From e68778a3ac30932a5fa86d08605b423d711ddb7c Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 8 Jun 2021 19:43:47 +0200
Subject: [PATCH] journald: when journald namespace instances log, they can do
 so safely to the main journald instance

Fixes: #18951
---
 src/journal/journald.c             | 25 ++++++++++++++++---------
 units/systemd-journald@.service.in |  1 -
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/src/journal/journald.c b/src/journal/journald.c
index cfbaf366a9..536717ce0a 100644
--- a/src/journal/journald.c
+++ b/src/journal/journald.c
@@ -26,16 +26,23 @@ int main(int argc, char *argv[]) {
 
         namespace = argc > 1 ? empty_to_null(argv[1]) : NULL;
 
-        /* So here's the deal: journald can't be considered as regular daemon when it comes to
-         * logging hence LOG_TARGET_AUTO won't do the right thing for it. Hence explicitly log to
-         * the console if we're started from a console or to kmsg otherwise. */
-        log_target = isatty(STDERR_FILENO) > 0 ? LOG_TARGET_CONSOLE : LOG_TARGET_KMSG;
-
-        log_set_prohibit_ipc(true); /* better safe than sorry */
-        log_set_target(log_target);
         log_set_facility(LOG_SYSLOG);
-        log_parse_environment();
-        log_open();
+
+        if (namespace)
+                /* If we run for a log namespace, then we ourselves can log to the main journald. */
+                log_setup();
+        else {
+                /* So here's the deal if we run as the main journald: we can't be considered as regular
+                 * daemon when it comes to logging hence LOG_TARGET_AUTO won't do the right thing for
+                 * us. Hence explicitly log to the console if we're started from a console or to kmsg
+                 * otherwise. */
+                log_target = isatty(STDERR_FILENO) > 0 ? LOG_TARGET_CONSOLE : LOG_TARGET_KMSG;
+
+                log_set_prohibit_ipc(true); /* better safe than sorry */
+                log_set_target(log_target);
+                log_parse_environment();
+                log_open();
+        }
 
         umask(0022);
 
diff --git a/units/systemd-journald@.service.in b/units/systemd-journald@.service.in
index 2863691c2d..35c998285f 100644
--- a/units/systemd-journald@.service.in
+++ b/units/systemd-journald@.service.in
@@ -32,7 +32,6 @@ RestrictSUIDSGID=yes
 RuntimeDirectory=systemd/journal.%i
 RuntimeDirectoryPreserve=yes
 Sockets=systemd-journald@%i.socket
-StandardOutput=null
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service