executor: apply LogLevelMax earlier

SELinux logs before we have a chance to apply it, move it up as it
breaks TEST-04-JOURNAL:

[  408.578624] testsuite-04.sh[11463]: ++ journalctl -b -q -u silent-success.service
[  408.578743] testsuite-04.sh[11098]: + [[ -z Dec 03 13:38:41 H systemd-executor[11459]: SELinux enabled state cached to: disabled ]]

Follow-up for: bb5232b6a3b8a

diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c
index a3e8b8297c053991ed62a948abf70b4f49950844..74c910fc1239dedc9994caa2beef94194e7232d6 100644 (file)
--- a/src/core/exec-invoke.c
+++ b/src/core/exec-invoke.c
@@ -3976,6 +3976,9 @@ int exec_invoke(
         assert(params);
         assert(exit_status);
 
+        if (context->log_level_max >= 0)
+                log_set_max_level(context->log_level_max);
+
         /* Explicitly test for CVE-2021-4034 inspired invocations */
         if (!command->path || strv_isempty(command->argv)) {
                 *exit_status = EXIT_EXEC;
@@ -4038,8 +4041,6 @@ int exec_invoke(
         log_forget_fds();
         log_set_open_when_needed(true);
         log_settle_target();
-        if (context->log_level_max >= 0)
-                log_set_max_level(context->log_level_max);
 
         /* In case anything used libc syslog(), close this here, too */
         closelog();