From 48a601fe5de8aa0d89ba6dadde168769fa7ce992 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 21 Feb 2017 17:57:55 +0100
Subject: log: never log into foreign fd #2 in PID 1 or its pre-execve()
 children

Fixes: #5401
---
 src/core/main.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'src/core')

diff --git a/src/core/main.c b/src/core/main.c
index 3c6b18229c..bcf9ea5f25 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1414,10 +1414,17 @@ int main(int argc, char *argv[]) {
 
         log_set_upgrade_syslog_to_journal(true);
 
-        /* Disable the umask logic */
-        if (getpid() == 1)
+        if (getpid() == 1) {
+                /* Disable the umask logic */
                 umask(0);
 
+                /* Always reopen /dev/console when running as PID 1 or one of its pre-execve() children. This is
+                 * important so that we never end up logging to any foreign stderr, for example if we have to log in a
+                 * child process right before execve()'ing the actual binary, at a point in time where socket
+                 * activation stderr/stdout area already set up. */
+                log_set_always_reopen_console(true);
+        }
+
         if (getpid() == 1 && detect_container() <= 0) {
 
                 /* Running outside of a container as PID 1 */
-- 
cgit v1.2.3-54-g00ecf