diff options
author | netblue30 <netblue30@yahoo.com> | 2020-10-05 11:20:43 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2020-10-05 11:20:43 -0400 |
commit | a3bf167404043700ec3b561c3c9b1f7a10f35632 (patch) | |
tree | d8a55d93cab405ebc4f23196811b64771924c8df | |
parent | set as 0.9.64rc2 for development until we release the real one (diff) | |
download | firejail-a3bf167404043700ec3b561c3c9b1f7a10f35632.tar.gz firejail-a3bf167404043700ec3b561c3c9b1f7a10f35632.tar.zst firejail-a3bf167404043700ec3b561c3c9b1f7a10f35632.zip |
testing
-rwxr-xr-x | test/appimage/appimage-args.exp | 4 | ||||
-rwxr-xr-x | test/appimage/appimage-v1.exp | 4 | ||||
-rwxr-xr-x | test/apps-x11-xorg/apps-x11-xorg.sh | 9 | ||||
-rwxr-xr-x | test/apps-x11-xorg/firefox.exp | 4 | ||||
-rwxr-xr-x | test/apps-x11-xorg/thunderbird.exp | 4 | ||||
-rwxr-xr-x | test/apps-x11-xorg/transmission-gtk.exp | 4 | ||||
-rwxr-xr-x | test/apps-x11-xorg/transmission-qt.exp | 85 | ||||
-rwxr-xr-x | test/filters/seccomp-chmod-profile.exp | 2 | ||||
-rwxr-xr-x | test/filters/seccomp-chmod.exp | 2 | ||||
-rwxr-xr-x | test/filters/seccomp-run-files.exp | 4 |
10 files changed, 108 insertions, 14 deletions
diff --git a/test/appimage/appimage-args.exp b/test/appimage/appimage-args.exp index 03c7218ac..cee01d509 100755 --- a/test/appimage/appimage-args.exp +++ b/test/appimage/appimage-args.exp | |||
@@ -56,7 +56,7 @@ expect { | |||
56 | sleep 2 | 56 | sleep 2 |
57 | 57 | ||
58 | spawn $env(SHELL) | 58 | spawn $env(SHELL) |
59 | send -- "firemon --seccomp --nowrap\r" | 59 | send -- "firemon --seccomp --wrap\r" |
60 | expect { | 60 | expect { |
61 | timeout {puts "TESTING ERROR 8\n";exit} | 61 | timeout {puts "TESTING ERROR 8\n";exit} |
62 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} | 62 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} |
@@ -71,7 +71,7 @@ expect { | |||
71 | "name=blablabla" | 71 | "name=blablabla" |
72 | } | 72 | } |
73 | after 100 | 73 | after 100 |
74 | send -- "firemon --caps --nowrap\r" | 74 | send -- "firemon --caps --wrap\r" |
75 | expect { | 75 | expect { |
76 | timeout {puts "TESTING ERROR 11\n";exit} | 76 | timeout {puts "TESTING ERROR 11\n";exit} |
77 | "appimage Leafpad" | 77 | "appimage Leafpad" |
diff --git a/test/appimage/appimage-v1.exp b/test/appimage/appimage-v1.exp index 7b6fa2120..80e228145 100755 --- a/test/appimage/appimage-v1.exp +++ b/test/appimage/appimage-v1.exp | |||
@@ -44,7 +44,7 @@ expect { | |||
44 | sleep 2 | 44 | sleep 2 |
45 | 45 | ||
46 | spawn $env(SHELL) | 46 | spawn $env(SHELL) |
47 | send -- "firemon --seccomp --nowrap\r" | 47 | send -- "firemon --seccomp --wrap\r" |
48 | expect { | 48 | expect { |
49 | timeout {puts "TESTING ERROR 5\n";exit} | 49 | timeout {puts "TESTING ERROR 5\n";exit} |
50 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} | 50 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} |
@@ -59,7 +59,7 @@ expect { | |||
59 | "name=blablabla" | 59 | "name=blablabla" |
60 | } | 60 | } |
61 | after 100 | 61 | after 100 |
