From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 20 Apr 2021 15:47:50 +0000 (+0200)
Subject: tests: use setfacl to give $SUDO_USER read permissions on artifacts
X-Git-Tag: v249-rc1~349
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=954c77c2510c0328fd98354a59f380945752c38c;p=thirdparty%2Fsystemd.git

tests: use setfacl to give $SUDO_USER read permissions on artifacts

We have to invoke the tests as superuser, and not being able to read
the journal as the invoking user is annoying. I don't think there are
any security considerations here, since the invoking user can already
put arbitrary code in the Makefile and test scripts which get executed
with root privileges.
---

diff --git a/test/test-functions b/test/test-functions
index 8f2ffb13232..e8d2a5876b1 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -2393,6 +2393,12 @@ do_test() {
     import_testdir
     import_initdir
 
+    if [ -n "${SUDO_USER}" ]; then
+        ddebug "Making ${TESTDIR:?} readable for ${SUDO_USER} (acquired from sudo)"
+        setfacl -m "user:${SUDO_USER:?}:r-X" "${TESTDIR:?}"
+        setfacl -d -m "user:${SUDO_USER:?}:r-X" "${TESTDIR:?}"
+    fi
+
     testname="$(basename "$PWD")"
 
     while (($# > 0)); do