diff options
author | netblue30 <netblue30@yahoo.com> | 2016-08-20 08:15:59 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-08-20 08:15:59 -0400 |
commit | 01b80e1d268951be29ac09af526b5e23f675c346 (patch) | |
tree | a649a9879c1e5ad615714986795f15098457491f /test/compile | |
parent | compile time config option for overlayfs (diff) | |
download | firejail-01b80e1d268951be29ac09af526b5e23f675c346.tar.gz firejail-01b80e1d268951be29ac09af526b5e23f675c346.tar.zst firejail-01b80e1d268951be29ac09af526b5e23f675c346.zip |
testing
Diffstat (limited to 'test/compile')
-rwxr-xr-x | test/compile/compile.sh | 338 |
1 files changed, 338 insertions, 0 deletions
diff --git a/test/compile/compile.sh b/test/compile/compile.sh new file mode 100755 index 000000000..76a7162b7 --- /dev/null +++ b/test/compile/compile.sh | |||
@@ -0,0 +1,338 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | arr[1]="TEST 1: standard compilation" | ||
4 | arr[2]="TEST 2: compile seccomp disabled" | ||
5 | arr[3]="TEST 3: compile chroot disabled" | ||
6 | arr[4]="TEST 4: compile bind disabled" | ||
7 | arr[5]="TEST 5: compile user namespace disabled" | ||
8 | arr[6]="TEST 6: compile network disabled" | ||
9 | arr[7]="TEST 7: compile X11 disabled" | ||
10 | arr[8]="TEST 8: compile network restricted" | ||
11 | arr[9]="TEST 9: compile file transfer disabled" | ||
12 | arr[10]="TEST 10: compile disable whitelist" | ||
13 | arr[11]="TEST 11: compile disable global config" | ||
14 | arr[12]="TEST 12: compile apparmor" | ||
15 | arr[13]="TEST 13: compile busybox" | ||
16 | arr[14]="TEST 14: compile overlayfs disabled" | ||
17 | |||
18 | # remove previous reports and output file | ||
19 | cleanup() { | ||
20 | rm -f report* | ||
21 | rm -fr firejail | ||
22 | rm -f oc* om* | ||
23 | } | ||
24 | |||
25 | print_title() { | ||
26 | echo | ||
27 | echo | ||
28 | echo | ||
29 | echo "**************************************************" | ||
30 | echo $1 | ||
31 | echo "**************************************************" | ||
32 | } | ||
33 | |||
34 | DIST="$1" | ||
35 | while [ $# -gt 0 ]; do # Until you run out of parameters . . . | ||
36 | case "$1" in | ||
37 | --clean) | ||
38 | cleanup | ||
39 | exit | ||
40 | ;; | ||
41 | --help) | ||
42 | echo "./compile.sh [--clean|--help]" | ||
43 | exit | ||
44 | ;; | ||
45 | esac | ||
46 | shift # Check next set of parameters. | ||
47 | done | ||
48 | |||
49 | cleanup | ||
50 | |||
51 | |||
52 | #***************************************************************** | ||
53 | # TEST 1 | ||
54 | #***************************************************************** | ||
55 | # - checkout source code | ||
56 | #***************************************************************** | ||
57 | print_title "${arr[1]}" | ||
58 | echo "$DIST" | ||
59 | tar -xJvf ../../$DIST.tar.xz | ||
60 | mv $DIST firejail | ||
61 | |||
62 | cd firejail | ||
63 | ./configure --prefix=/usr --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
64 | make -j4 2>&1 | tee ../output-make | ||
65 | cd .. | ||
66 | grep Warning output-configure output-make > ./report-test1 | ||
67 | grep Error output-configure output-make >> ./report-test1 | ||
68 | cp output-configure oc1 | ||
69 | cp output-make om1 | ||
70 | rm output-configure output-make | ||
71 | |||
72 | |||
73 | #***************************************************************** | ||
74 | # TEST 2 | ||
75 | #***************************************************************** | ||
76 | # - disable seccomp configuration | ||
77 | #***************************************************************** | ||
78 | print_title "${arr[2]}" | ||
79 | # seccomp | ||
80 | cd firejail | ||
81 | make distclean | ||
82 | ./configure --prefix=/usr --disable-seccomp --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
83 | make -j4 2>&1 | tee ../output-make | ||
84 | cd .. | ||
85 | grep Warning output-configure output-make > ./report-test2 | ||
86 | grep Error output-configure output-make >> ./report-test2 | ||
87 | cp output-configure oc2 | ||
88 | cp output-make om2 | ||
89 | rm output-configure output-make | ||
90 | |||
91 | #***************************************************************** | ||
92 | # TEST 3 | ||
93 | #***************************************************************** | ||
94 | # - disable chroot configuration | ||
95 | #***************************************************************** | ||
96 | print_title "${arr[3]}" | ||
97 | # seccomp | ||
98 | cd firejail | ||
99 | make distclean | ||
100 | ./configure --prefix=/usr --disable-chroot --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
101 | make -j4 2>&1 | tee ../output-make | ||
102 | cd .. | ||
