diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 9fb8506da1a1e8bd447543243c83fb71d16d8ae5..26897d3421fa9d1e42965aa7d5d81aeba79d68ee 100644
--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -468,7 +468,7 @@ qemudStartup(int privileged) {
             goto out_of_memory;
 
         if (virAsprintf(&qemu_driver->stateDir,
-                      "%s/run/libvirt/qemu/", LOCAL_STATE_DIR) == -1)
+                      "%s/run/libvirt/qemu", LOCAL_STATE_DIR) == -1)
             goto out_of_memory;
     } else {
         uid_t uid = geteuid();
diff --git a/src/util.c b/src/util.c
index ee64b28f7f0cdad90b5d9835ef78c634c370b5eb..39aae24f79b4529f200b04a2e7f975c4f73da09a 100644
--- a/src/util.c
+++ b/src/util.c
@@ -513,12 +513,6 @@ __virExec(virConnectPtr conn,
         if ((hook)(data) != 0)
             _exit(1);
 
-    /* The hook above may need todo something privileged, so
-     * we delay clearing capabilities until now */
-    if ((flags & VIR_EXEC_CLEAR_CAPS) &&
-        virClearCapabilities() < 0)
-        _exit(1);
-
     /* Daemonize as late as possible, so the parent process can detect
      * the above errors with wait* */
     if (flags & VIR_EXEC_DAEMON) {
@@ -543,6 +537,9 @@ __virExec(virConnectPtr conn,
 
         if (pid > 0) {
             if (pidfile && virFileWritePidPath(pidfile,pid)) {
+                kill(pid, SIGTERM);
+                usleep(500*1000);
+                kill(pid, SIGTERM);
                 virReportSystemError(conn, errno,
                                      "%s", _("could not write pidfile"));
                 _exit(1);
@@ -551,6 +548,12 @@ __virExec(virConnectPtr conn,
         }
     }
 
+    /* The steps above may need todo something privileged, so
+     * we delay clearing capabilities until the last minute */
+    if ((flags & VIR_EXEC_CLEAR_CAPS) &&
+        virClearCapabilities() < 0)
+        _exit(1);
+
     if (envp)
         execve(argv[0], (char **) argv, (char**)envp);
     else