journalctl: honor --quiet with --setup-keys

Closes #35504.

(cherry picked from commit a5b2973850e5952b9dffdfa3f6a0ef486957cb17)

diff --git a/src/journal/journalctl-authenticate.c b/src/journal/journalctl-authenticate.c
index 865814cd032cbef032d745beeede9a622ff718e2..87374816b480ad58b1f24a440380d392a8e2c2a5 100644 (file)
--- a/src/journal/journalctl-authenticate.c
+++ b/src/journal/journalctl-authenticate.c
@@ -97,17 +97,20 @@ int action_setup_keys(void) {
         state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
         state = alloca_safe(state_size);
 
-        log_info("Generating seed...");
+        if (!arg_quiet)
+                log_info("Generating seed...");
         r = crypto_random_bytes(seed, seed_size);
         if (r < 0)
                 return log_error_errno(r, "Failed to acquire random seed: %m");
 
-        log_info("Generating key pair...");
+        if (!arg_quiet)
+                log_info("Generating key pair...");
         r = FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
         if (r < 0)
                 return log_error_errno(r, "Failed to generate key pair: %m");
 
-        log_info("Generating sealing key...");
+        if (!arg_quiet)
+                log_info("Generating sealing key...");
         r = FSPRG_GenState0(state, mpk, seed, seed_size);
         if (r < 0)
                 return log_error_errno(r, "Failed to generate sealing key: %m");
@@ -122,7 +125,7 @@ int action_setup_keys(void) {
 
         r = chattr_secret(fd, CHATTR_WARN_UNSUPPORTED_FLAGS);
         if (r < 0)
-                log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING,
+                log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) || arg_quiet ? LOG_DEBUG : LOG_WARNING,
                                r, "Failed to set file attributes on a temporary file for '%s', ignoring: %m", path);
 
         struct FSSHeader h = {
@@ -155,7 +158,7 @@ int action_setup_keys(void) {
         if (r < 0)
                 return r;
 
-        if (!on_tty()) {
+        if (!on_tty() || arg_quiet) {
                 /* If we are not on a TTY, show only the key. */
                 puts(key);
                 return 0;

diff --git a/test/units/TEST-04-JOURNAL.fss.sh b/test/units/TEST-04-JOURNAL.fss.sh
index 03351b812fa7540da2c0038fbea2f135ce5dc75b..140bd9fd67dacb92d31b6310ef3e67c641639df5 100755 (executable)
--- a/test/units/TEST-04-JOURNAL.fss.sh
+++ b/test/units/TEST-04-JOURNAL.fss.sh
@@ -10,8 +10,10 @@ if ! journalctl --version | grep -qF +GCRYPT; then
     exit 0
 fi
 
-journalctl --force --setup-keys --interval=2 |& tee /tmp/fss
-FSS_VKEY="$(sed -rn '/([a-f0-9]{6}\-){3}[a-f0-9]{6}\/[a-f0-9]+\-[a-f0-9]+/p' /tmp/fss)"
+# without --quiet, should be effectively equivalent to the below, as we are not on tty
+journalctl --force --setup-keys --interval=2
+
+FSS_VKEY=$(journalctl --force --setup-keys --interval=2 --quiet)
 [[ -n "$FSS_VKEY" ]]
 
 # Generate some buzz in the journal and wait until the FSS key is changed