Hello,

I have a simple C program that uses libguestfs to extract info about disk usage from a libvirt domain. It works when ran manually as root, but fails when started as a systemd service.

I'm attaching the service file, source code and verbose logs from both the successful manual run and from the service journal.

SELinix is disabled.

Error messages:

libguestfs: set_socket_create_context: getcon failed: (none): Invalid argument [you can ignore this message if you are not using SELinux + sVirt]

libguestfs: clear_socket_create_context: setsockcreatecon failed: NULL: Invalid argument [you can ignore this message if you are not using SELinux + sVirt]

libguestfs: error: chown: /tmp/libguestfsvMMaec/guestfsd.sock: Operation not permitted

libguestfs: clear_socket_create_context: setsockcreatecon failed: NULL: Invalid argument [you can ignore this message if you are not using SELinux + sVirt]

libguestfs: trace: launch = -1 (error)

failed to launch domain: Invalid argument

(Note on the service file: CapabilityBoundingSet is for future development - it seems to make no difference)

Best Regards,
Peter