62 | send -- "firemon --caps --nowrap\r" | 62 | send -- "firemon --caps --wrap\r" |
63 | expect { | 63 | expect { |
64 | timeout {puts "TESTING ERROR 6\n";exit} | 64 | timeout {puts "TESTING ERROR 6\n";exit} |
65 | "appimage Leafpad" | 65 | "appimage Leafpad" |
diff --git a/test/apps-x11-xorg/apps-x11-xorg.sh b/test/apps-x11-xorg/apps-x11-xorg.sh index 843fdc50b..568dee85d 100755 --- a/test/apps-x11-xorg/apps-x11-xorg.sh +++ b/test/apps-x11-xorg/apps-x11-xorg.sh | |||
@@ -25,6 +25,15 @@ else | |||
25 | echo "TESTING SKIP: transmission-gtk not found" | 25 | echo "TESTING SKIP: transmission-gtk not found" |
26 | fi | 26 | fi |
27 | 27 | ||
28 | which transmission-qt 2>/dev/null | ||
29 | if [ "$?" -eq 0 ]; | ||
30 | then | ||
31 | echo "TESTING: transmission-qt x11 xorg" | ||
32 | ./transmission-qt.exp | ||
33 | else | ||
34 | echo "TESTING SKIP: transmission-qt not found" | ||
35 | fi | ||
36 | |||
28 | which thunderbird 2>/dev/null | 37 | which thunderbird 2>/dev/null |
29 | if [ "$?" -eq 0 ]; | 38 | if [ "$?" -eq 0 ]; |
30 | then | 39 | then |
diff --git a/test/apps-x11-xorg/firefox.exp b/test/apps-x11-xorg/firefox.exp index 0a43db568..8322e2d0e 100755 --- a/test/apps-x11-xorg/firefox.exp +++ b/test/apps-x11-xorg/firefox.exp | |||
@@ -41,7 +41,7 @@ expect { | |||
41 | sleep 2 | 41 | sleep 2 |
42 | 42 | ||
43 | spawn $env(SHELL) | 43 | spawn $env(SHELL) |
44 | send -- "firemon --seccomp --nowrap\r" | 44 | send -- "firemon --seccomp --wrap\r" |
45 | expect { | 45 | expect { |
46 | timeout {puts "TESTING ERROR 5\n";exit} | 46 | timeout {puts "TESTING ERROR 5\n";exit} |
47 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} | 47 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} |
@@ -61,7 +61,7 @@ expect { | |||
61 | "name=blablabla" | 61 | "name=blablabla" |
62 | } | 62 | } |
63 | sleep 1 | 63 | sleep 1 |
64 | send -- "firemon --caps --nowrap\r" | 64 | send -- "firemon --caps --wrap\r" |
65 | expect { | 65 | expect { |
66 | timeout {puts "TESTING ERROR 6\n";exit} | 66 | timeout {puts "TESTING ERROR 6\n";exit} |
67 | " firefox" {puts "firefox detected\n";} | 67 | " firefox" {puts "firefox detected\n";} |
diff --git a/test/apps-x11-xorg/thunderbird.exp b/test/apps-x11-xorg/thunderbird.exp index 8cf0ac244..24549e6c8 100755 --- a/test/apps-x11-xorg/thunderbird.exp +++ b/test/apps-x11-xorg/thunderbird.exp | |||
@@ -38,7 +38,7 @@ expect { | |||
38 | sleep 2 | 38 | sleep 2 |
39 | 39 | ||
40 | spawn $env(SHELL) | 40 | spawn $env(SHELL) |
41 | send -- "firemon --seccomp --nowrap\r" | 41 | send -- "firemon --seccomp --wrap\r" |
42 | expect { | 42 | expect { |
43 | timeout {puts "TESTING ERROR 5\n";exit} | 43 | timeout {puts "TESTING ERROR 5\n";exit} |
44 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} | 44 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} |
@@ -57,7 +57,7 @@ expect { | |||
57 | "name=blablabla" | 57 | "name=blablabla" |
58 | } | 58 | } |
59 | sleep 2 | 59 | sleep 2 |
60 | send -- "firemon --caps --nowrap\r" | 60 | send -- "firemon --caps --wrap\r" |
