testing

author: netblue30 <netblue30@yahoo.com> 2016-10-13 16:45:28 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-10-13 16:45:28 -0400
commit: b88cef5db1132c1e6e94ae282f94d980a959bb15 (patch)
tree: a55248e6645e083bb8128a1165183c4a0f3f4b1c
parent: 0.9.44~rc1 testing (diff)
download: firejail-b88cef5db1132c1e6e94ae282f94d980a959bb15.tar.gz
firejail-b88cef5db1132c1e6e94ae282f94d980a959bb15.tar.zst
firejail-b88cef5db1132c1e6e94ae282f94d980a959bb15.zip
8 files changed, 307 insertions, 6 deletions
diff --git a/Makefile.in b/Makefile.in
index 3f08c5952..ad81c8851 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -195,6 +195,9 @@ test-apps:
 test-apps-x11:
        cd test/apps-x11; ./apps-x11.sh | grep TESTING
+test-apps-x11-xorg:
+        cd test/apps-x11-xorg; ./apps-x11-xorg.sh | grep TESTING
 test-sysutils:
        cd test/sysutils; ./sysutils.sh | grep TESTING
        
@@ -213,5 +216,5 @@ test-network:
 test-fs:
        cd test/fs; ./fs.sh | grep TESTING
-test: test-profiles test-fs test-utils  test-environment test-apps test-apps-x11 test-filters
+test: test-profiles test-fs test-utils  test-environment test-apps test-apps-x11 test-apps-xorg-x11 test-filters
        echo "TEST COMPLETE"
diff --git a/src/include/common.h b/src/include/common.h
index e28870807..f7c8ea725 100644
--- a/src/include/common.h
+++ b/src/include/common.h
@@ -113,5 +113,5 @@ int join_namespace(pid_t pid, char *type);
 int name2pid(const char *name, pid_t *pid);
 char *pid_proc_comm(const pid_t pid);
 char *pid_proc_cmdline(const pid_t pid);
-int pid_proc_cmdline_x11(const pid_t pid);
+int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid);
 #endif
diff --git a/src/lib/common.c b/src/lib/common.c
index acb6bd3b4..fc4c167ba 100644
--- a/src/lib/common.c
+++ b/src/lib/common.c
@@ -201,7 +201,7 @@ char *pid_proc_cmdline(const pid_t pid) {
 }
 // return 1 if firejail --x11 on command line
-int pid_proc_cmdline_x11(const pid_t pid) {
+int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid) {
        // if comm is not firejail return 0
        char *comm = pid_proc_comm(pid);
        if (strcmp(comm, "firejail") != 0) {
@@ -248,8 +248,11 @@ int pid_proc_cmdline_x11(const pid_t pid) {
                        break;
                if (strncmp(arg, "--", 2) != 0)
                        break;
-                        
+                
-                // check x11
+                if (strcmp(arg, "--x11=xorg") == 0)
+                        return 0;
+                
+                // check x11 xpra or xephyr
                if (strncmp(arg, "--x11", 5) == 0)
                        return 1;
                i += strlen(arg);
diff --git a/src/lib/pid.c b/src/lib/pid.c
index bbb123b81..ef1a428fb 100644
--- a/src/lib/pid.c
+++ b/src/lib/pid.c
@@ -341,7 +341,7 @@ void pid_read(pid_t mon_pid) {
                                }
                                if ((strncmp(ptr, "firejail", 8) == 0) && (mon_pid == 0 || mon_pid == pid)) {
-                                        if (pid_proc_cmdline_x11(pid))
+                                        if (pid_proc_cmdline_x11_xpra_xephyr(pid))
                                                pids[pid].level = -1;
                                        else
                                                pids[pid].level = 1;
diff --git a/test/apps-x11-xorg/apps-x11-xorg.sh b/test/apps-x11-xorg/apps-x11-xorg.sh
new file mode 100755
index 000000000..b05914b52
--- /dev/null
+++ b/test/apps-x11-xorg/apps-x11-xorg.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+export MALLOC_CHECK_=3
+export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
+which firefox
+if [ "$?" -eq 0 ];
+then
+        echo "TESTING: firefox x11 xorg"
+        ./firefox.exp
+else
+        echo "TESTING SKIP: firefox not found"
+fi
+which transmission-gtk
+if [ "$?" -eq 0 ];
+then
+        echo "TESTING: transmission-gtk x11 xorg"
+        ./transmission-gtk.exp
+else
+        echo "TESTING SKIP: transmission-gtk not found"
+fi
+which icedove
+if [ "$?" -eq 0 ];
+then
+        echo "TESTING: icedove x11 xorg"
+        ./icedove.exp
+else
+        echo "TESTING SKIP: icedove not found"
+fi
diff --git a/test/apps-x11-xorg/firefox.exp b/test/apps-x11-xorg/firefox.exp
new file mode 100755
index 000000000..5231bf8ed
--- /dev/null
+++ b/test/apps-x11-xorg/firefox.exp
@@ -0,0 +1,90 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --name=test --x11=xorg firefox -no-remote www.gentoo.org\r"
+sleep 10
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.1\n";exit}
+        "firefox" {puts "firefox detected\n";}
+        "iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+        timeout {puts "TESTING ERROR 3.2\n";exit}
+        "no-remote"
