From 260a413d76d67aeb7c20108ac1f40e677f26811d Mon Sep 17 00:00:00 2001
From: Christian Seiler <christian@iwakd.de>
Date: Tue, 13 Jan 2015 11:53:25 +0100
Subject: [PATCH] journal: Fix syslog forwarding without CAP_SYS_ADMIN

In case CAP_SYS_ADMIN is missing (like in containers), one cannot fake pid in
struct ucred (uid/gid are fine if CAP_SETUID/CAP_SETGID are present).

Ensure that journald will try again to forward the messages to syslog without
faking the SCM_CREDENTIALS pid (which isn't guaranteed to succeed anyway, since
it also does the same thing if the process has already exited).

With this patch, journald will no longer silently discard messages
that are supposed to be sent to syslog in these situations.

https://bugs.debian.org/775067
(cherry picked from commit ccf23ad5faf228d450d263d7291156a948b61af2)
---
 src/journal/journald-syslog.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index 79c07fffa1..7ca0147a82 100644
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -85,12 +85,12 @@ static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned
                 return;
         }
 
-        if (ucred && errno == ESRCH) {
+        if (ucred && (errno == ESRCH || errno == EPERM)) {
                 struct ucred u;
 
                 /* Hmm, presumably the sender process vanished
-                 * by now, so let's fix it as good as we
-                 * can, and retry */
+                 * by now, or we don't have CAP_SYS_AMDIN, so
+                 * let's fix it as good as we can, and retry */
 
                 u = *ucred;
                 u.pid = getpid();