testing

author: netblue30 <netblue30@yahoo.com> 2017-08-21 08:51:08 -0400
committer: netblue30 <netblue30@yahoo.com> 2017-08-21 08:51:08 -0400
commit: 495f1c5cdaeeadafcf150080545ae4848dc633ca (patch)
tree: 88f40d13cc2ecea7e03447431b39489a26fc2b01
parent: compile fixes (diff)
download: firejail-495f1c5cdaeeadafcf150080545ae4848dc633ca.tar.gz
firejail-495f1c5cdaeeadafcf150080545ae4848dc633ca.tar.zst
firejail-495f1c5cdaeeadafcf150080545ae4848dc633ca.zip
6 files changed, 190 insertions, 4 deletions
diff --git a/test/filters/debug.exp b/test/filters/debug.exp
index 493022c05..d37353378 100755
--- a/test/filters/debug.exp
+++ b/test/filters/debug.exp
@@ -38,7 +38,8 @@ after 100
 send --  "firejail --debug-protocols\r"
 expect {
        timeout {puts "TESTING ERROR 4\n";exit}
-        "unix, inet, inet6, netlink, packet"
+        "unix, inet, inet6, netlink, packet" {puts "OK\n"}
+        "protocol not supported on this platform" {puts "OK\n"}
 }
 after 100
diff --git a/test/filters/filters.sh b/test/filters/filters.sh
index 3ebb61419..d59d9109b 100755
--- a/test/filters/filters.sh
+++ b/test/filters/filters.sh
@@ -18,8 +18,11 @@ export PATH="$PATH:/usr/lib/firejail"
 if [ "$(uname -m)" = "x86_64" ]; then
    echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)"
    ./memwrexe.exp
+elif [ "$(uname -m)" = "i686" ]; then
+    echo "TESTING: memory-deny-write-execute (test/filters/memwrexe-32.exp)"
+    ./memwrexe-32.exp
 else
-    echo "TESTING SKIP: memwrexe binary only running on x86_64."
+    echo "TESTING SKIP: memwrexe binary only running on x86_64 and i686."
 fi
 echo "TESTING: debug options (test/filters/debug.exp)"
@@ -57,8 +60,11 @@ echo "TESTING: seccomp bad empty (test/filters/seccomp-bad-empty.exp)"
 if [ "$(uname -m)" = "x86_64" ]; then
        echo "TESTING: seccomp debug  (test/filters/seccomp-debug.exp)"
        ./seccomp-debug.exp
+elif [ "$(uname -m)" = "i686" ]; then
+        echo "TESTING: seccomp debug  (test/filters/seccomp-debug-32.exp)"
+        ./seccomp-debug-32.exp
 else
-        echo "TESTING SKIP: protocol, running only on x86_64"
+        echo "TESTING SKIP: protocol, running only on x86_64 and i686"
 fi
 echo "TESTING: seccomp errno (test/filters/seccomp-errno.exp)"
diff --git a/test/filters/memwrexe-32 b/test/filters/memwrexe-32
new file mode 100755
index 000000000..70c98b796
--- /dev/null
+++ b/test/filters/memwrexe-32
Binary files differ
diff --git a/test/filters/memwrexe-32.exp b/test/filters/memwrexe-32.exp
new file mode 100755
index 000000000..af2159973
--- /dev/null
+++ b/test/filters/memwrexe-32.exp
@@ -0,0 +1,34 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2017 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send --  "firejail --memory-deny-write-execute ./memwrexe-32 mmap\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "mmap successful" {puts "TESTING ERROR 2\n";exit}
+        "Parent is shutting down"
+}
+after 100
+send --  "firejail --memory-deny-write-execute ./memwrexe-32 mprotect\r"
+expect {
+        timeout {puts "TESTING ERROR 10\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 11\n";exit}
+        "mprotect successful" {puts "TESTING ERROR 12\n";exit}
+        "Parent is shutting down"
+}
+after 100
+puts "\nall done\n"
diff --git a/test/filters/seccomp-debug-32.exp b/test/filters/seccomp-debug-32.exp
new file mode 100755
index 000000000..6983758c3
--- /dev/null
+++ b/test/filters/seccomp-debug-32.exp
@@ -0,0 +1,145 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2017 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send --  "firejail --debug sleep 1; echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "SECCOMP Filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "BLACKLIST"
+}
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "open_by_handle_at"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "done"
+}
+after 100
+# i686 architecture
