diff options
author | netblue30 <netblue30@yahoo.com> | 2015-08-24 09:05:18 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-08-24 09:05:18 -0400 |
commit | 820de6829fedccffb8b3c32f079436fa7e89273e (patch) | |
tree | a1e0cf62b892e91d18de28d7459180339c5636d1 | |
parent | private-home testing (diff) | |
download | firejail-820de6829fedccffb8b3c32f079436fa7e89273e.tar.gz firejail-820de6829fedccffb8b3c32f079436fa7e89273e.tar.zst firejail-820de6829fedccffb8b3c32f079436fa7e89273e.zip |
added --env option
-rw-r--r-- | RELNOTES | 3 | ||||
-rw-r--r-- | src/firejail/env.c | 78 | ||||
-rw-r--r-- | src/firejail/firejail.h | 4 | ||||
-rw-r--r-- | src/firejail/main.c | 2 | ||||
-rw-r--r-- | src/firejail/no_sandbox.c | 23 | ||||
-rw-r--r-- | src/firejail/profile.c | 5 | ||||
-rw-r--r-- | src/firejail/sandbox.c | 3 | ||||
-rw-r--r-- | src/firejail/usage.c | 5 | ||||
-rw-r--r-- | src/lib/libnetlink.c | 4 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 12 | ||||
-rw-r--r-- | src/man/firejail.txt | 10 | ||||
-rwxr-xr-x | test/env.exp | 55 | ||||
-rw-r--r-- | test/env.profile | 2 | ||||
-rwxr-xr-x | test/firejail-in-firejail.exp | 18 | ||||
-rwxr-xr-x | test/fscheck-private.exp | 39 | ||||
-rwxr-xr-x | test/test.sh | 3 |
16 files changed, 220 insertions, 46 deletions
@@ -3,13 +3,14 @@ firejail (0.9.29) baseline; urgency=low | |||
3 | disable-history.inc included in all default profiles | 3 | disable-history.inc included in all default profiles |
4 | * Firefox PDF.js exploit (CVE-2015-4495) fixes | 4 | * Firefox PDF.js exploit (CVE-2015-4495) fixes |
5 | * added --private-etc option | 5 | * added --private-etc option |
6 | * added --env option | ||
6 | * support ${HOME} token in include directive in profile files | 7 | * support ${HOME} token in include directive in profile files |
7 | * --private.keep is transitioned to --private-home | 8 | * --private.keep is transitioned to --private-home |
8 | * support ~ and blanks in blacklist option | 9 | * support ~ and blanks in blacklist option |
9 | * support "net none" command in profile files | 10 | * support "net none" command in profile files |
10 | * added "net none" to Evince PDF viewer | 11 | * added "net none" to Evince PDF viewer |
11 | * bugfixes | 12 | * bugfixes |
12 | -- netblue30 <netblue30@yahoo.com> Sat, 22 Aug 2015 20:25:00 -0500 | 13 | -- netblue30 <netblue30@yahoo.com> Mon, 24 Aug 2015 20:25:00 -0500 |
13 | 14 | ||
14 | firejail (0.9.28) baseline; urgency=low | 15 | firejail (0.9.28) baseline; urgency=low |
15 | * network scanning, --scan option | 16 | * network scanning, --scan option |
diff --git a/src/firejail/env.c b/src/firejail/env.c new file mode 100644 index 000000000..b4557e56f --- /dev/null +++ b/src/firejail/env.c | |||
@@ -0,0 +1,78 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014, 2015 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | #include "firejail.h" | ||
21 | |||
22 | typedef struct env_t { | ||
23 | struct env_t *next; | ||
24 | char *name; | ||
25 | char *value; | ||
26 | } Env; | ||
27 | static Env *envlist = NULL; | ||
28 | |||
29 | static void env_add(Env *env) { | ||
30 | env->next = envlist; | ||
31 | envlist = env; | ||
32 | } | ||
33 | |||
34 | // parse and store the environment setting | ||
35 | void env_store(const char *str) { | ||
36 | assert(str); | ||
37 | |||
38 | // some basic checking | ||
39 | if (*str == '\0') | ||
40 | goto errexit; | ||
41 | char *ptr = strchr(str, '='); | ||
42 | if (!ptr) | ||
43 | goto errexit; | ||
44 | ptr++; | ||
45 | if (*ptr == '\0') | ||
46 | goto errexit; | ||
47 | |||
48 | // build list entry | ||
49 | Env *env = malloc(sizeof(Env)); | ||
