diff options
author | netblue30 <netblue30@yahoo.com> | 2018-10-21 11:58:58 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-10-21 11:58:58 -0400 |
commit | b54bc589bbaa3b158cad2e23a4e32158b1622e51 (patch) | |
tree | d5538e3902c30ea4de57ab4195393a6365fba087 | |
parent | Add QOwnNotes profile (diff) | |
download | firejail-b54bc589bbaa3b158cad2e23a4e32158b1622e51.tar.gz firejail-b54bc589bbaa3b158cad2e23a4e32158b1622e51.tar.zst firejail-b54bc589bbaa3b158cad2e23a4e32158b1622e51.zip |
apparmor test
-rwxr-xr-x | test/filters/apparmor.exp | 59 | ||||
-rwxr-xr-x | test/filters/filters.sh | 6 |
2 files changed, 65 insertions, 0 deletions
diff --git a/test/filters/apparmor.exp b/test/filters/apparmor.exp new file mode 100755 index 000000000..acc42a117 --- /dev/null +++ b/test/filters/apparmor.exp | |||
@@ -0,0 +1,59 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2018 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=test1 --apparmor\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | "Child process initialized" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --name=test2 --apparmor\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 1\n";exit} | ||
21 | "Child process initialized" | ||
22 | } | ||
23 | sleep 1 | ||
24 | |||
25 | spawn $env(SHELL) | ||
26 | send -- "firemon --apparmor\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 2\n";exit} | ||
29 | "test1:firejail --name=test1 --apparmor" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 3\n";exit} | ||
33 | "AppArmor: firejail-default enforce" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 4\n";exit} | ||
37 | "test2:firejail --name=test2 --apparmor" | ||
38 | } | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 5\n";exit} | ||
41 | "AppArmor: firejail-default enforce" | ||
42 | } | ||
43 | after 100 | ||
44 | |||
45 | send -- "firejail --apparmor.print=test1\r" | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 6\n";exit} | ||
48 | "AppArmor: firejail-default enforce" | ||
49 | } | ||
50 | after 100 | ||
51 | |||
52 | send -- "firejail --apparmor.print=test2\r" | ||
53 | expect { | ||
54 | timeout {puts "TESTING ERROR 7\n";exit} | ||
55 | "AppArmor: firejail-default enforce" | ||
56 | } | ||
57 | after 100 | ||
58 | |||
59 | puts "\nall done\n" | ||
diff --git a/test/filters/filters.sh b/test/filters/filters.sh index 72d699415..917aa93b6 100755 --- a/test/filters/filters.sh +++ b/test/filters/filters.sh | |||
@@ -12,6 +12,12 @@ if [ -f /etc/debian_version ]; then | |||
12 | fi | 12 | fi |
13 | export PATH="$PATH:/usr/lib/firejail:/usr/lib64/firejail" | 13 | export PATH="$PATH:/usr/lib/firejail:/usr/lib64/firejail" |
14 | 14 | ||
15 | if [ -f /sys/kernel/security/apparmor/profiles ]; then | ||
16 | echo "TESTING: apparmor (test/filters/apparmor.exp)" | ||
17 | ./apparmor.exp | ||
18 | else | ||
19 | echo "TESTING SKIP: no apparmor support in Linux kernel (test/filters/apparmor.exp)" | ||
20 | fi | ||
15 | 21 | ||
16 | if [ "$(uname -m)" = "x86_64" ]; then | 22 | if [ "$(uname -m)" = "x86_64" ]; then |
17 | echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)" | 23 | echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)" |