+send --  "firejail --debug sleep 1; echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "Installing /run/firejail/mnt/seccomp seccomp filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 7\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 9\n";exit}
+        "done"
+}
+after 100
+# i686 architecture - ignore seccomp
+send --  "firejail --debug --ignore=seccomp sleep 1; echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 10\n";exit}
+        "Installing /run/firejail/mnt/seccomp seccomp filter" {puts "TESTING ERROR 11\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 12\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 13\n";exit}
+        "Installing /run/firejail/mnt/seccomp seccomp filter" {puts "TESTING ERROR 14\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 15\n";exit}
+        "done"
+}
+after 100
+# i686 architecture - ignore protocol
+send --  "firejail --debug --ignore=protocol sleep 1; echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 17\n";exit}
+        "Installing /run/firejail/mnt/seccomp.protocol seccomp filter" {puts "TESTING ERROR 18\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 19\n";exit}
+        "Installing /run/firejail/mnt/seccomp.protocol seccomp filter" {puts "TESTING ERROR 20\n";exit}
+        "Installing /run/firejail/mnt/seccomp seccomp filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 21\n";exit}
+        "Installing /run/firejail/mnt/seccomp.protocol seccomp filter" {puts "TESTING ERROR 22\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 23\n";exit}
+        "done"
+}
+after 100
+# memory-deny-write-execute
+send --  "firejail --debug --memory-deny-write-execute sleep 1; echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 24\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 25\n";exit}
+        "Installing /run/firejail/mnt/seccomp.mdwx seccomp filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 26\n";exit}
+        "done"
+}
+# i686 architecture - seccomp.block-secondary
+send --  "firejail --debug --seccomp.block-secondary sleep 1; echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 27\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 28\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 29\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 30\n";exit}
+        "Installing /run/firejail/mnt/seccomp seccomp filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 33\n";exit}
+        "done"
+}
+after 100
+# i686 architecture - seccomp.block-secondary, profile
+send --  "firejail --debug --profile=block-secondary.profile sleep 1; echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 33\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 34\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 35\n";exit}
+        "Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 35\n";exit}
+        "Installing /run/firejail/mnt/seccomp seccomp filter"
+}
+expect {
+        timeout {puts "TESTING ERROR 37\n";exit}
+        "done"
+}
+after 100
+puts "all done\n"
diff --git a/test/filters/seccomp-debug.exp b/test/filters/seccomp-debug.exp
index 7f03e45e8..7a4a13991 100755
--- a/test/filters/seccomp-debug.exp
+++ b/test/filters/seccomp-debug.exp
@@ -106,7 +106,7 @@ expect {
 }
 expect {
        timeout {puts "TESTING ERROR 25\n";exit}
-        "Installing /run/firejail/mnt/seccomp.protocol seccomp filter"
+        "Installing /run/firejail/mnt/seccomp.mdwx seccomp filter"
 }
 expect {
        timeout {puts "TESTING ERROR 26\n";exit}
author	netblue30 <netblue30@yahoo.com>	2017-08-21 08:51:08 -0400
committer	netblue30 <netblue30@yahoo.com>	2017-08-21 08:51:08 -0400
commit	495f1c5cdaeeadafcf150080545ae4848dc633ca (patch)
tree	88f40d13cc2ecea7e03447431b39489a26fc2b01
parent	compile fixes (diff)
download	firejail-495f1c5cdaeeadafcf150080545ae4848dc633ca.tar.gz firejail-495f1c5cdaeeadafcf150080545ae4848dc633ca.tar.zst firejail-495f1c5cdaeeadafcf150080545ae4848dc633ca.zip