+}
+sleep 1
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+        timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+        "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+        "cannot open" {puts "grsecurity not present\n"}
+}
+send -- "firejail --name=blablabla\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "Child process initialized"
+}
+sleep 2
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        " firefox" {puts "firefox detected\n";}
+        " iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+        timeout {puts "TESTING ERROR 5.0\n";exit}
+        "no-remote"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+        "Seccomp:       2"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1\n";exit}
+        "name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        " firefox" {puts "firefox detected\n";}
+        " iceweasel" {puts "iceweasel detected\n";}
+}
+expect {
+        timeout {puts "TESTING ERROR 6.0\n";exit}
+        "no-remote"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.1\n";exit}
+        "CapBnd:"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.2\n";exit}
+        "0000000000000000"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.3\n";exit}
+        "name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+puts "\nall done\n"
diff --git a/test/apps-x11-xorg/icedove.exp b/test/apps-x11-xorg/icedove.exp
new file mode 100755
index 000000000..f676264ed
--- /dev/null
+++ b/test/apps-x11-xorg/icedove.exp
@@ -0,0 +1,85 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --name=test --x11=xorg icedove\r"
+sleep 10
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.1\n";exit}
+        "icedove"
+}
+sleep 1
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+        timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+        "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+        "cannot open" {puts "grsecurity not present\n"}
+}
+send -- "firejail --name=blablabla\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "Child process initialized"
+}
+sleep 2
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.0\n";exit}
+        "icedove"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+        "Seccomp:       2"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1\n";exit}
+        "name=blablabla"
+}
+sleep 2
+send -- "firemon --caps\r"
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.0\n";exit}
+        "icedove"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.1\n";exit}
+        "CapBnd"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.2\n";exit}
+        "0000000000000000"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.3\n";exit}
+        "name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+puts "\nall done\n"
diff --git a/test/apps-x11-xorg/transmission-gtk.exp b/test/apps-x11-xorg/transmission-gtk.exp
new file mode 100755
index 000000000..a91a1be08
--- /dev/null
+++ b/test/apps-x11-xorg/transmission-gtk.exp
@@ -0,0 +1,85 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --name=test --x11=xorg transmission-gtk\r"
+sleep 10
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.1\n";exit}
+        "transmission-gtk"
+}
+sleep 1
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+        timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+        "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+        "cannot open" {puts "grsecurity not present\n"}
+}
+send -- "firejail --name=blablabla\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "Child process initialized"
+}
+sleep 2
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.0\n";exit}
+        "transmission-gtk"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+        "Seccomp:       2"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1\n";exit}
+        "name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.0\n";exit}
+        "transmission-gtk"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.1\n";exit}
+        "CapBnd"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.2\n";exit}
+        "0000000000000000"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.3\n";exit}
+        "name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+puts "\nall done\n"
author	netblue30 <netblue30@yahoo.com>	2016-10-13 16:45:28 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-10-13 16:45:28 -0400
commit	b88cef5db1132c1e6e94ae282f94d980a959bb15 (patch)
tree	a55248e6645e083bb8128a1165183c4a0f3f4b1c
parent	0.9.44~rc1 testing (diff)
download	firejail-b88cef5db1132c1e6e94ae282f94d980a959bb15.tar.gz firejail-b88cef5db1132c1e6e94ae282f94d980a959bb15.tar.zst firejail-b88cef5db1132c1e6e94ae282f94d980a959bb15.zip

