[PATCH 4/4] qemu_passt: Don't let passt fork off

[Michal Privoznik <mprivozn@redhat.com>]

When passt starts it tries to do some security measures to
restrict itself. For instance, it creates its own namespaces,
umounts basically everything, drops capabilities, forks off to
further restrict itself (the child is where all interesting work
takes place now). This is sound, except it's causing two
problems:

1) the PID file FD, which we leak into the passt process, gets
   closed (and thus our virPidFile*() helpers see unlocked PID
   file, which makes them think the process is gone),

2) the PID file no longer reflects true PID of the process.

Worse, the child calls setsid() so we can't even kill the whole
process group. I mean, we can but it won't be any good.

Fortunately, passt has '--foreground' argument, which causes it
to undergo the same security measures but without forking off the
child. This in turn means, that the PID file FD won't get closed
and the PID file itself contains the correct PID.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_passt.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c
index 78830fdc26..441cfe87e8 100644
--- a/src/qemu/qemu_passt.c
+++ b/src/qemu/qemu_passt.c
@@ -159,6 +159,7 @@ qemuPasstStart(virDomainObj *vm,
     virCommandDaemonize(cmd);
 
     virCommandAddArgList(cmd,
+                         "--foreground",
                          "--one-off",
                          "--socket", passtSocketName,
                          "--mac-addr", virMacAddrFormat(&net->mac, macaddr),
-- 
@@ -159,6 +159,7 @@ qemuPasstStart(virDomainObj *vm,
     virCommandDaemonize(cmd);
 
     virCommandAddArgList(cmd,
+                         "--foreground",
                          "--one-off",
                          "--socket", passtSocketName,
                          "--mac-addr", virMacAddrFormat(&net->mac, macaddr),
-- 
2.39.1