diff --git a/test/filters/debug.exp b/test/filters/debug.exp index 493022c05..d37353378 100755 --- a/test/filters/debug.exp +++ b/test/filters/debug.exp
@@ -38,7 +38,8 @@ after 100
38	send -- "firejail --debug-protocols\r"	38	send -- "firejail --debug-protocols\r"
39	expect {	39	expect {
40	timeout {puts "TESTING ERROR 4\n";exit}	40	timeout {puts "TESTING ERROR 4\n";exit}
41	"unix, inet, inet6, netlink, packet"	41	"unix, inet, inet6, netlink, packet" {puts "OK\n"}
		42	"protocol not supported on this platform" {puts "OK\n"}
42	}	43	}
43	after 100	44	after 100
44		45


diff --git a/test/filters/filters.sh b/test/filters/filters.sh index 3ebb61419..d59d9109b 100755 --- a/test/filters/filters.sh +++ b/test/filters/filters.sh
@@ -18,8 +18,11 @@ export PATH="$PATH:/usr/lib/firejail"
18	if [ "$(uname -m)" = "x86_64" ]; then	18	if [ "$(uname -m)" = "x86_64" ]; then
19	echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)"	19	echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)"
20	./memwrexe.exp	20	./memwrexe.exp
		21	elif [ "$(uname -m)" = "i686" ]; then
		22	echo "TESTING: memory-deny-write-execute (test/filters/memwrexe-32.exp)"
		23	./memwrexe-32.exp
21	else	24	else
22	echo "TESTING SKIP: memwrexe binary only running on x86_64."	25	echo "TESTING SKIP: memwrexe binary only running on x86_64 and i686."
23	fi	26	fi
24		27
25	echo "TESTING: debug options (test/filters/debug.exp)"	28	echo "TESTING: debug options (test/filters/debug.exp)"
@@ -57,8 +60,11 @@ echo "TESTING: seccomp bad empty (test/filters/seccomp-bad-empty.exp)"
57	if [ "$(uname -m)" = "x86_64" ]; then	60	if [ "$(uname -m)" = "x86_64" ]; then
58	echo "TESTING: seccomp debug (test/filters/seccomp-debug.exp)"	61	echo "TESTING: seccomp debug (test/filters/seccomp-debug.exp)"
59	./seccomp-debug.exp	62	./seccomp-debug.exp
		63	elif [ "$(uname -m)" = "i686" ]; then
		64	echo "TESTING: seccomp debug (test/filters/seccomp-debug-32.exp)"
		65	./seccomp-debug-32.exp
60	else	66	else
61	echo "TESTING SKIP: protocol, running only on x86_64"	67	echo "TESTING SKIP: protocol, running only on x86_64 and i686"
62	fi	68	fi
63		69
64	echo "TESTING: seccomp errno (test/filters/seccomp-errno.exp)"	70	echo "TESTING: seccomp errno (test/filters/seccomp-errno.exp)"


diff --git a/test/filters/memwrexe-32 b/test/filters/memwrexe-32 new file mode 100755 index 000000000..70c98b796 --- /dev/null +++ b/test/filters/memwrexe-32
Binary files differ


diff --git a/test/filters/memwrexe-32.exp b/test/filters/memwrexe-32.exp new file mode 100755 index 000000000..af2159973 --- /dev/null +++ b/test/filters/memwrexe-32.exp
@@ -0,0 +1,34 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2017 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --memory-deny-write-execute ./memwrexe-32 mmap\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 0\n";exit}
		13	"Child process initialized"
		14	}
		15	expect {
		16	timeout {puts "TESTING ERROR 1\n";exit}
		17	"mmap successful" {puts "TESTING ERROR 2\n";exit}
		18	"Parent is shutting down"
		19	}
		20	after 100
		21
		22	send -- "firejail --memory-deny-write-execute ./memwrexe-32 mprotect\r"
		23	expect {
		24	timeout {puts "TESTING ERROR 10\n";exit}
		25	"Child process initialized"
		26	}
		27	expect {
		28	timeout {puts "TESTING ERROR 11\n";exit}
		29	"mprotect successful" {puts "TESTING ERROR 12\n";exit}
		30	"Parent is shutting down"
		31	}
		32
		33	after 100
		34	puts "\nall done\n"