61 | expect { | 61 | expect { |
62 | timeout {puts "TESTING ERROR 6\n";exit} | 62 | timeout {puts "TESTING ERROR 6\n";exit} |
63 | ":firejail" | 63 | ":firejail" |
diff --git a/test/apps-x11-xorg/transmission-gtk.exp b/test/apps-x11-xorg/transmission-gtk.exp index fdbf388e9..b688bc619 100755 --- a/test/apps-x11-xorg/transmission-gtk.exp +++ b/test/apps-x11-xorg/transmission-gtk.exp | |||
@@ -38,7 +38,7 @@ expect { | |||
38 | sleep 2 | 38 | sleep 2 |
39 | 39 | ||
40 | spawn $env(SHELL) | 40 | spawn $env(SHELL) |
41 | send -- "firemon --seccomp --nowrap\r" | 41 | send -- "firemon --seccomp --wrap\r" |
42 | expect { | 42 | expect { |
43 | timeout {puts "TESTING ERROR 5\n";exit} | 43 | timeout {puts "TESTING ERROR 5\n";exit} |
44 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} | 44 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} |
@@ -57,7 +57,7 @@ expect { | |||
57 | "name=blablabla" | 57 | "name=blablabla" |
58 | } | 58 | } |
59 | sleep 1 | 59 | sleep 1 |
60 | send -- "firemon --caps --nowrap\r" | 60 | send -- "firemon --caps --wrap\r" |
61 | expect { | 61 | expect { |
62 | timeout {puts "TESTING ERROR 6\n";exit} | 62 | timeout {puts "TESTING ERROR 6\n";exit} |
63 | ":firejail" | 63 | ":firejail" |
diff --git a/test/apps-x11-xorg/transmission-qt.exp b/test/apps-x11-xorg/transmission-qt.exp new file mode 100755 index 000000000..5864bb845 --- /dev/null +++ b/test/apps-x11-xorg/transmission-qt.exp | |||
@@ -0,0 +1,85 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=test --x11=xorg --ignore=net --ignore=netfilter --ignore=iprange transmission-qt\r" | ||
11 | sleep 10 | ||
12 | |||
13 | spawn $env(SHELL) | ||
14 | send -- "firejail --list\r" | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 3\n";exit} | ||
17 | ":firejail" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
21 | "transmission-qt" | ||
22 | } | ||
23 | sleep 1 | ||
24 | |||
25 | # grsecurity exit | ||
26 | send -- "file /proc/sys/kernel/grsecurity\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR - grsecurity detection\n";exit} | ||
29 | "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit} | ||
30 | "cannot open" {puts "grsecurity not present\n"} | ||
31 | } | ||
32 | |||
33 | send -- "firejail --name=blablabla\r" | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 4\n";exit} | ||
36 | "Child process initialized" | ||
37 | } | ||
38 | sleep 2 | ||
39 | |||
40 | spawn $env(SHELL) | ||
41 | send -- "firemon --seccomp --wrap\r" | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 5\n";exit} | ||
44 | "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit} | ||
45 | ":firejail" | ||
46 | } | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 5.0\n";exit} | ||
49 | "transmission-qt" | ||
50 | } | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} | ||
53 | "Seccomp: 2" | ||
54 | } | ||
55 | expect { | ||
56 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
57 | "name=blablabla" | ||
58 | } | ||
59 | sleep 1 | ||
