From b194c3d9c70c1d3b0a53b7fa792bf5b01504ddd9 Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Mon, 19 Aug 2019 09:05:58 +0200 Subject: [PATCH] virt-aa-helper: Call virCommandRawStatus() MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The way we're processing the return status, using WIFEXITED() and friends, only works when we have the raw return status; however, virCommand defaults to processing the return status for us. Call virCommandRawStatus() before virCommandRun() so that we get the raw return status and the logic can actually work. This results in guest startup failures caused by AppArmor issues being reported much earlier: for example, if virt-aa-helper exits with an error we're now reporting error: internal error: cannot load AppArmor profile 'libvirt-b20e9a8e-091a-45e0-8823-537119e98bc6' instead of the misleading error: internal error: Process exited prior to exec: libvirt: error : unable to set AppArmor profile 'libvirt-b20e9a8e-091a-45e0-8823-537119e98bc6' for '/usr/bin/qemu-system-x86_64': No such file or directory Suggested-by: Ján Tomko Signed-off-by: Andrea Bolognani Reviewed-by: Ján Tomko --- src/security/virt-aa-helper.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index c5080f698a..60c9b75980 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -172,6 +172,7 @@ parserCommand(const char *profile_name, const char cmd) }; VIR_AUTOPTR(virCommand) command = virCommandNewArgs(argv); + virCommandRawStatus(command); if ((ret = virCommandRun(command, &status)) != 0 || (WIFEXITED(status) && WEXITSTATUS(status) != 0)) { if (ret != 0) { -- 2.11.4.GIT