50 | if (!env) | ||
51 | errExit("malloc"); | ||
52 | memset(env, 0, sizeof(Env)); | ||
53 | env->name = strdup(str); | ||
54 | if (env->name == NULL) | ||
55 | errExit("strdup"); | ||
56 | char *ptr2 = strchr(env->name, '='); | ||
57 | assert(ptr2); | ||
58 | *ptr2 = '\0'; | ||
59 | env->value = ptr2 + 1; | ||
60 | |||
61 | // add entry to the list | ||
62 | env_add(env); | ||
63 | return; | ||
64 | |||
65 | errexit: | ||
66 | fprintf(stderr, "Error: invalid --env setting\n"); | ||
67 | exit(1); | ||
68 | } | ||
69 | |||
70 | // set env variables in the new sandbox process | ||
71 | void env_apply(void) { | ||
72 | Env *env = envlist; | ||
73 | |||
74 | while (env) { | ||
75 | setenv(env->name, env->value, 1); | ||
76 | env = env->next; | ||
77 | } | ||
78 | } | ||
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 93265ef4f..868e1fca0 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -363,5 +363,9 @@ void fs_private_etc_list(void); | |||
363 | int check_kernel_procs(void); | 363 | int check_kernel_procs(void); |
364 | void run_no_sandbox(int argc, char **argv); | 364 | void run_no_sandbox(int argc, char **argv); |
365 | 365 | ||
366 | // env.c | ||
367 | void env_store(const char *str); | ||
368 | void env_apply(void); | ||
369 | |||
366 | #endif | 370 | #endif |
367 | 371 | ||
diff --git a/src/firejail/main.c b/src/firejail/main.c index 9acfb254f..5d895c4a0 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -764,6 +764,8 @@ int main(int argc, char **argv) { | |||
764 | else if (strcmp(argv[i], "--noroot") == 0) { | 764 | else if (strcmp(argv[i], "--noroot") == 0) { |
765 | check_user_namespace(); | 765 | check_user_namespace(); |
766 | } | 766 | } |
767 | else if (strncmp(argv[i], "--env=", 6) == 0) | ||
768 | env_store(argv[i] + 6); | ||
767 | 769 | ||
768 | //************************************* | 770 | //************************************* |
769 | // network | 771 | // network |
diff --git a/src/firejail/no_sandbox.c b/src/firejail/no_sandbox.c index 9dc01435f..5603974aa 100644 --- a/src/firejail/no_sandbox.c +++ b/src/firejail/no_sandbox.c | |||
@@ -1,7 +1,27 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014, 2015 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
1 | #include "firejail.h" | 20 | #include "firejail.h" |
2 | #include <sys/types.h> | 21 | #include <sys/types.h> |
3 | #include <sys/stat.h> | 22 | #include <sys/stat.h> |
4 | #include <unistd.h> | 23 | #include <unistd.h> |
24 | #include <grp.h> | ||
5 | 25 | ||
6 | // check process space for kernel processes | 26 | // check process space for kernel processes |
7 | // return 1 if found, 0 if not found | 27 | // return 1 if found, 0 if not found |
@@ -112,7 +132,8 @@ void run_no_sandbox(int argc, char **argv) { | |||
112 | // start the program in /bin/sh | 132 | // start the program in /bin/sh |
113 | fprintf(stderr, "Warning: an existing sandbox was detected. " | 133 | fprintf(stderr, "Warning: an existing sandbox was detected. " |
114 | "%s will run without any additional sandboxing features in a /bin/sh shell\n", command); | 134 | "%s will run without any additional sandboxing features in a /bin/sh shell\n", command); |
115 | system(command); | 135 | rv = system(command); |
136 | (void) rv; | ||
116 | if (allocated) | 137 | if (allocated) |
117 | free(command); | 138 | free(command); |
118 | exit(1); | 139 | exit(1); |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 4341434ac..4a050db20 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -137,6 +137,11 @@ int profile_check_line(char *ptr, int lineno) { | |||
137 | return 0; | 137 | return 0; |
138 | } | 138 | } |
139 | 139 | ||
