ci: make the build dir accessible when running w/o privileges

Otherwise the unprivileged part of test-execute gets silently skipped: /* test_run_tests_unprivileged */ Successfully forked off '(test-execute-unprivileged)' as PID 20998. ... pin_callout_binary: build dir binary: /home/runner/work/systemd/systemd/build/systemd-executor pin_callout_binary: open(/home/runner/work/systemd/systemd/build/systemd-executor)=-13 Failed to pin executor binary: No such file or directory (test-execute-unprivileged): manager_new, skipping tests: No such file or directory (test-execute-unprivileged) succeeded.
2024-07-22 02:34:54 +00:00 · 2024-03-06 15:04:22 +01:00 · 2024-03-06 15:04:22 +01:00 · c538fecc61
parent da95494ca3
commit c538fecc61
1 changed files with 5 additions and 0 deletions
--- a/.github/workflows/unit_tests.sh
+++ b/.github/workflows/unit_tests.sh
@ -53,6 +53,11 @@ for phase in "${PHASES[@]}"; do
            apt-get -y build-dep systemd
            apt-get -y install "${ADDITIONAL_DEPS[@]}"
            pip3 install -r .github/workflows/requirements.txt --require-hashes
+
+            # Make sure the build dir is accessible even when drop privileges, otherwise the unprivileged
+            # part of test-execute gets skipped, since it can't run systemd-executor
+            chmod o+x /home/runner
+            capsh --drop=all -- -c "stat $PWD/meson.build"
            ;;
        RUN|RUN_GCC|RUN_CLANG|RUN_CLANG_RELEASE)
            if [[ "$phase" =~ ^RUN_CLANG ]]; then