diff --git a/Makefile.in b/Makefile.in index 3f08c5952..ad81c8851 100644 --- a/Makefile.in +++ b/Makefile.in
@@ -195,6 +195,9 @@ test-apps:
195	test-apps-x11:	195	test-apps-x11:
196	cd test/apps-x11; ./apps-x11.sh \| grep TESTING	196	cd test/apps-x11; ./apps-x11.sh \| grep TESTING
197		197
		198	test-apps-x11-xorg:
		199	cd test/apps-x11-xorg; ./apps-x11-xorg.sh \| grep TESTING
		200
198	test-sysutils:	201	test-sysutils:
199	cd test/sysutils; ./sysutils.sh \| grep TESTING	202	cd test/sysutils; ./sysutils.sh \| grep TESTING
200		203
@@ -213,5 +216,5 @@ test-network:
213	test-fs:	216	test-fs:
214	cd test/fs; ./fs.sh \| grep TESTING	217	cd test/fs; ./fs.sh \| grep TESTING
215		218
216	test: test-profiles test-fs test-utils test-environment test-apps test-apps-x11 test-filters	219	test: test-profiles test-fs test-utils test-environment test-apps test-apps-x11 test-apps-xorg-x11 test-filters
217	echo "TEST COMPLETE"	220	echo "TEST COMPLETE"


diff --git a/src/include/common.h b/src/include/common.h index e28870807..f7c8ea725 100644 --- a/src/include/common.h +++ b/src/include/common.h
@@ -113,5 +113,5 @@ int join_namespace(pid_t pid, char *type);
113	int name2pid(const char name, pid_t pid);	113	int name2pid(const char name, pid_t pid);
114	char *pid_proc_comm(const pid_t pid);	114	char *pid_proc_comm(const pid_t pid);
115	char *pid_proc_cmdline(const pid_t pid);	115	char *pid_proc_cmdline(const pid_t pid);
116	int pid_proc_cmdline_x11(const pid_t pid);	116	int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid);
117	#endif	117	#endif


diff --git a/src/lib/common.c b/src/lib/common.c index acb6bd3b4..fc4c167ba 100644 --- a/src/lib/common.c +++ b/src/lib/common.c
@@ -201,7 +201,7 @@ char *pid_proc_cmdline(const pid_t pid) {
201	}	201	}
202		202
203	// return 1 if firejail --x11 on command line	203	// return 1 if firejail --x11 on command line
204	int pid_proc_cmdline_x11(const pid_t pid) {	204	int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid) {
205	// if comm is not firejail return 0	205	// if comm is not firejail return 0
206	char *comm = pid_proc_comm(pid);	206	char *comm = pid_proc_comm(pid);
207	if (strcmp(comm, "firejail") != 0) {	207	if (strcmp(comm, "firejail") != 0) {
@@ -248,8 +248,11 @@ int pid_proc_cmdline_x11(const pid_t pid) {
248	break;	248	break;
249	if (strncmp(arg, "--", 2) != 0)	249	if (strncmp(arg, "--", 2) != 0)
250	break;	250	break;
251		251
252	// check x11	252	if (strcmp(arg, "--x11=xorg") == 0)
		253	return 0;
		254
		255	// check x11 xpra or xephyr
253	if (strncmp(arg, "--x11", 5) == 0)	256	if (strncmp(arg, "--x11", 5) == 0)
254	return 1;	257	return 1;
255	i += strlen(arg);	258	i += strlen(arg);


diff --git a/src/lib/pid.c b/src/lib/pid.c index bbb123b81..ef1a428fb 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c
@@ -341,7 +341,7 @@ void pid_read(pid_t mon_pid) {
341	}	341	}
342		342
343	if ((strncmp(ptr, "firejail", 8) == 0) && (mon_pid == 0 \|\| mon_pid == pid)) {	343	if ((strncmp(ptr, "firejail", 8) == 0) && (mon_pid == 0 \|\| mon_pid == pid)) {
344	if (pid_proc_cmdline_x11(pid))	344	if (pid_proc_cmdline_x11_xpra_xephyr(pid))
345	pids[pid].level = -1;	345	pids[pid].level = -1;
346	else	346	else
347	pids[pid].level = 1;	347	pids[pid].level = 1;