diff --git a/test/filters/seccomp-debug-32.exp b/test/filters/seccomp-debug-32.exp new file mode 100755 index 000000000..6983758c3 --- /dev/null +++ b/test/filters/seccomp-debug-32.exp
@@ -0,0 +1,145 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2017 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --debug sleep 1; echo done\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 0\n";exit}
		13	"SECCOMP Filter"
		14	}
		15	expect {
		16	timeout {puts "TESTING ERROR 1\n";exit}
		17	"BLACKLIST"
		18	}
		19	expect {
		20	timeout {puts "TESTING ERROR 2\n";exit}
		21	"open_by_handle_at"
		22	}
		23	expect {
		24	timeout {puts "TESTING ERROR 3\n";exit}
		25	"Child process initialized"
		26	}
		27	expect {
		28	timeout {puts "TESTING ERROR 4\n";exit}
		29	"done"
		30	}
		31	after 100
		32
		33
		34	# i686 architecture
		35	send -- "firejail --debug sleep 1; echo done\r"
		36	expect {
		37	timeout {puts "TESTING ERROR 5\n";exit}
		38	"Child process initialized"
		39	}
		40	expect {
		41	timeout {puts "TESTING ERROR 6\n";exit}
		42	"Installing /run/firejail/mnt/seccomp seccomp filter"
		43	}
		44	expect {
		45	timeout {puts "TESTING ERROR 7\n";exit}
		46	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter"
		47	}
		48	expect {
		49	timeout {puts "TESTING ERROR 9\n";exit}
		50	"done"
		51	}
		52	after 100
		53
		54	# i686 architecture - ignore seccomp
		55	send -- "firejail --debug --ignore=seccomp sleep 1; echo done\r"
		56	expect {
		57	timeout {puts "TESTING ERROR 10\n";exit}
		58	"Installing /run/firejail/mnt/seccomp seccomp filter" {puts "TESTING ERROR 11\n";exit}
		59	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 12\n";exit}
		60	"Child process initialized"
		61	}
		62	expect {
		63	timeout {puts "TESTING ERROR 13\n";exit}
		64	"Installing /run/firejail/mnt/seccomp seccomp filter" {puts "TESTING ERROR 14\n";exit}
		65	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 15\n";exit}
		66	"done"
		67	}
		68	after 100
		69
		70	# i686 architecture - ignore protocol
		71	send -- "firejail --debug --ignore=protocol sleep 1; echo done\r"
		72	expect {
		73	timeout {puts "TESTING ERROR 17\n";exit}
		74	"Installing /run/firejail/mnt/seccomp.protocol seccomp filter" {puts "TESTING ERROR 18\n";exit}
		75	"Child process initialized"
		76	}
		77	expect {
		78	timeout {puts "TESTING ERROR 19\n";exit}
		79	"Installing /run/firejail/mnt/seccomp.protocol seccomp filter" {puts "TESTING ERROR 20\n";exit}
		80	"Installing /run/firejail/mnt/seccomp seccomp filter"
		81	}
		82	expect {
		83	timeout {puts "TESTING ERROR 21\n";exit}
		84	"Installing /run/firejail/mnt/seccomp.protocol seccomp filter" {puts "TESTING ERROR 22\n";exit}
		85	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter"
		86	}
		87	expect {
		88	timeout {puts "TESTING ERROR 23\n";exit}
		89	"done"
		90	}
		91	after 100
		92
		93	# memory-deny-write-execute
		94	send -- "firejail --debug --memory-deny-write-execute sleep 1; echo done\r"
		95	expect {
		96	timeout {puts "TESTING ERROR 24\n";exit}
		97	"Child process initialized"
		98	}
		99	expect {
		100	timeout {puts "TESTING ERROR 25\n";exit}
		101	"Installing /run/firejail/mnt/seccomp.mdwx seccomp filter"
		102	}
		103	expect {
		104	timeout {puts "TESTING ERROR 26\n";exit}
		105	"done"
		106	}
		107
		108
		109	# i686 architecture - seccomp.block-secondary
		110	send -- "firejail --debug --seccomp.block-secondary sleep 1; echo done\r"
		111	expect {
		112	timeout {puts "TESTING ERROR 27\n";exit}
		113	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 28\n";exit}
		114	"Child process initialized"
		115	}
		116	expect {
		117	timeout {puts "TESTING ERROR 29\n";exit}
		118	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 30\n";exit}
		119	"Installing /run/firejail/mnt/seccomp seccomp filter"
		120	}
		121	expect {
		122	timeout {puts "TESTING ERROR 33\n";exit}
		123	"done"
		124	}
		125	after 100
		126
		127	# i686 architecture - seccomp.block-secondary, profile
		128	send -- "firejail --debug --profile=block-secondary.profile sleep 1; echo done\r"
		129	expect {
		130	timeout {puts "TESTING ERROR 33\n";exit}
		131	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 34\n";exit}
		132	"Child process initialized"
		133	}
		134	expect {
		135	timeout {puts "TESTING ERROR 35\n";exit}
		136	"Installing /run/firejail/mnt/seccomp.amd64 seccomp filter" {puts "TESTING ERROR 35\n";exit}
		137	"Installing /run/firejail/mnt/seccomp seccomp filter"
		138	}
		139	expect {
		140	timeout {puts "TESTING ERROR 37\n";exit}
		141	"done"
		142	}
		143	after 100
		144
		145	puts "all done\n"


diff --git a/test/filters/seccomp-debug.exp b/test/filters/seccomp-debug.exp index 7f03e45e8..7a4a13991 100755 --- a/test/filters/seccomp-debug.exp +++ b/test/filters/seccomp-debug.exp
@@ -106,7 +106,7 @@ expect {
106	}	106	}
107	expect {	107	expect {
108	timeout {puts "TESTING ERROR 25\n";exit}	108	timeout {puts "TESTING ERROR 25\n";exit}
109	"Installing /run/firejail/mnt/seccomp.protocol seccomp filter"	109	"Installing /run/firejail/mnt/seccomp.mdwx seccomp filter"
110	}	110	}
111	expect {	111	expect {
112	timeout {puts "TESTING ERROR 26\n";exit}	112	timeout {puts "TESTING ERROR 26\n";exit}