testing

author: netblue30 <netblue30@yahoo.com> 2018-04-01 07:48:11 -0400
committer: netblue30 <netblue30@yahoo.com> 2018-04-01 07:48:11 -0400
commit: 1fb1bfe20fbde64d769e846b1581ce021d03e864 (patch)
tree: b284305324ca31fa5c0b2b318a9dbeaae146da55
parent: merges (diff)
download: firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.tar.gz
firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.tar.zst
firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.zip
9 files changed, 361 insertions, 24 deletions
diff --git a/src/fnetfilter/main.c b/src/fnetfilter/main.c
index 828b30d40..ba58ba3c9 100644
--- a/src/fnetfilter/main.c
+++ b/src/fnetfilter/main.c
@@ -50,19 +50,20 @@ static void usage(void) {
        printf("\tfnetfilter netfilter-command destination-file\n");
 }
+static void err_exit_cannot_open_file(const char *fname) {
+        fprintf(stderr, "Error fnetfilter: cannot open %s\n", fname);
+        exit(1);
+}
 static void copy(const char *src, const char *dest) {
        FILE *fp1 = fopen(src, "r");
-        if (!fp1) {
+        if (!fp1)
-                fprintf(stderr, "Error fnetfilter: cannot open %s\n", src);
+                err_exit_cannot_open_file(src);
-                exit(1);
-        }
        FILE *fp2 = fopen(dest, "w");
-        if (!fp2) {
+        if (!fp2)
-                fprintf(stderr, "Error fnetfilter: cannot open %s\n", dest);
+                err_exit_cannot_open_file(dest);
-                exit(1);
-        }
        char buf[MAXBUF];
        while (fgets(buf, MAXBUF, fp1))
@@ -106,16 +107,12 @@ for (i = 0; i < argcnt; i++)
        // open the files
        FILE *fp1 = fopen(src, "r");
-        if (!fp1) {
+        if (!fp1)
-                fprintf(stderr, "Error fnetfilter: cannot open %s\n", src);
+                err_exit_cannot_open_file(src);
-                exit(1);
-        }
        FILE *fp2 = fopen(dest, "w");
-        if (!fp2) {
+        if (!fp2)
-                fprintf(stderr, "Error fnetfilter: cannot open %s\n", dest);
+                err_exit_cannot_open_file(dest);
-                exit(1);
-        }
        int line = 0;
        char buf[MAXBUF];
@@ -186,19 +183,15 @@ printf("\n");
 //printf("destfile %s\n", destfile);
        // destfile is a real filename
        int len = strlen(destfile);
-        if (strcspn(destfile, "\\&!?\"'<>%^(){};,*[]") != (size_t)len) {
+        if (strcspn(destfile, "\\&!?\"'<>%^(){};,*[]") != (size_t)len)
-                fprintf(stderr, "Error fnetfilter: invalid destination file in netfilter command\n");
+                err_exit_cannot_open_file(destfile);
-                exit(1);
-        }
        // handle default config (command = NULL, destfile)
        if (command == NULL) {
                // create a default filter file
                FILE *fp = fopen(destfile, "w");
-                if (!fp) {
+                if (!fp)
-                        fprintf(stderr, "Error fnetfilter: cannot open %s\n", destfile);
+                        err_exit_cannot_open_file(destfile);
-                        exit(1);
-                }
                fprintf(fp, "%s\n", default_filter);
                fclose(fp);
        }
diff --git a/test/environment/csh.exp b/test/environment/csh.exp
index 7b9fe7dc4..10a278ebc 100755
--- a/test/environment/csh.exp
+++ b/test/environment/csh.exp
@@ -30,6 +30,20 @@ expect {
        "/bin/csh"
 }
 send -- "exit\r"
+sleep 1