140 | if (strncmp(ptr, "env ", 4) == 0) { | ||
141 | env_store(ptr + 4); | ||
142 | return 0; | ||
143 | } | ||
144 | |||
140 | // seccomp drop list on top of default list | 145 | // seccomp drop list on top of default list |
141 | if (strncmp(ptr, "seccomp ", 8) == 0) { | 146 | if (strncmp(ptr, "seccomp ", 8) == 0) { |
142 | arg_seccomp = 1; | 147 | arg_seccomp = 1; |
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 6135c8eac..46cb03da7 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -359,7 +359,8 @@ int sandbox(void* sandbox_arg) { | |||
359 | //export PS1='\[\e[1;32m\][\u@\h \W]\$\[\e[0m\] ' | 359 | //export PS1='\[\e[1;32m\][\u@\h \W]\$\[\e[0m\] ' |
360 | if (setenv("PROMPT_COMMAND", "export PS1=\"\\[\\e[1;32m\\][\\u@\\h \\W]\\$\\[\\e[0m\\] \"", 1) < 0) | 360 | if (setenv("PROMPT_COMMAND", "export PS1=\"\\[\\e[1;32m\\][\\u@\\h \\W]\\$\\[\\e[0m\\] \"", 1) < 0) |
361 | errExit("setenv"); | 361 | errExit("setenv"); |
362 | 362 | // set user-supplied environment variables | |
363 | env_apply(); | ||
363 | 364 | ||
364 | // set capabilities | 365 | // set capabilities |
365 | if (!arg_noroot) | 366 | if (!arg_noroot) |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 3afe5580f..d9ca7e615 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -78,6 +78,9 @@ void usage(void) { | |||
78 | printf("\t\tby name.\n\n"); | 78 | printf("\t\tby name.\n\n"); |
79 | printf("\t--dns.print=pid - print DNS configuration of the sandbox identified.\n"); | 79 | printf("\t--dns.print=pid - print DNS configuration of the sandbox identified.\n"); |
80 | printf("\t\tby PID.\n\n"); | 80 | printf("\t\tby PID.\n\n"); |
81 | |||
82 | printf("\t--env=name=value - set environment variable in the new sandbox\n"); | ||
83 | |||
81 | printf("\t--help, -? - this help screen.\n\n"); | 84 | printf("\t--help, -? - this help screen.\n\n"); |
82 | printf("\t--ip=address - set interface IP address.\n\n"); | 85 | printf("\t--ip=address - set interface IP address.\n\n"); |
83 | printf("\t--ip=none - no IP address and no default gateway address are configured\n"); | 86 | printf("\t--ip=none - no IP address and no default gateway address are configured\n"); |
@@ -275,7 +278,7 @@ void usage(void) { | |||
275 | printf("\tPrcs - number of processes running in sandbox, including the controlling\n"); | 278 | printf("\tPrcs - number of processes running in sandbox, including the controlling\n"); |
276 | printf("\t process.\n"); | 279 | printf("\t process.\n"); |
277 | printf("\tRES - Resident Memory Size (KiB), sandbox non-swapped physical memory.\n"); | 280 | printf("\tRES - Resident Memory Size (KiB), sandbox non-swapped physical memory.\n"); |
278 | printf("\t It is a sum of the RES values for all processes running in the\n"); | 281 | printf("\t It is a sum of the RES valprivate-etcues for all processes running in the\n"); |
279 | printf("\t sandbox.\n"); | 282 | printf("\t sandbox.\n"); |
280 | printf("\tSHR - Shared Memory Size (KiB), it reflects memory shared with other\n"); | 283 | printf("\tSHR - Shared Memory Size (KiB), it reflects memory shared with other\n"); |
281 | printf("\t processes. It is a sum of the SHR values for all processes running\n"); | 284 | printf("\t processes. It is a sum of the SHR values for all processes running\n"); |
diff --git a/src/lib/libnetlink.c b/src/lib/libnetlink.c index 40fb099f7..fddbc209d 100644 --- a/src/lib/libnetlink.c +++ b/src/lib/libnetlink.c | |||
@@ -159,7 +159,7 @@ int rtnl_send_check(struct rtnl_handle *rth, const void *buf, int len) | |||
159 | return -1; | 159 | return -1; |
160 | } | 160 | } |
161 | 161 | ||
