From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 29 May 2024 08:21:10 +0000 (+0200)
Subject: Run systemd-journal-remote as correct user if scope is not available
X-Git-Tag: v23.1~41^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F2728%2Fhead;p=thirdparty%2Fmkosi.git

Run systemd-journal-remote as correct user if scope is not available
---

diff --git a/mkosi/qemu.py b/mkosi/qemu.py
index 95130e3a0..62a5ff549 100644
--- a/mkosi/qemu.py
+++ b/mkosi/qemu.py
@@ -466,6 +466,15 @@ def start_journal_remote(config: Config, sockfd: int) -> Iterator[None]:
 
         f.flush()
 
+        user = config.forward_journal.parent.stat().st_uid if INVOKING_USER.invoked_as_root else None
+        group = config.forward_journal.parent.stat().st_gid if INVOKING_USER.invoked_as_root else None
+        scope = scope_cmd(
+            name=f"mkosi-journal-remote-{config.machine_or_name()}",
+            description=f"mkosi systemd-journal-remote for {config.machine_or_name()}",
+            user=user,
+            group=group,
+        )
+
         with spawn(
             [
                 bin,
@@ -480,12 +489,9 @@ def start_journal_remote(config: Config, sockfd: int) -> Iterator[None]:
                     Mount(f.name, "/etc/systemd/journal-remote.conf"),
                 ],
             ),
-            scope=scope_cmd(
-                name=f"mkosi-journal-remote-{config.machine_or_name()}",
-                description=f"mkosi systemd-journal-remote for {config.machine_or_name()}",
-                user=config.forward_journal.parent.stat().st_uid if INVOKING_USER.invoked_as_root else None,
-                group=config.forward_journal.parent.stat().st_gid if INVOKING_USER.invoked_as_root else None,
-            ),
+            user=user if not scope else None,
+            group=group if not scope else None,
+            scope=scope,
             env=scope_env(),
             foreground=False,
         ) as (proc, innerpid):