+send -- "firejail --shell=none --csh\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "shell=none was already specified"
+}
+after 100
+send -- "firejail --csh --shell=none\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "a shell was already specified"
+}
 after 100
 puts "\n"
diff --git a/test/environment/zsh.exp b/test/environment/zsh.exp
index 65fe440c7..e7f610e98 100755
--- a/test/environment/zsh.exp
+++ b/test/environment/zsh.exp
@@ -30,6 +30,20 @@ expect {
        "/bin/zsh"
 }
 send -- "exit\r"
+sleep 1
+send -- "firejail --shell=none --zsh\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "shell=none was already specified"
+}
+after 100
+send -- "firejail --zsh --shell=none\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "a shell was already specified"
+}
 after 100
 puts "\nall done\n"
diff --git a/test/network/netfilter-template.exp b/test/network/netfilter-template.exp
index 1ad28a103..5a15152d3 100755
--- a/test/network/netfilter-template.exp
+++ b/test/network/netfilter-template.exp
@@ -7,6 +7,14 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
+send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/blablabla\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "invalid network filter file"
+}
+sleep 1
 send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/tcpserver.net,5555 ./tcpserver 5555\r"
 expect {
        timeout {puts "TESTING ERROR 1\n";exit}
@@ -15,6 +23,21 @@ expect {
 sleep 1
 spawn $env(SHELL)
+send -- "firejail --netfilter.print=test1\r"
+expect {
+        timeout {puts "TESTING ERROR 1.1\n";exit}
+        "Chain INPUT"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.2\n";exit}
+        "Chain FORWARD"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.3\n";exit}
+        "Chain OUTPUT"
+}
+sleep 1
 send -- "telnet 10.10.30.10 5555\r"
 expect {
        timeout {puts "TESTING ERROR 2\n";exit}
diff --git a/test/utils/audit.exp b/test/utils/audit.exp
index 684886af7..6352dc62d 100755
--- a/test/utils/audit.exp
+++ b/test/utils/audit.exp
@@ -96,4 +96,64 @@ expect {
 }
 after 100
+# test seccomp
+send -- "firejail --seccomp.drop=mkdir --audit\r"
+expect {
+        timeout {puts "TESTING ERROR 17\n";exit}
+        "Firejail Audit"
+}
+expect {
+        timeout {puts "TESTING ERROR 18\n";exit}
+        "GOOD: seccomp BPF enabled"
+}
+expect {
+        timeout {puts "TESTING ERROR 19\n";exit}
+        "UGLY: mount syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 20\n";exit}
+        "UGLY: umount2 syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 21\n";exit}
+        "UGLY: ptrace syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 22\n";exit}
+        "UGLY: swapon syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 23\n";exit}
+        "UGLY: swapoff syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 24\n";exit}
+        "UGLY: init_module syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 25\n";exit}
+        "UGLY: delete_module syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 26\n";exit}
+        "UGLY: chroot syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 27\n";exit}
+        "UGLY: pivot_root syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 28\n";exit}
+        "UGLY: iopl syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 29\n";exit}
+        "UGLY: ioperm syscall permitted"
+}
+expect {
+        timeout {puts "TESTING ERROR 30\n";exit}
+        "GOOD: all capabilities are disabled"
+}
+after 100
 puts "\nall done\n"
