From 0615abef62e39d0f0281b4b2979e4fa694a827e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 20 Feb 2024 18:14:53 +0100
Subject: [PATCH] analyze: always recommend saving the output to a file

The command will refuse to write to a TTY, so give a strong hint
that redirecting to a file is recommended. This makes the synopsis,
man page text, and --help output consistent.

Also drop the space after the redirection operator everywhere.
---
 man/systemd-analyze.xml | 12 +++++++++---
 src/analyze/analyze.c   |  2 +-
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml
index db14038bfbc..639a7231cb2 100644
--- a/man/systemd-analyze.xml
+++ b/man/systemd-analyze.xml
@@ -178,6 +178,7 @@
       <command>systemd-analyze</command>
       <arg choice="opt" rep="repeat">OPTIONS</arg>
       <arg choice="plain">srk</arg>
+      <arg choice="opt"><replaceable>&gt;FILE</replaceable></arg>
     </cmdsynopsis>
     <cmdsynopsis>
       <command>systemd-analyze</command>
@@ -939,12 +940,17 @@ NR NAME                SHA256
     </refsect2>
 
     <refsect2>
-      <title><command>systemd-analyze srk &gt; <replaceable>FILE</replaceable></command></title>
+      <title><command>systemd-analyze srk <optional>&gt;<replaceable>FILE</replaceable></optional></command></title>
 
       <para>This command reads the Storage Root Key (SRK) from the TPM2 device, and writes it in marshalled
-      TPM2B_PUBLIC format to stdout. Example:</para>
+      TPM2B_PUBLIC format to stdout. The output is non-printable data, so it should be redirected to a file
+      or into a pipe.</para>
 
-      <programlisting>systemd-analyze srk &gt; srk.tpm2b_public</programlisting>
+      <example>
+        <title>Save the Storage Root Key to <filename>srk.tpm2b_public</filename></title>
+
+        <programlisting>systemd-analyze srk &gt;srk.tpm2b_public</programlisting>
+      </example>
     </refsect2>
 
     <refsect2>
diff --git a/src/analyze/analyze.c b/src/analyze/analyze.c
index 49b4c3b8cc1..ea906c7bfeb 100644
--- a/src/analyze/analyze.c
+++ b/src/analyze/analyze.c
@@ -240,7 +240,7 @@ static int help(int argc, char *argv[], void *userdata) {
                "  fdstore SERVICE...         Show file descriptor store contents of service\n"
                "  image-policy POLICY...     Analyze image policy string\n"
                "  pcrs [PCR...]              Show TPM2 PCRs and their names\n"
-               "  srk > FILE                 Write TPM2 SRK to stdout\n"
+               "  srk [>FILE]                Write TPM2 SRK (to FILE)\n"
                "\nOptions:\n"
                "     --recursive-errors=MODE Control which units are verified\n"
                "     --offline=BOOL          Perform a security review on unit file(s)\n"