commit: 997058a825a340813532bef77a34425cf4a88eb2 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Thu Feb 15 15:33:03 2024 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Wed Feb 21 02:13:45 2024 +0000 URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=997058a8
Support PROPERTIES=test_userpriv not to drop perms for tests Support PROPERTIES=test_userpriv and a corresponding ALLOW_TEST=userpriv to disable FEATURES=userpriv when running the test phase. This can be used e.g. in dev-python/reflink that needs to be able to mount filesystem on a loopback device for testing. Bug: https://bugs.gentoo.org/924585 Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> Closes: https://github.com/gentoo/portage/pull/1274 Signed-off-by: Sam James <sam <AT> gentoo.org> bin/phase-functions.sh | 3 ++- lib/portage/package/ebuild/config.py | 3 +++ lib/portage/package/ebuild/doebuild.py | 3 +++ man/ebuild.5 | 5 +++++ man/make.conf.5 | 4 ++++ 5 files changed, 17 insertions(+), 1 deletion(-) diff --git a/bin/phase-functions.sh b/bin/phase-functions.sh index cd672a878c..ebcf5f242a 100644 --- a/bin/phase-functions.sh +++ b/bin/phase-functions.sh @@ -503,7 +503,8 @@ __dyn_test() { fi if has test ${PORTAGE_RESTRICT} && ! has all ${ALLOW_TEST} && - ! { has test_network ${PORTAGE_PROPERTIES} && has network ${ALLOW_TEST}; } + ! { has test_network ${PORTAGE_PROPERTIES} && has network ${ALLOW_TEST}; } && + ! { has test_privileged ${PORTAGE_PROPERTIES} && has privileged ${ALLOW_TEST}; } then einfo "Skipping make test/check due to ebuild restriction." __vecho ">>> Test phase [disabled because of RESTRICT=test]: ${CATEGORY}/${PF}" diff --git a/lib/portage/package/ebuild/config.py b/lib/portage/package/ebuild/config.py index d7b0ca5676..c89354cbf7 100644 --- a/lib/portage/package/ebuild/config.py +++ b/lib/portage/package/ebuild/config.py @@ -2114,6 +2114,9 @@ class config: "test" in restrict and not "all" in allow_test and not ("test_network" in properties and "network" in allow_test) + and not ( + "test_privileged" in properties and "privileged" in allow_test + ) ) if restrict_test and "test" in self.features: diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py index 4cf155e033..bc51fdff2d 100644 --- a/lib/portage/package/ebuild/doebuild.py +++ b/lib/portage/package/ebuild/doebuild.py @@ -239,6 +239,9 @@ def _doebuild_spawn(phase, settings, actionmap=None, **kwargs): ebuild_sh_arg, ) + if phase == "test" and "test_privileged" in settings["PORTAGE_PROPERTIES"].split(): + kwargs["droppriv"] = False + settings["EBUILD_PHASE"] = phase try: return spawn(cmd, settings, **kwargs) diff --git a/man/ebuild.5 b/man/ebuild.5 index f849f20a29..a32ba4828c 100644 --- a/man/ebuild.5 +++ b/man/ebuild.5 @@ -811,6 +811,11 @@ is installed. The package manager may run tests that require an internet connection, even if the ebuild has .IR RESTRICT=test . +.TP +.I test_privileged +The package manager may run tests that require superuser permissions, even if +the ebuild has +.IR RESTRICT=test . .RE .PD 1 .TP diff --git a/man/make.conf.5 b/man/make.conf.5 index 23d8408544..e13f6eec4f 100644 --- a/man/make.conf.5 +++ b/man/make.conf.5 @@ -1323,6 +1323,10 @@ Run tests in packages specifying \fBPROPERTIES\fR="\fBtest_network\fR". Note that this will most likely cause Internet access during the test suite which could cause additional costs, privacy concerns and intermittent test failures. .TP +.B privileged +Run tests in packages specifying \fBPROPERTIES\fR="\fBtest_privileged\fR". Note +that this will cause the test suite to be run with superuser permissions. +.TP .RE .TP .B RESUMECOMMAND