diff --git a/test/utils/command.exp b/test/utils/command.exp
new file mode 100755
index 000000000..3b18540db
--- /dev/null
+++ b/test/utils/command.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --quiet --private-etc=passwd,group -c ls -al /etc\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "cron" {puts "TESTING ERROR 2\n";exit}
+        "group"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "passwd"
+}
+after 100
+puts "\nall done\n"
diff --git a/test/utils/name.exp b/test/utils/name.exp
new file mode 100755
index 000000000..f00b5866e
--- /dev/null
+++ b/test/utils/name.exp
@@ -0,0 +1,174 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 7\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 8\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 9\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 10\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 11\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+        timeout {puts "TESTING ERROR 12\n";exit}
+        ":ftest:"
+}
+expect {
+        timeout {puts "TESTING ERROR 13\n";exit}
+        ":ftest-1:"
+}
+expect {
+        timeout {puts "TESTING ERROR 14\n";exit}
+        ":ftest-2:"
+}
+expect {
+        timeout {puts "TESTING ERROR 15\n";exit}
+        ":ftest-3:"
+}
+expect {
+        timeout {puts "TESTING ERROR 16\n";exit}
+        ":ftest-4:"
+}
+expect {
+        timeout {puts "TESTING ERROR 17\n";exit}
+        ":ftest-5:"
+}
+expect {
+        timeout {puts "TESTING ERROR 18\n";exit}
+        ":ftest-6:"
+}
+expect {
+        timeout {puts "TESTING ERROR 19\n";exit}
+        ":ftest-7:"
+}
+expect {
+        timeout {puts "TESTING ERROR 20\n";exit}
+        ":ftest-8:"
+}
+expect {
+        timeout {puts "TESTING ERROR 21\n";exit}
+        ":ftest-9:"
+}
+expect {
+        timeout {puts "TESTING ERROR 22\n";exit}
+        ":ftest-"
+}
+expect {
+        timeout {puts "TESTING ERROR 23\n";exit}
+        ":ftest-"
+}
+after 100
+send -- "firejail --shutdown=ftest-5\r"
+expect {
+        timeout {puts "TESTING ERROR 11\n";exit}
+        "Sending SIGTERM"
+}
+sleep 1
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+        timeout {puts "TESTING ERROR 12\n";exit}
+        ":ftest-5:"  {puts "TESTING ERROR 15\n";exit}
+        ":ftest-9:"
+}
+after 100
+puts "all done\n"
diff --git a/test/utils/profile_print.exp b/test/utils/profile_print.exp
new file mode 100755
index 000000000..20d88a264
--- /dev/null
+++ b/test/utils/profile_print.exp
@@ -0,0 +1,27 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --name=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+after 100
+spawn $env(SHELL)
+send -- "firejail --profile.print=ftest\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "/etc/firejail/default.profile"
+}
+after 100
+puts "all done\n"
diff --git a/test/utils/utils.sh b/test/utils/utils.sh
index d72cc2269..9259ee33a 100755
--- a/test/utils/utils.sh
+++ b/test/utils/utils.sh
@@ -20,6 +20,15 @@ rm -f ~/firejail-test-file-7699
 echo "TESTING: audit (test/utils/audit.exp)"
 ./audit.exp
+echo "TESTING: name (test/utils/name.exp)"
+./name.exp
+echo "TESTING: command (test/utils/command.exp)"
+./command.exp
+echo "TESTING: profile.print (test/utils/profile_print.exp)"
+./profile_print.exp
 echo "TESTING: version (test/utils/version.exp)"
 ./version.exp
author	netblue30 <netblue30@yahoo.com>	2018-04-01 07:48:11 -0400
committer	netblue30 <netblue30@yahoo.com>	2018-04-01 07:48:11 -0400
commit	1fb1bfe20fbde64d769e846b1581ce021d03e864 (patch)