diff --git a/test/apps-x11-xorg/apps-x11-xorg.sh b/test/apps-x11-xorg/apps-x11-xorg.sh new file mode 100755 index 000000000..b05914b52 --- /dev/null +++ b/test/apps-x11-xorg/apps-x11-xorg.sh
@@ -0,0 +1,35 @@
		1	#!/bin/bash
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2016 Firejail Authors
		4	# License GPL v2
		5
		6	export MALLOC_CHECK_=3
		7	export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
		8
		9	which firefox
		10	if [ "$?" -eq 0 ];
		11	then
		12	echo "TESTING: firefox x11 xorg"
		13	./firefox.exp
		14	else
		15	echo "TESTING SKIP: firefox not found"
		16	fi
		17
		18	which transmission-gtk
		19	if [ "$?" -eq 0 ];
		20	then
		21	echo "TESTING: transmission-gtk x11 xorg"
		22	./transmission-gtk.exp
		23	else
		24	echo "TESTING SKIP: transmission-gtk not found"
		25	fi
		26
		27	which icedove
		28	if [ "$?" -eq 0 ];
		29	then
		30	echo "TESTING: icedove x11 xorg"
		31	./icedove.exp
		32	else
		33	echo "TESTING SKIP: icedove not found"
		34	fi
		35


diff --git a/test/apps-x11-xorg/firefox.exp b/test/apps-x11-xorg/firefox.exp new file mode 100755 index 000000000..5231bf8ed --- /dev/null +++ b/test/apps-x11-xorg/firefox.exp
@@ -0,0 +1,90 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2016 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --name=test --x11=xorg firefox -no-remote www.gentoo.org\r"
		11	sleep 10
		12
		13	spawn $env(SHELL)
		14	send -- "firejail --list\r"
		15	expect {
		16	timeout {puts "TESTING ERROR 3\n";exit}
		17	":firejail"
		18	}
		19	expect {
		20	timeout {puts "TESTING ERROR 3.1\n";exit}
		21	"firefox" {puts "firefox detected\n";}
		22	"iceweasel" {puts "iceweasel detected\n";}
		23	}
		24	expect {
		25	timeout {puts "TESTING ERROR 3.2\n";exit}
		26	"no-remote"
		27	}
		28	sleep 1
		29	# grsecurity exit
		30	send -- "file /proc/sys/kernel/grsecurity\r"
		31	expect {
		32	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
		33	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
		34	"cannot open" {puts "grsecurity not present\n"}
		35	}
		36	send -- "firejail --name=blablabla\r"
		37	expect {
		38	timeout {puts "TESTING ERROR 4\n";exit}
		39	"Child process initialized"
		40	}
		41	sleep 2
		42
		43	spawn $env(SHELL)
		44	send -- "firemon --seccomp\r"
		45	expect {
		46	timeout {puts "TESTING ERROR 5\n";exit}
		47	" firefox" {puts "firefox detected\n";}
		48	" iceweasel" {puts "iceweasel detected\n";}
		49	}
		50	expect {
		51	timeout {puts "TESTING ERROR 5.0\n";exit}
		52	"no-remote"
		53	}
		54	expect {
		55	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
		56	"Seccomp: 2"
		57	}
		58	expect {
		59	timeout {puts "TESTING ERROR 5.1\n";exit}
		60	"name=blablabla"
		61	}
		62	sleep 1
		63	send -- "firemon --caps\r"
		64	expect {
		65	timeout {puts "TESTING ERROR 6\n";exit}
		66	" firefox" {puts "firefox detected\n";}
		67	" iceweasel" {puts "iceweasel detected\n";}
		68	}
		69	expect {
		70	timeout {puts "TESTING ERROR 6.0\n";exit}
		71	"no-remote"
		72	}
		73	expect {
		74	timeout {puts "TESTING ERROR 6.1\n";exit}
		75	"CapBnd:"
		76	}
		77	expect {
		78	timeout {puts "TESTING ERROR 6.2\n";exit}
		79	"0000000000000000"
		80	}
		81	expect {
		82	timeout {puts "TESTING ERROR 6.3\n";exit}
		83	"name=blablabla"
		84	}
		85	sleep 1
		86	send -- "firejail --shutdown=test\r"
		87	sleep 3
		88
		89	puts "\nall done\n"
		90


