While running the test suite, I repeatedly get a GUI window asking me for root password in order to 'stop consul.service'. Sounds like a major command leak.
Not that I'm running such a service.
Several tests call "ghe-restore", which calls "ssh ... sudo systemctl stop consul".
As well, the tests use a wrapper script for ssh that removes any "sudo" calls and runs the commands locally.
The end result is that "systemctl stop consul" gets executed directly as the portage user, which triggers a polkit prompt if portage is not running as root.
ghe-restore attempts to perform many privileged operations, and it doesn't look like it was really designed for use in an isolated test environment.
I would recommend masking the test USE flag until/unless the tests can be made more safe for general use.