tree	b284305324ca31fa5c0b2b318a9dbeaae146da55
parent	merges (diff)
download	firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.tar.gz firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.tar.zst firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.zip

diff --git a/src/fnetfilter/main.c b/src/fnetfilter/main.c index 828b30d40..ba58ba3c9 100644 --- a/src/fnetfilter/main.c +++ b/src/fnetfilter/main.c
@@ -50,19 +50,20 @@ static void usage(void) {
50	printf("\tfnetfilter netfilter-command destination-file\n");	50	printf("\tfnetfilter netfilter-command destination-file\n");
51	}	51	}
52		52
		53	static void err_exit_cannot_open_file(const char *fname) {
		54	fprintf(stderr, "Error fnetfilter: cannot open %s\n", fname);
		55	exit(1);
		56	}
		57
53		58
54	static void copy(const char src, const char dest) {	59	static void copy(const char src, const char dest) {
55	FILE *fp1 = fopen(src, "r");	60	FILE *fp1 = fopen(src, "r");
56	if (!fp1) {	61	if (!fp1)
57	fprintf(stderr, "Error fnetfilter: cannot open %s\n", src);	62	err_exit_cannot_open_file(src);
58	exit(1);
59	}
60		63
61	FILE *fp2 = fopen(dest, "w");	64	FILE *fp2 = fopen(dest, "w");
62	if (!fp2) {	65	if (!fp2)
63	fprintf(stderr, "Error fnetfilter: cannot open %s\n", dest);	66	err_exit_cannot_open_file(dest);
64	exit(1);
65	}
66		67
67	char buf[MAXBUF];	68	char buf[MAXBUF];
68	while (fgets(buf, MAXBUF, fp1))	69	while (fgets(buf, MAXBUF, fp1))
@@ -106,16 +107,12 @@ for (i = 0; i < argcnt; i++)
106		107
107	// open the files	108	// open the files
108	FILE *fp1 = fopen(src, "r");	109	FILE *fp1 = fopen(src, "r");
109	if (!fp1) {	110	if (!fp1)
110	fprintf(stderr, "Error fnetfilter: cannot open %s\n", src);	111	err_exit_cannot_open_file(src);
111	exit(1);
112	}
113		112
114	FILE *fp2 = fopen(dest, "w");	113	FILE *fp2 = fopen(dest, "w");
115	if (!fp2) {	114	if (!fp2)
116	fprintf(stderr, "Error fnetfilter: cannot open %s\n", dest);	115	err_exit_cannot_open_file(dest);
117	exit(1);
118	}
119		116
120	int line = 0;	117	int line = 0;
121	char buf[MAXBUF];	118	char buf[MAXBUF];
@@ -186,19 +183,15 @@ printf("\n");
186	//printf("destfile %s\n", destfile);	183	//printf("destfile %s\n", destfile);
187	// destfile is a real filename	184	// destfile is a real filename
188	int len = strlen(destfile);	185	int len = strlen(destfile);
189	if (strcspn(destfile, "\\&!?\"'<>%^(){};,*[]") != (size_t)len) {	186	if (strcspn(destfile, "\\&!?\"'<>%^(){};,*[]") != (size_t)len)
190	fprintf(stderr, "Error fnetfilter: invalid destination file in netfilter command\n");	187	err_exit_cannot_open_file(destfile);
191	exit(1);
192	}
193		188
194	// handle default config (command = NULL, destfile)	189	// handle default config (command = NULL, destfile)
195	if (command == NULL) {	190	if (command == NULL) {
196	// create a default filter file	191	// create a default filter file
197	FILE *fp = fopen(destfile, "w");	192	FILE *fp = fopen(destfile, "w");
198	if (!fp) {	193	if (!fp)
199	fprintf(stderr, "Error fnetfilter: cannot open %s\n", destfile);	194	err_exit_cannot_open_file(destfile);
200	exit(1);
201	}
202	fprintf(fp, "%s\n", default_filter);	195	fprintf(fp, "%s\n", default_filter);
203	fclose(fp);	196	fclose(fp);
204	}	197	}


diff --git a/test/environment/csh.exp b/test/environment/csh.exp index 7b9fe7dc4..10a278ebc 100755 --- a/test/environment/csh.exp +++ b/test/environment/csh.exp
@@ -30,6 +30,20 @@ expect {
30	"/bin/csh"	30	"/bin/csh"
31	}	31	}