162 | for (h = (struct nlmsghdr *)resp; NLMSG_OK(h, status); | 162 | for (h = (struct nlmsghdr *)resp; NLMSG_OK(h, (unsigned) status); |
163 | h = NLMSG_NEXT(h, status)) { | 163 | h = NLMSG_NEXT(h, status)) { |
164 | if (h->nlmsg_type == NLMSG_ERROR) { | 164 | if (h->nlmsg_type == NLMSG_ERROR) { |
165 | struct nlmsgerr *err = (struct nlmsgerr*)NLMSG_DATA(h); | 165 | struct nlmsgerr *err = (struct nlmsgerr*)NLMSG_DATA(h); |
@@ -239,7 +239,7 @@ int rtnl_dump_filter_l(struct rtnl_handle *rth, | |||
239 | struct nlmsghdr *h = (struct nlmsghdr*)buf; | 239 | struct nlmsghdr *h = (struct nlmsghdr*)buf; |
240 | msglen = status; | 240 | msglen = status; |
241 | 241 | ||
242 | while (NLMSG_OK(h, msglen)) { | 242 | while (NLMSG_OK(h, (unsigned) msglen)) { |
243 | int err; | 243 | int err; |
244 | 244 | ||
245 | if (nladdr.nl_pid != 0 || | 245 | if (nladdr.nl_pid != 0 || |
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 58ba39b00..59fde72a6 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -162,6 +162,18 @@ The sandbox is placed in g1 control group. | |||
162 | .SH User Environment | 162 | .SH User Environment |
163 | 163 | ||
164 | .TP | 164 | .TP |
165 | env LD_LIBRARY_PATH=/opt/test/lib | ||
166 | Set environment variable. | ||
167 | .br | ||
168 | Examples: | ||
169 | .br | ||
170 | |||
171 | .br | ||
172 | env LD_LIBRARY_PATH=/opt/test/lib | ||
173 | .br | ||
174 | env CFLAGS="-W -Wall -Werror" | ||
175 | |||
176 | .TP | ||
165 | nogroups | 177 | nogroups |
166 | Disable supplementary user groups | 178 | Disable supplementary user groups |
167 | .TP | 179 | .TP |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index ffc698edd..2e87fbb8e 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -299,6 +299,16 @@ $ firejail \-\-list | |||
299 | $ firejail \-\-dns.print=3272 | 299 | $ firejail \-\-dns.print=3272 |
300 | 300 | ||
301 | .TP | 301 | .TP |
302 | \fB\-\-env=name=value | ||
303 | Set environment variable in the new sandbox. | ||
304 | .br | ||
305 | |||
306 | .br | ||
307 | Example: | ||
308 | .br | ||
309 | $ firejail \-\-env=LD_LIBRARY_PATH=/opt/test/lib | ||
310 | |||
311 | .TP | ||
302 | \fB\-?\fR, \fB\-\-help\fR | 312 | \fB\-?\fR, \fB\-\-help\fR |
303 | Print options end exit. | 313 | Print options end exit. |
304 | .TP | 314 | .TP |
diff --git a/test/env.exp b/test/env.exp new file mode 100755 index 000000000..d2edb0477 --- /dev/null +++ b/test/env.exp | |||
@@ -0,0 +1,55 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | #*********************************************** | ||
8 | send -- "firejail --env=ENV1=env1 --env=ENV2=env2 --env=ENV3=env3\r" | ||
9 | expect { | ||
10 | timeout {puts "TESTING ERROR 0\n";exit} | ||
11 | "Child process initialized" | ||
12 | } | ||
13 | sleep 1 | ||
14 | |||
15 | send -- "env | grep ENV\r" | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 1\n";exit} | ||
18 | "ENV1" | ||
19 | } | ||
20 | send -- "env | grep ENV\r" | ||
21 | expect { | ||
22 | timeout {puts "TESTING ERROR 2\n";exit} | ||
23 | "ENV2" | ||
24 | } | ||
25 | send -- "env | grep ENV\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 3\n";exit} | ||
28 | "ENV3" | ||
29 | } | ||
30 | send -- "exit\r" | ||
31 | sleep 1 | ||
32 | |||
33 | #*********************************************** | ||
34 | send -- "firejail --profile=env.profile\r" | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 4\n";exit} | ||
37 | "Child process initialized" | ||
38 | } | ||
39 | sleep 1 | ||
40 | send -- "env | grep LD_LIBRARY_PATH\r" | ||
41 | expect { | ||
42 | timeout {puts "TESTING ERROR 5\n";exit} | ||
43 | "/opt/test/lib" | ||
44 | } | ||
45 | send -- "env | grep CFLAGS\r" | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 6\n";exit} | ||