60 | send -- "firemon --caps --wrap\r" | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 6\n";exit} | ||
63 | ":firejail" | ||
64 | } | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 6.0\n";exit} | ||
67 | "transmission-qt" | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
71 | "CapBnd" | ||
72 | } | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 6.2\n";exit} | ||
75 | "0000000000000000" | ||
76 | } | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 6.3\n";exit} | ||
79 | "name=blablabla" | ||
80 | } | ||
81 | sleep 1 | ||
82 | send -- "firejail --shutdown=test\r" | ||
83 | sleep 3 | ||
84 | |||
85 | puts "\nall done\n" | ||
diff --git a/test/filters/seccomp-chmod-profile.exp b/test/filters/seccomp-chmod-profile.exp index 9b61397ca..22392f882 100755 --- a/test/filters/seccomp-chmod-profile.exp +++ b/test/filters/seccomp-chmod-profile.exp | |||
@@ -41,7 +41,7 @@ expect { | |||
41 | send -- "chmod +x testfile; echo done\r" | 41 | send -- "chmod +x testfile; echo done\r" |
42 | expect { | 42 | expect { |
43 | timeout {puts "TESTING ERROR 5\n";exit} | 43 | timeout {puts "TESTING ERROR 5\n";exit} |
44 | "Bad system call" | 44 | "Operation not permitted" |
45 | } | 45 | } |
46 | expect { | 46 | expect { |
47 | timeout {puts "TESTING ERROR 6\n";exit} | 47 | timeout {puts "TESTING ERROR 6\n";exit} |
diff --git a/test/filters/seccomp-chmod.exp b/test/filters/seccomp-chmod.exp index 01b9cbaac..c72a68c82 100755 --- a/test/filters/seccomp-chmod.exp +++ b/test/filters/seccomp-chmod.exp | |||
@@ -41,7 +41,7 @@ expect { | |||
41 | send -- "chmod +x testfile; echo done\r" | 41 | send -- "chmod +x testfile; echo done\r" |
42 | expect { | 42 | expect { |
43 | timeout {puts "TESTING ERROR 5\n";exit} | 43 | timeout {puts "TESTING ERROR 5\n";exit} |
44 | "Bad system call" | 44 | "Operation not permitted" |
45 | } | 45 | } |
46 | expect { | 46 | expect { |
47 | timeout {puts "TESTING ERROR 6\n";exit} | 47 | timeout {puts "TESTING ERROR 6\n";exit} |
diff --git a/test/filters/seccomp-run-files.exp b/test/filters/seccomp-run-files.exp index fd3033a69..5f468cf24 100755 --- a/test/filters/seccomp-run-files.exp +++ b/test/filters/seccomp-run-files.exp | |||
@@ -24,7 +24,7 @@ after 100 | |||
24 | send -- "ls -l /run/firejail/mnt/seccomp | grep -c seccomp\r" | 24 | send -- "ls -l /run/firejail/mnt/seccomp | grep -c seccomp\r" |
25 | expect { | 25 | expect { |
26 | timeout {puts "TESTING ERROR 3\n";exit} | 26 | timeout {puts "TESTING ERROR 3\n";exit} |
27 | "5" | 27 | "6" |
28 | } | 28 | } |
29 | send -- "exit\r" | 29 | send -- "exit\r" |
30 | sleep 1 | 30 | sleep 1 |
@@ -90,7 +90,7 @@ after 100 | |||
90 | send -- "ls -l /run/firejail/mnt/seccomp | grep -c seccomp\r" | 90 | send -- "ls -l /run/firejail/mnt/seccomp | grep -c seccomp\r" |
91 | expect { | 91 | expect { |
92 | timeout {puts "TESTING ERROR 18\n";exit} | 92 | timeout {puts "TESTING ERROR 18\n";exit} |
93 | "6" | 93 | "8" |
94 | } | 94 | } |
95 | send -- "exit\r" | 95 | send -- "exit\r" |
96 | sleep 1 | 96 | sleep 1 |