Run systemd-journal-remote as correct user if scope is not available

diff --git a/mkosi/qemu.py b/mkosi/qemu.py
index 95130e3a0d6daf164b31852cbed381ec0f71e916..62a5ff549fbbe26458c931fa9b5861730e997a76 100644 (file)
--- a/mkosi/qemu.py
+++ b/mkosi/qemu.py
@@ -466,6 +466,15 @@ def start_journal_remote(config: Config, sockfd: int) -> Iterator[None]:
 
         f.flush()
 
+        user = config.forward_journal.parent.stat().st_uid if INVOKING_USER.invoked_as_root else None
+        group = config.forward_journal.parent.stat().st_gid if INVOKING_USER.invoked_as_root else None
+        scope = scope_cmd(
+            name=f"mkosi-journal-remote-{config.machine_or_name()}",
+            description=f"mkosi systemd-journal-remote for {config.machine_or_name()}",
+            user=user,
+            group=group,
+        )
+
         with spawn(
             [
                 bin,
@@ -480,12 +489,9 @@ def start_journal_remote(config: Config, sockfd: int) -> Iterator[None]:
                     Mount(f.name, "/etc/systemd/journal-remote.conf"),
                 ],
             ),
-            scope=scope_cmd(
-                name=f"mkosi-journal-remote-{config.machine_or_name()}",
-                description=f"mkosi systemd-journal-remote for {config.machine_or_name()}",
-                user=config.forward_journal.parent.stat().st_uid if INVOKING_USER.invoked_as_root else None,
-                group=config.forward_journal.parent.stat().st_gid if INVOKING_USER.invoked_as_root else None,
-            ),
+            user=user if not scope else None,
+            group=group if not scope else None,
+            scope=scope,
             env=scope_env(),
             foreground=False,
         ) as (proc, innerpid):