Directly verify apparmor blocking of the Tor Browser.
... by looking in the audit log. This way we actually know that apparmor denied the operation, and so we don't get false positives of some classes of errors (e.g. the file simply has wrong permission or similar). Since we migrated to a browser based on Firefox esr38 we no longer get any graphical feedback for the apparmor blocking, which is the actual reason for implementing this.