diff --git a/apparmor/common/function-malicious-override.c b/apparmor/common/function-malicious-override.c
index 40765d9f9bd65dbd41ae7db79ace8366068c555d..c2bd400be3e36af81b68b82b38aa1630af873da2 100644
--- a/apparmor/common/function-malicious-override.c
+++ b/apparmor/common/function-malicious-override.c
@@ -11,17 +11,29 @@
 
 #include <glib.h>
 
+#define CHAIWALA_USER "user"
+
 void
 do_malicious_stuff (void)
 {
     char* filename;
     char* contents;
     GError* error = NULL;
+    const gchar *home_dir = NULL;
 
     /* We'll try to load the contents of the user's bash history.
      * Do not use g_get_home_dir() here as it could read from /etc/passwd,
-     * which could mean we require more AppArmor rules just for this test. */
-    filename = g_strdup_printf ("%s/.bash_history", g_getenv ("HOME"));
+     * which could mean we require more AppArmor rules just for this test.
+     *
+     * If this service is being run as a systemd system service (by
+     * run-test-in-systemd --system), $HOME will not be available, so use a
+     * hard-coded home directory. */
+    home_dir = g_getenv ("HOME");
+    if (home_dir != NULL)
+        filename = g_build_filename (home_dir, ".bash_history", NULL);
+    else
+        filename = g_build_filename ("/home", CHAIWALA_USER, ".bash_history", NULL);
+
     g_file_get_contents (filename, &contents, NULL, &error);
 
     if (g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_ACCES)) {