
/run/tor r,
/run/tor/log rwk,
## Add permissions for obfsproxy and flashproxy.
## AUDIT:
## These profile rules may be too permissive. Needs audit and someone dedicated
## to work on AppArmor profiles. It's not a serious security issue in any case,
## because AppArmor isn't enabled by default in Debian stretch yet and little
## work is being done on it at time of writing. So it's a lax AppArmor profile
## versus no AppArmor at all.
## anon-connection-wizard
/etc/ r,
/etc/torrc.d/ rw,
/etc/torrc.d/* rw,
/usr/local/etc/torrc.d/ rw,
/usr/local/etc/torrc.d/* rw,
## obfsproxy
/usr/local/lib/python*/** r,
/var/log/tor/log rw,
/dev/urandom r,
/dev/random r,
/usr/** r,
/etc/python*/sitecustomize.py r,
## https://forums.whonix.org/t/after-last-apt-get-upgrade-gateway-doesnt-connect-to-tor-anymore
#/usr/bin/obfsproxy rix,
## flashproxy
@{HOME}/.tb/tor-browser/App/flashproxy-client rix,
@{HOME}/.tb/tor-browser/App/flashproxy-reg-appspot rix,
@{HOME}/.tb/tor-browser/App/flashproxy-reg-url rix,
@{HOME}/.tb/tor-browser/App/flashproxy-reg-http rix,
@{HOME}/.tb/tor-browser/App/flashproxy-reg-email rix,
@{HOME}/.tb/tor-browser/App/** rm,
/usr/bin/python* rix,
/usr/lib/python*/dist-packages/** m,
/usr/lib/python*/lib-dynload/** m,
/usr/lib/pyshared/python*/OpenSSL/** m,
/usr/lib/python*/lib-dynload/** m,
/usr/lib/pyshared/python*/numpy/** m,
/proc/*/mounts r,
## End Tor Local AppArmor Profile for Anonymity Distributions