journalctl: honor --quiet with --setup-keys

Closes #35504. (cherry picked from commit a5b2973850e5952b9dffdfa3f6a0ef486957cb17) (cherry picked from commit 644f2a02c8befba986ebbc5d58767807fb2999ee)
2025-01-18 10:04:04 +03:00 · 2024-12-10 09:40:43 +09:00 · 2024-12-10 09:40:43 +09:00 · c03e3169dd
commit c03e3169dd
parent 8b4765fbc1
2 changed files with 12 additions and 7 deletions
--- a/src/journal/journalctl-authenticate.c
+++ b/src/journal/journalctl-authenticate.c
@ -96,17 +96,20 @@ int action_setup_keys(void) {
        state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
        state = alloca_safe(state_size);

-        log_info("Generating seed...");
+        if (!arg_quiet)
+                log_info("Generating seed...");
        r = crypto_random_bytes(seed, seed_size);
        if (r < 0)
                return log_error_errno(r, "Failed to acquire random seed: %m");

-        log_info("Generating key pair...");
+        if (!arg_quiet)
+                log_info("Generating key pair...");
        r = FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
        if (r < 0)
                return log_error_errno(r, "Failed to generate key pair: %m");

-        log_info("Generating sealing key...");
+        if (!arg_quiet)
+                log_info("Generating sealing key...");
        r = FSPRG_GenState0(state, mpk, seed, seed_size);
        if (r < 0)
                return log_error_errno(r, "Failed to generate sealing key: %m");
@ -121,7 +124,7 @@ int action_setup_keys(void) {

        r = chattr_secret(fd, CHATTR_WARN_UNSUPPORTED_FLAGS);
        if (r < 0)
-                log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING,
+                log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) || arg_quiet ? LOG_DEBUG : LOG_WARNING,
                               r, "Failed to set file attributes on a temporary file for '%s', ignoring: %m", path);

        struct FSSHeader h = {
@ -154,7 +157,7 @@ int action_setup_keys(void) {
        if (r < 0)
                return r;

-        if (!on_tty()) {
+        if (!on_tty() || arg_quiet) {
                /* If we are not on a TTY, show only the key. */
                puts(key);
                return 0;
--- a/test/units/TEST-04-JOURNAL.fss.sh
+++ b/test/units/TEST-04-JOURNAL.fss.sh
@ -10,8 +10,10 @@ if ! journalctl --version | grep -qF +GCRYPT; then
    exit 0
 fi

-journalctl --force --setup-keys --interval=2 |& tee /tmp/fss
-FSS_VKEY="$(sed -rn '/([a-f0-9]{6}\-){3}[a-f0-9]{6}\/[a-f0-9]+\-[a-f0-9]+/p' /tmp/fss)"
+# without --quiet, should be effectively equivalent to the below, as we are not on tty
+journalctl --force --setup-keys --interval=2
+
+FSS_VKEY=$(journalctl --force --setup-keys --interval=2 --quiet)
 [[ -n "$FSS_VKEY" ]]

 # Generate some buzz in the journal and wait until the FSS key is changed