apparmor: add debug traces when changing profile.

author Cédric Bosdonnat <cbosdonnat@suse.com>

Mon, 3 Mar 2014 10:26:44 +0000 (11:26 +0100)

committer Daniel P. Berrange <berrange@redhat.com>

Tue, 4 Mar 2014 11:07:05 +0000 (11:07 +0000)
author Cédric Bosdonnat <cbosdonnat@suse.com>
Mon, 3 Mar 2014 10:26:44 +0000 (11:26 +0100)
committer Daniel P. Berrange <berrange@redhat.com>
Tue, 4 Mar 2014 11:07:05 +0000 (11:07 +0000)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c

index 14dc70793bd434278303bb930dd8ade7815d2414..1c1b128201621d60c8c0c8ce92afb0cd6a83a2c2 100644 (file)
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -593,6 +593,7 @@ AppArmorSetSecurityProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
              goto cleanup;
      }
  
+    VIR_DEBUG("Changing AppArmor profile to %s", profile_name);
      if (aa_change_profile(profile_name) < 0) {
          virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                         _("error calling aa_change_profile()"));
@@ -618,6 +619,7 @@ AppArmorSetSecurityChildProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
  {
      int rc = -1;
      char *profile_name = NULL;
+    char *cmd_str = NULL;
      virSecurityLabelDefPtr secdef =
          virDomainDefGetSecurityLabelDef(def, SECURITY_APPARMOR_NAME);
  
@@ -637,11 +639,14 @@ AppArmorSetSecurityChildProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
      if ((profile_name = get_profile_name(def)) == NULL)
          goto cleanup;
  
+    cmd_str = virCommandToString(cmd);
+    VIR_DEBUG("Changing AppArmor profile to %s on %s", profile_name, cmd_str);
      virCommandSetAppArmorProfile(cmd, profile_name);
      rc = 0;
  
    cleanup:
      VIR_FREE(profile_name);
+    VIR_FREE(cmd_str);
      return rc;
  }
author	Cédric Bosdonnat <cbosdonnat@suse.com>
	Mon, 3 Mar 2014 10:26:44 +0000 (11:26 +0100)
committer	Daniel P. Berrange <berrange@redhat.com>
	Tue, 4 Mar 2014 11:07:05 +0000 (11:07 +0000)