diff --git a/test/apps-x11-xorg/icedove.exp b/test/apps-x11-xorg/icedove.exp new file mode 100755 index 000000000..f676264ed --- /dev/null +++ b/test/apps-x11-xorg/icedove.exp
@@ -0,0 +1,85 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2016 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --name=test --x11=xorg icedove\r"
		11	sleep 10
		12
		13	spawn $env(SHELL)
		14	send -- "firejail --list\r"
		15	expect {
		16	timeout {puts "TESTING ERROR 3\n";exit}
		17	":firejail"
		18	}
		19	expect {
		20	timeout {puts "TESTING ERROR 3.1\n";exit}
		21	"icedove"
		22	}
		23	sleep 1
		24
		25	# grsecurity exit
		26	send -- "file /proc/sys/kernel/grsecurity\r"
		27	expect {
		28	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
		29	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
		30	"cannot open" {puts "grsecurity not present\n"}
		31	}
		32
		33	send -- "firejail --name=blablabla\r"
		34	expect {
		35	timeout {puts "TESTING ERROR 4\n";exit}
		36	"Child process initialized"
		37	}
		38	sleep 2
		39
		40	spawn $env(SHELL)
		41	send -- "firemon --seccomp\r"
		42	expect {
		43	timeout {puts "TESTING ERROR 5\n";exit}
		44	":firejail"
		45	}
		46	expect {
		47	timeout {puts "TESTING ERROR 5.0\n";exit}
		48	"icedove"
		49	}
		50	expect {
		51	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
		52	"Seccomp: 2"
		53	}
		54	expect {
		55	timeout {puts "TESTING ERROR 5.1\n";exit}
		56	"name=blablabla"
		57	}
		58	sleep 2
		59	send -- "firemon --caps\r"
		60	expect {
		61	timeout {puts "TESTING ERROR 6\n";exit}
		62	":firejail"
		63	}
		64	expect {
		65	timeout {puts "TESTING ERROR 6.0\n";exit}
		66	"icedove"
		67	}
		68	expect {
		69	timeout {puts "TESTING ERROR 6.1\n";exit}
		70	"CapBnd"
		71	}
		72	expect {
		73	timeout {puts "TESTING ERROR 6.2\n";exit}
		74	"0000000000000000"
		75	}
		76	expect {
		77	timeout {puts "TESTING ERROR 6.3\n";exit}
		78	"name=blablabla"
		79	}
		80	sleep 1
		81	send -- "firejail --shutdown=test\r"
		82	sleep 3
		83
		84	puts "\nall done\n"
		85


diff --git a/test/apps-x11-xorg/transmission-gtk.exp b/test/apps-x11-xorg/transmission-gtk.exp new file mode 100755 index 000000000..a91a1be08 --- /dev/null +++ b/test/apps-x11-xorg/transmission-gtk.exp
@@ -0,0 +1,85 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2016 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --name=test --x11=xorg transmission-gtk\r"
		11	sleep 10
		12
		13	spawn $env(SHELL)
		14	send -- "firejail --list\r"
		15	expect {
		16	timeout {puts "TESTING ERROR 3\n";exit}
		17	":firejail"
		18	}
		19	expect {
		20	timeout {puts "TESTING ERROR 3.1\n";exit}
		21	"transmission-gtk"
		22	}
		23	sleep 1
		24
		25	# grsecurity exit
		26	send -- "file /proc/sys/kernel/grsecurity\r"
		27	expect {
		28	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
		29	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
		30	"cannot open" {puts "grsecurity not present\n"}
		31	}
		32
		33	send -- "firejail --name=blablabla\r"
		34	expect {
		35	timeout {puts "TESTING ERROR 4\n";exit}
		36	"Child process initialized"
		37	}
		38	sleep 2
		39
		40	spawn $env(SHELL)
		41	send -- "firemon --seccomp\r"
		42	expect {
		43	timeout {puts "TESTING ERROR 5\n";exit}
		44	":firejail"
		45	}
		46	expect {
		47	timeout {puts "TESTING ERROR 5.0\n";exit}
		48	"transmission-gtk"
		49	}
		50	expect {
		51	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
		52	"Seccomp: 2"
		53	}
		54	expect {
		55	timeout {puts "TESTING ERROR 5.1\n";exit}
		56	"name=blablabla"
		57	}
		58	sleep 1
		59	send -- "firemon --caps\r"
		60	expect {
		61	timeout {puts "TESTING ERROR 6\n";exit}
		62	":firejail"
		63	}
		64	expect {
		65	timeout {puts "TESTING ERROR 6.0\n";exit}
		66	"transmission-gtk"
		67	}
		68	expect {
		69	timeout {puts "TESTING ERROR 6.1\n";exit}
		70	"CapBnd"
		71	}
		72	expect {
		73	timeout {puts "TESTING ERROR 6.2\n";exit}
		74	"0000000000000000"
		75	}
		76	expect {
		77	timeout {puts "TESTING ERROR 6.3\n";exit}
		78	"name=blablabla"
		79	}
		80	sleep 1
		81	send -- "firejail --shutdown=test\r"
		82	sleep 3
		83
		84	puts "\nall done\n"
		85