16 Sep
2024
16 Sep
'24
5:32 p.m.
On Mon, Sep 16, 2024 at 04:15:58PM GMT, Daniel P. Berrangé wrote:
A difference is that this Probe check will presumably report the error during daemon startup, while the virt-aa-helper check will delay the report until a VM is started. A failure to start the daemon is arguably more likely to be noticed & fixed at time of host deployment.
The problem is that you won't get a daemon startup failure: libvirtd will happily come up, just with AppArmor containment disabled. QEMU domains will also start up just fine, except they'll be uncontained. -- Andrea Bolognani / Red Hat / Virtualization