diff options
author | netblue30 <netblue30@yahoo.com> | 2017-03-23 12:50:47 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-03-23 12:50:47 -0400 |
commit | 2150dfc070b2775100ef3a19bf92e4dfedc515c1 (patch) | |
tree | edb59d316f00ad7628fb96acfb3a2d0b4711cbd0 | |
parent | merges (diff) | |
download | firejail-2150dfc070b2775100ef3a19bf92e4dfedc515c1.tar.gz firejail-2150dfc070b2775100ef3a19bf92e4dfedc515c1.tar.zst firejail-2150dfc070b2775100ef3a19bf92e4dfedc515c1.zip |
testing
-rw-r--r-- | src/firejail/checkcfg.c | 12 | ||||
-rwxr-xr-x | test/root/checkcfg.exp | 39 | ||||
-rw-r--r-- | test/root/firejail.config | 5 |
3 files changed, 52 insertions, 4 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 67bcd996a..f76f83d85 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -291,6 +291,10 @@ int checkcfg(int val) { | |||
291 | else if (strncmp(ptr, "quiet-by-default ", 17) == 0) { | 291 | else if (strncmp(ptr, "quiet-by-default ", 17) == 0) { |
292 | if (strcmp(ptr + 17, "yes") == 0) | 292 | if (strcmp(ptr + 17, "yes") == 0) |
293 | arg_quiet = 1; | 293 | arg_quiet = 1; |
294 | else if (strcmp(ptr + 17, "no") == 0) | ||
295 | arg_quiet = 0; | ||
296 | else | ||
297 | goto errout; | ||
294 | } | 298 | } |
295 | // remount /proc and /sys | 299 | // remount /proc and /sys |
296 | else if (strncmp(ptr, "remount-proc-sys ", 17) == 0) { | 300 | else if (strncmp(ptr, "remount-proc-sys ", 17) == 0) { |
@@ -413,16 +417,16 @@ void print_compiletime_support(void) { | |||
413 | #endif | 417 | #endif |
414 | ); | 418 | ); |
415 | 419 | ||
416 | printf("\t- networking support is %s\n", | 420 | printf("\t- git install support is %s\n", |
417 | #ifdef HAVE_NETWORK | 421 | #ifdef HAVE_GIT_INSTALL |
418 | "enabled" | 422 | "enabled" |
419 | #else | 423 | #else |
420 | "disabled" | 424 | "disabled" |
421 | #endif | 425 | #endif |
422 | ); | 426 | ); |
423 | 427 | ||
424 | printf("\t- git install support is %s\n", | 428 | printf("\t- networking support is %s\n", |
425 | #ifdef HAVE_GIT_INSTALL | 429 | #ifdef HAVE_NETWORK |
426 | "enabled" | 430 | "enabled" |
427 | #else | 431 | #else |
428 | "disabled" | 432 | "disabled" |
diff --git a/test/root/checkcfg.exp b/test/root/checkcfg.exp index e1ec6cf79..5ec1c4e77 100755 --- a/test/root/checkcfg.exp +++ b/test/root/checkcfg.exp | |||
@@ -98,6 +98,45 @@ expect { | |||
98 | "noroot feature is disabled in Firejail configuration file\r" | 98 | "noroot feature is disabled in Firejail configuration file\r" |
99 | } | 99 | } |
100 | 100 | ||
101 | # error exit | ||
102 | send -- "echo \"join no\" > /etc/firejail/firejail.config\r" | ||
103 | after 100 | ||
104 | send -- "echo \"cache-tmpfs no\" >> /etc/firejail/firejail.config\r" | ||
105 | after 100 | ||
106 | send -- "echo \"file-transfer no\" >> /etc/firejail/firejail.config\r" | ||
107 | after 100 | ||
108 | send -- "echo \"x11 no\" >> /etc/firejail/firejail.config\r" | ||
109 | after 100 | ||
110 | send -- "echo \"firejail-prompt yes\" >> /etc/firejail/firejail.config\r" | ||
111 | after 100 | ||
112 | send -- "echo \"follow-symlink-as-user yes\" >> /etc/firejail/firejail.config\r" | ||
113 | after 100 | ||
114 | send -- "echo \"follow-symlink-private-bin yes\" >> /etc/firejail/firejail.config\r" | ||
115 | after 100 | ||
116 | send -- "echo \"force-nonewprivs yes\" >> /etc/firejail/firejail.config\r" | ||
117 | after 100 | ||
118 | send -- "echo \"seccomp no\" >> /etc/firejail/firejail.config\r" | ||
119 | after 100 | ||
120 | send -- "echo \"restricted-network yes\" >> /etc/firejail/firejail.config\r" | ||
121 | after 100 | ||
122 | send -- "echo \"xephyr-window-title yes\" >> /etc/firejail/firejail.config\r" | ||
123 | after 100 | ||
124 | send -- "echo \"quiet-by-default yes\" >> /etc/firejail/firejail.config\r" | ||
125 | after 100 | ||
126 | send -- "echo \"chroot-desktop no\" >> /etc/firejail/firejail.config\r" | ||
127 | after 100 | ||
128 | send -- "echo \"private-bin-no-local yes\" >> /etc/firejail/firejail.config\r" | ||
129 | after 100 | ||
130 | send -- "echo \"disable-mnt yes\" >> /etc/firejail/firejail.config\r" | ||
131 | after 100 | ||
132 | send -- "echo \"blablabla\" >> /etc/firejail/firejail.config\r" | ||
133 | after 100 | ||
134 | send -- "firejail --noprofile --force\r" | ||
135 | expect { | ||
136 | timeout {puts "TESTING ERROR 10\n";exit} | ||
137 | "invalid line\r" | ||
138 | } | ||
139 | |||
101 | send -- "exit\r" | 140 | send -- "exit\r" |
102 | after 100 | 141 | after 100 |
103 | 142 | ||
diff --git a/test/root/firejail.config b/test/root/firejail.config index 71ff2f4e9..9b57f5126 100644 --- a/test/root/firejail.config +++ b/test/root/firejail.config | |||
@@ -1,8 +1,13 @@ | |||
1 | bind yes | 1 | bind yes |
2 | chroot yes | 2 | chroot yes |
3 | chroot-desktop yes | 3 | chroot-desktop yes |
4 | cache-tmpfs yes | ||
4 | file-transfer yes | 5 | file-transfer yes |
6 | firejail-prompt no | ||
7 | follow-symlink-as-user no | ||
8 | follow-symlink-private-bin no | ||
5 | force-nonewprivs no | 9 | force-nonewprivs no |
10 | join yes | ||
6 | network yes | 11 | network yes |
7 | overlayfs yes | 12 | overlayfs yes |
8 | private-bin-no-local no | 13 | private-bin-no-local no |