32	send -- "exit\r"	32	send -- "exit\r"
		33	sleep 1
		34
		35	send -- "firejail --shell=none --csh\r"
		36	expect {
		37	timeout {puts "TESTING ERROR 3\n";exit}
		38	"shell=none was already specified"
		39	}
		40	after 100
		41
		42	send -- "firejail --csh --shell=none\r"
		43	expect {
		44	timeout {puts "TESTING ERROR 4\n";exit}
		45	"a shell was already specified"
		46	}
33	after 100	47	after 100
34		48
35	puts "\n"	49	puts "\n"


diff --git a/test/environment/zsh.exp b/test/environment/zsh.exp index 65fe440c7..e7f610e98 100755 --- a/test/environment/zsh.exp +++ b/test/environment/zsh.exp
@@ -30,6 +30,20 @@ expect {
30	"/bin/zsh"	30	"/bin/zsh"
31	}	31	}
32	send -- "exit\r"	32	send -- "exit\r"
		33	sleep 1
		34
		35	send -- "firejail --shell=none --zsh\r"
		36	expect {
		37	timeout {puts "TESTING ERROR 3\n";exit}
		38	"shell=none was already specified"
		39	}
		40	after 100
		41
		42	send -- "firejail --zsh --shell=none\r"
		43	expect {
		44	timeout {puts "TESTING ERROR 4\n";exit}
		45	"a shell was already specified"
		46	}
33	after 100	47	after 100
34		48
35	puts "\nall done\n"	49	puts "\nall done\n"


diff --git a/test/network/netfilter-template.exp b/test/network/netfilter-template.exp index 1ad28a103..5a15152d3 100755 --- a/test/network/netfilter-template.exp +++ b/test/network/netfilter-template.exp
@@ -7,6 +7,14 @@ set timeout 10
7	spawn $env(SHELL)	7	spawn $env(SHELL)
8	match_max 100000	8	match_max 100000
9		9
		10
		11	send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/blablabla\r"
		12	expect {
		13	timeout {puts "TESTING ERROR 0\n";exit}
		14	"invalid network filter file"
		15	}
		16	sleep 1
		17
10	send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/tcpserver.net,5555 ./tcpserver 5555\r"	18	send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/tcpserver.net,5555 ./tcpserver 5555\r"
11	expect {	19	expect {
12	timeout {puts "TESTING ERROR 1\n";exit}	20	timeout {puts "TESTING ERROR 1\n";exit}
@@ -15,6 +23,21 @@ expect {
15	sleep 1	23	sleep 1
16		24
17	spawn $env(SHELL)	25	spawn $env(SHELL)
		26	send -- "firejail --netfilter.print=test1\r"
		27	expect {
		28	timeout {puts "TESTING ERROR 1.1\n";exit}
		29	"Chain INPUT"
		30	}
		31	expect {
		32	timeout {puts "TESTING ERROR 1.2\n";exit}
		33	"Chain FORWARD"
		34	}
		35	expect {
		36	timeout {puts "TESTING ERROR 1.3\n";exit}
		37	"Chain OUTPUT"
		38	}
		39	sleep 1
		40
18	send -- "telnet 10.10.30.10 5555\r"	41	send -- "telnet 10.10.30.10 5555\r"
19	expect {	42	expect {
20	timeout {puts "TESTING ERROR 2\n";exit}	43	timeout {puts "TESTING ERROR 2\n";exit}


diff --git a/test/utils/audit.exp b/test/utils/audit.exp index 684886af7..6352dc62d 100755 --- a/test/utils/audit.exp +++ b/test/utils/audit.exp
@@ -96,4 +96,64 @@ expect {
96	}	96	}
97	after 100	97	after 100
98		98
		99	# test seccomp
		100	send -- "firejail --seccomp.drop=mkdir --audit\r"
		101	expect {
		102	timeout {puts "TESTING ERROR 17\n";exit}
		103	"Firejail Audit"
		104	}
		105	expect {
		106	timeout {puts "TESTING ERROR 18\n";exit}
		107	"GOOD: seccomp BPF enabled"
		108	}
		109	expect {
		110	timeout {puts "TESTING ERROR 19\n";exit}
		111	"UGLY: mount syscall permitted"
		112	}
		113	expect {
		114	timeout {puts "TESTING ERROR 20\n";exit}
		115	"UGLY: umount2 syscall permitted"
		116	}
		117	expect {
		118	timeout {puts "TESTING ERROR 21\n";exit}
		119	"UGLY: ptrace syscall permitted"
		120	}
		121	expect {
		122	timeout {puts "TESTING ERROR 22\n";exit}
		123	"UGLY: swapon syscall permitted"
