From 954c77c2510c0328fd98354a59f380945752c38c Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 20 Apr 2021 17:47:50 +0200
Subject: [PATCH] tests: use setfacl to give $SUDO_USER read permissions on
 artifacts

We have to invoke the tests as superuser, and not being able to read
the journal as the invoking user is annoying. I don't think there are
any security considerations here, since the invoking user can already
put arbitrary code in the Makefile and test scripts which get executed
with root privileges.
---
 test/test-functions | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/test-functions b/test/test-functions
index 8f2ffb13232..e8d2a5876b1 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -2393,6 +2393,12 @@ do_test() {
     import_testdir
     import_initdir
 
+    if [ -n "${SUDO_USER}" ]; then
+        ddebug "Making ${TESTDIR:?} readable for ${SUDO_USER} (acquired from sudo)"
+        setfacl -m "user:${SUDO_USER:?}:r-X" "${TESTDIR:?}"
+        setfacl -d -m "user:${SUDO_USER:?}:r-X" "${TESTDIR:?}"
+    fi
+
     testname="$(basename "$PWD")"
 
     while (($# > 0)); do
-- 
2.47.3