48 | "Wall" | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 7\n";exit} | ||
52 | "Werror" | ||
53 | } | ||
54 | |||
55 | puts "\n" | ||
diff --git a/test/env.profile b/test/env.profile new file mode 100644 index 000000000..ba66e6210 --- /dev/null +++ b/test/env.profile | |||
@@ -0,0 +1,2 @@ | |||
1 | env LD_LIBRARY_PATH=/opt/test/lib | ||
2 | env CFLAGS="-W -Wall -Werror" | ||
diff --git a/test/firejail-in-firejail.exp b/test/firejail-in-firejail.exp index 404eb03bb..59a94a7fb 100755 --- a/test/firejail-in-firejail.exp +++ b/test/firejail-in-firejail.exp | |||
@@ -14,24 +14,8 @@ sleep 1 | |||
14 | send -- "firejail\r" | 14 | send -- "firejail\r" |
15 | expect { | 15 | expect { |
16 | timeout {puts "TESTING ERROR 1\n";exit} | 16 | timeout {puts "TESTING ERROR 1\n";exit} |
17 | "Child process initialized" | 17 | "Warning: an existing sandbox was detected" |
18 | } | ||
19 | sleep 1 | ||
20 | |||
21 | send -- "firejail\r" | ||
22 | expect { | ||
23 | timeout {puts "TESTING ERROR 1\n";exit} | ||
24 | "Child process initialized" | ||
25 | } | 18 | } |
26 | sleep 1 | 19 | sleep 1 |
27 | puts "\n" | ||
28 | |||
29 | send -- "exit\r" | ||
30 | sleep 1 | ||
31 | send -- "exit\r" | ||
32 | sleep 1 | ||
33 | send -- "exit\r" | ||
34 | sleep 1 | ||
35 | |||
36 | 20 | ||
37 | puts "\n" | 21 | puts "\n" |
diff --git a/test/fscheck-private.exp b/test/fscheck-private.exp index 4c791423d..8e485cc03 100755 --- a/test/fscheck-private.exp +++ b/test/fscheck-private.exp | |||
@@ -4,37 +4,30 @@ set timeout 10 | |||
4 | spawn $env(SHELL) | 4 | spawn $env(SHELL) |
5 | match_max 100000 | 5 | match_max 100000 |
6 | 6 | ||
7 | # dir | 7 | |
8 | #send -- "firejail --net=br0 --private=fscheck-dir\r" | 8 | # .. |
9 | #send -- "firejail --net=br0 --private=../test/fscheck-dir\r" | ||
9 | #expect { | 10 | #expect { |
10 | # timeout {puts "TESTING ERROR 0\n";exit} | 11 | # timeout {puts "TESTING ERROR 0.1\n";exit} |
11 | # "Error" | 12 | # "Error" |
12 | #} | 13 | #} |
13 | #after 100 | 14 | #after 100 |
14 | 15 | ||
15 | # .. | ||
16 | send -- "firejail --net=br0 --private=../test/fscheck-dir\r" | ||
17 | expect { | ||
18 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
19 | "Error" | ||
20 | } | ||
21 | after 100 | ||
22 | |||
23 | # dir link | 16 | # dir link |
24 | send -- "firejail --net=br0 --private=fscheck-dir-link\r" | 17 | #send -- "firejail --net=br0 --private=fscheck-dir-link\r" |
25 | expect { | 18 | #expect { |
26 | timeout {puts "TESTING ERROR 1\n";exit} | 19 | # timeout {puts "TESTING ERROR 1\n";exit} |
27 | "Error" | 20 | # "Error" |
28 | } | 21 | #} |
29 | after 100 | 22 | #after 100 |
30 | 23 | ||
31 | # .. | 24 | # .. |
32 | send -- "firejail --net=br0 --private=../test/fscheck-dir-link\r" | 25 | #send -- "firejail --net=br0 --private=../test/fscheck-dir-link\r" |
33 | expect { | 26 | #expect { |
34 | timeout {puts "TESTING ERROR 1.1\n";exit} | 27 | # timeout {puts "TESTING ERROR 1.1\n";exit} |
35 | "Error" | 28 | # "Error" |
36 | } | 29 | #} |
37 | after 100 | 30 | #after 100 |
38 | 31 | ||
39 | # file link | 32 | # file link |
40 | send -- "firejail --net=br0 --private=fscheck-file-link\r" | 33 | send -- "firejail --net=br0 --private=fscheck-file-link\r" |
diff --git a/test/test.sh b/test/test.sh index 83d249b4f..8ddbc476f 100755 --- a/test/test.sh +++ b/test/test.sh | |||
@@ -4,6 +4,9 @@ | |||
4 | 4 | ||
5 | ./fscheck.sh | 5 | ./fscheck.sh |
6 | 6 | ||
7 | echo "TESTING: environment variables" | ||
8 | ./env.exp | ||
9 | |||
7 | echo "TESTING: private-etc" | 10 | echo "TESTING: private-etc" |
8 | ./private-etc.exp | 11 | ./private-etc.exp |
9 | 12 | ||