		124	}
		125	expect {
		126	timeout {puts "TESTING ERROR 23\n";exit}
		127	"UGLY: swapoff syscall permitted"
		128	}
		129	expect {
		130	timeout {puts "TESTING ERROR 24\n";exit}
		131	"UGLY: init_module syscall permitted"
		132	}
		133	expect {
		134	timeout {puts "TESTING ERROR 25\n";exit}
		135	"UGLY: delete_module syscall permitted"
		136	}
		137	expect {
		138	timeout {puts "TESTING ERROR 26\n";exit}
		139	"UGLY: chroot syscall permitted"
		140	}
		141	expect {
		142	timeout {puts "TESTING ERROR 27\n";exit}
		143	"UGLY: pivot_root syscall permitted"
		144	}
		145	expect {
		146	timeout {puts "TESTING ERROR 28\n";exit}
		147	"UGLY: iopl syscall permitted"
		148	}
		149	expect {
		150	timeout {puts "TESTING ERROR 29\n";exit}
		151	"UGLY: ioperm syscall permitted"
		152	}
		153	expect {
		154	timeout {puts "TESTING ERROR 30\n";exit}
		155	"GOOD: all capabilities are disabled"
		156	}
		157	after 100
		158
99	puts "\nall done\n"	159	puts "\nall done\n"


diff --git a/test/utils/command.exp b/test/utils/command.exp new file mode 100755 index 000000000..3b18540db --- /dev/null +++ b/test/utils/command.exp
@@ -0,0 +1,23 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2018 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --quiet --private-etc=passwd,group -c ls -al /etc\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 1\n";exit}
		13	"cron" {puts "TESTING ERROR 2\n";exit}
		14	"group"
		15	}
		16	expect {
		17	timeout {puts "TESTING ERROR 3\n";exit}
		18	"passwd"
		19	}
		20
		21
		22	after 100
		23	puts "\nall done\n"


diff --git a/test/utils/name.exp b/test/utils/name.exp new file mode 100755 index 000000000..f00b5866e --- /dev/null +++ b/test/utils/name.exp
@@ -0,0 +1,174 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2018 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10
		11	send -- "firejail --name=ftest\r"
		12	expect {
		13	timeout {puts "TESTING ERROR 0\n";exit}
		14	"Child process initialized"
		15	}
		16	after 100
		17
		18	spawn $env(SHELL)
		19	send -- "firejail --name=ftest\r"
		20	expect {
		21	timeout {puts "TESTING ERROR 1\n";exit}
		22	"Child process initialized"
		23	}
		24	after 100
		25
		26	spawn $env(SHELL)
		27	send -- "firejail --name=ftest\r"
		28	expect {
		29	timeout {puts "TESTING ERROR 2\n";exit}
		30	"Child process initialized"
		31	}
		32	after 100
		33
		34	spawn $env(SHELL)
		35	send -- "firejail --name=ftest\r"
		36	expect {
		37	timeout {puts "TESTING ERROR 3\n";exit}
		38	"Child process initialized"
		39	}
		40	after 100
		41
		42	spawn $env(SHELL)
		43	send -- "firejail --name=ftest\r"
		44	expect {
		45	timeout {puts "TESTING ERROR 4\n";exit}
		46	"Child process initialized"
		47	}
		48	after 100
		49
		50	spawn $env(SHELL)
		51	send -- "firejail --name=ftest\r"
		52	expect {
		53	timeout {puts "TESTING ERROR 5\n";exit}
		54	"Child process initialized"
		55	}
		56	after 100
		57
		58	spawn $env(SHELL)
		59	send -- "firejail --name=ftest\r"
		60	expect {
		61	timeout {puts "TESTING ERROR 6\n";exit}
		62	"Child process initialized"
		63	}
		64	after 100
		65
		66	spawn $env(SHELL)
		67	send -- "firejail --name=ftest\r"
		68	expect {
		69	timeout {puts "TESTING ERROR 7\n";exit}
		70	"Child process initialized"
		71	}
		72	after 100
		73
		74	spawn $env(SHELL)
		75	send -- "firejail --name=ftest\r"
		76	expect {
		77	timeout {puts "TESTING ERROR 8\n";exit}
		78	"Child process initialized"
		79	}
		80	after 100
		81
		82	spawn $env(SHELL)
