executor: apply LogLevelMax earlier

bluca · yuwata · commit cc9f4cad8cd7 · 2023-12-04T11:45:22.000+09:00
SELinux logs before we have a chance to apply it, move it up as it breaks TEST-04-JOURNAL: [ 408.578624] testsuite-04.sh[11463]: ++ journalctl -b -q -u silent-success.service [ 408.578743] testsuite-04.sh[11098]: + [[ -z Dec 03 13:38:41 H systemd-executor[11459]: SELinux enabled state cached to: disabled ]] Follow-up for: bb5232b
diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c
@@ -3976,6 +3976,9 @@ int exec_invoke(
         assert(params);
         assert(exit_status);
 
+        if (context->log_level_max >= 0)
+                log_set_max_level(context->log_level_max);
+
         /* Explicitly test for CVE-2021-4034 inspired invocations */
         if (!command->path || strv_isempty(command->argv)) {
                 *exit_status = EXIT_EXEC;
@@ -4038,8 +4041,6 @@ int exec_invoke(
         log_forget_fds();
         log_set_open_when_needed(true);
         log_settle_target();
-        if (context->log_level_max >= 0)
-                log_set_max_level(context->log_level_max);
 
         /* In case anything used libc syslog(), close this here, too */
         closelog();
