generator: check $SYSTEMD_SCOPE rather than cgroup membership

This is more explicit and ensures that even in testing environments we operate the same way. As side effect it also avoids the mess around SELinux blocking access to cgroupfs. Fixes: #35723
2026-04-14 08:25:20 +09:00 · 2025-06-06 08:59:31 +02:00
parent d65dc4c593
commit da12ce285b
1 changed files with 2 additions and 2 deletions
--- a/src/shared/generator.c
+++ b/src/shared/generator.c
@@ -1054,10 +1054,10 @@ int generator_write_veritysetup_service_section(
 void log_setup_generator(void) {
        if (invoked_by_systemd()) {
                /* Disable talking to syslog/journal (i.e. the two IPC-based loggers) if we run in system context. */
-                if (cg_pid_get_owner_uid(0, NULL) == -ENXIO /* not running in a per-user slice */)
+                if (streq_ptr(getenv("SYSTEMD_SCOPE"), "system"))
                        log_set_prohibit_ipc(true);

-                /* This effectively means: journal for per-user generators, kmsg otherwise */
+                /* This effectively means: journal for per-user service manager generators, kmsg for per-system service manager generators */
                log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
        } else
                log_set_target(LOG_TARGET_AUTO);