		83	send -- "firejail --name=ftest\r"
		84	expect {
		85	timeout {puts "TESTING ERROR 9\n";exit}
		86	"Child process initialized"
		87	}
		88	after 100
		89
		90	spawn $env(SHELL)
		91	send -- "firejail --name=ftest\r"
		92	expect {
		93	timeout {puts "TESTING ERROR 10\n";exit}
		94	"Child process initialized"
		95	}
		96	after 100
		97
		98	spawn $env(SHELL)
		99	send -- "firejail --name=ftest\r"
		100	expect {
		101	timeout {puts "TESTING ERROR 11\n";exit}
		102	"Child process initialized"
		103	}
		104	after 100
		105
		106	spawn $env(SHELL)
		107	send -- "firejail --list\r"
		108	expect {
		109	timeout {puts "TESTING ERROR 12\n";exit}
		110	":ftest:"
		111	}
		112	expect {
		113	timeout {puts "TESTING ERROR 13\n";exit}
		114	":ftest-1:"
		115	}
		116	expect {
		117	timeout {puts "TESTING ERROR 14\n";exit}
		118	":ftest-2:"
		119	}
		120	expect {
		121	timeout {puts "TESTING ERROR 15\n";exit}
		122	":ftest-3:"
		123	}
		124	expect {
		125	timeout {puts "TESTING ERROR 16\n";exit}
		126	":ftest-4:"
		127	}
		128	expect {
		129	timeout {puts "TESTING ERROR 17\n";exit}
		130	":ftest-5:"
		131	}
		132	expect {
		133	timeout {puts "TESTING ERROR 18\n";exit}
		134	":ftest-6:"
		135	}
		136	expect {
		137	timeout {puts "TESTING ERROR 19\n";exit}
		138	":ftest-7:"
		139	}
		140	expect {
		141	timeout {puts "TESTING ERROR 20\n";exit}
		142	":ftest-8:"
		143	}
		144	expect {
		145	timeout {puts "TESTING ERROR 21\n";exit}
		146	":ftest-9:"
		147	}
		148	expect {
		149	timeout {puts "TESTING ERROR 22\n";exit}
		150	":ftest-"
		151	}
		152	expect {
		153	timeout {puts "TESTING ERROR 23\n";exit}
		154	":ftest-"
		155	}
		156	after 100
		157
		158	send -- "firejail --shutdown=ftest-5\r"
		159	expect {
		160	timeout {puts "TESTING ERROR 11\n";exit}
		161	"Sending SIGTERM"
		162	}
		163	sleep 1
		164
		165	spawn $env(SHELL)
		166	send -- "firejail --list\r"
		167	expect {
		168	timeout {puts "TESTING ERROR 12\n";exit}
		169	":ftest-5:" {puts "TESTING ERROR 15\n";exit}
		170	":ftest-9:"
		171	}
		172
		173	after 100
		174	puts "all done\n"


diff --git a/test/utils/profile_print.exp b/test/utils/profile_print.exp new file mode 100755 index 000000000..20d88a264 --- /dev/null +++ b/test/utils/profile_print.exp
@@ -0,0 +1,27 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2018 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10
		11	send -- "firejail --name=ftest\r"
		12	expect {
		13	timeout {puts "TESTING ERROR 0\n";exit}
		14	"Child process initialized"
		15	}
		16	after 100
		17
		18	spawn $env(SHELL)
		19	send -- "firejail --profile.print=ftest\r"
		20	expect {
		21	timeout {puts "TESTING ERROR 1\n";exit}
		22	"/etc/firejail/default.profile"
		23	}
		24
		25
		26	after 100
		27	puts "all done\n"


diff --git a/test/utils/utils.sh b/test/utils/utils.sh index d72cc2269..9259ee33a 100755 --- a/test/utils/utils.sh +++ b/test/utils/utils.sh
@@ -20,6 +20,15 @@ rm -f ~/firejail-test-file-7699
20	echo "TESTING: audit (test/utils/audit.exp)"	20	echo "TESTING: audit (test/utils/audit.exp)"
21	./audit.exp	21	./audit.exp
22		22
		23	echo "TESTING: name (test/utils/name.exp)"
		24	./name.exp
		25
		26	echo "TESTING: command (test/utils/command.exp)"
		27	./command.exp
		28
		29	echo "TESTING: profile.print (test/utils/profile_print.exp)"
		30	./profile_print.exp
		31
23	echo "TESTING: version (test/utils/version.exp)"	32	echo "TESTING: version (test/utils/version.exp)"
24	./version.exp	33	./version.exp
25		34