103 | grep Warning output-configure output-make > ./report-test3 | ||
104 | grep Error output-configure output-make >> ./report-test3 | ||
105 | cp output-configure oc3 | ||
106 | cp output-make om3 | ||
107 | rm output-configure output-make | ||
108 | |||
109 | #***************************************************************** | ||
110 | # TEST 4 | ||
111 | #***************************************************************** | ||
112 | # - disable bind configuration | ||
113 | #***************************************************************** | ||
114 | print_title "${arr[4]}" | ||
115 | # seccomp | ||
116 | cd firejail | ||
117 | make distclean | ||
118 | ./configure --prefix=/usr --disable-bind --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
119 | make -j4 2>&1 | tee ../output-make | ||
120 | cd .. | ||
121 | grep Warning output-configure output-make > ./report-test4 | ||
122 | grep Error output-configure output-make >> ./report-test4 | ||
123 | cp output-configure oc4 | ||
124 | cp output-make om4 | ||
125 | rm output-configure output-make | ||
126 | |||
127 | #***************************************************************** | ||
128 | # TEST 5 | ||
129 | #***************************************************************** | ||
130 | # - disable user namespace configuration | ||
131 | #***************************************************************** | ||
132 | print_title "${arr[5]}" | ||
133 | # seccomp | ||
134 | cd firejail | ||
135 | make distclean | ||
136 | ./configure --prefix=/usr --disable-userns --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
137 | make -j4 2>&1 | tee ../output-make | ||
138 | cd .. | ||
139 | grep Warning output-configure output-make > ./report-test5 | ||
140 | grep Error output-configure output-make >> ./report-test5 | ||
141 | cp output-configure oc5 | ||
142 | cp output-make om5 | ||
143 | rm output-configure output-make | ||
144 | |||
145 | #***************************************************************** | ||
146 | # TEST 6 | ||
147 | #***************************************************************** | ||
148 | # - disable user namespace configuration | ||
149 | # - check compilation | ||
150 | #***************************************************************** | ||
151 | print_title "${arr[6]}" | ||
152 | # seccomp | ||
153 | cd firejail | ||
154 | make distclean | ||
155 | ./configure --prefix=/usr --disable-network --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
156 | make -j4 2>&1 | tee ../output-make | ||
157 | cd .. | ||
158 | grep Warning output-configure output-make > ./report-test6 | ||
159 | grep Error output-configure output-make >> ./report-test6 | ||
160 | cp output-configure oc6 | ||
161 | cp output-make om6 | ||
162 | rm output-configure output-make | ||
163 | |||
164 | #***************************************************************** | ||
165 | # TEST 7 | ||
166 | #***************************************************************** | ||
167 | # - disable X11 support | ||
168 | #***************************************************************** | ||
169 | print_title "${arr[7]}" | ||
170 | # seccomp | ||
171 | cd firejail | ||
172 | make distclean | ||
173 | ./configure --prefix=/usr --disable-x11 --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
174 | make -j4 2>&1 | tee ../output-make | ||
175 | cd .. | ||
176 | grep Warning output-configure output-make > ./report-test7 | ||
177 | grep Error output-configure output-make >> ./report-test7 | ||
178 | cp output-configure oc7 | ||
179 | cp output-make om7 | ||
180 | rm output-configure output-make | ||
181 | |||
182 | |||
183 | #***************************************************************** | ||
184 | # TEST 8 | ||
185 | #***************************************************************** | ||
186 | # - enable network restricted | ||
187 | #***************************************************************** | ||
188 | print_title "${arr[8]}" | ||
189 | # seccomp | ||
190 | cd firejail | ||
191 | make distclean | ||
192 | ./configure --prefix=/usr --enable-network=restricted --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
193 | make -j4 2>&1 | tee ../output-make | ||
194 | cd .. | ||
195 | grep Warning output-configure output-make > ./report-test8 | ||
196 | grep Error output-configure output-make >> ./report-test8 | ||
197 | cp output-configure oc8 | ||
198 | cp output-make om8 | ||
199 | rm output-configure output-make | ||
200 | |||
201 | |||
202 | #***************************************************************** | ||
203 | # TEST 9 | ||
204 | #***************************************************************** | ||
205 | # - disable file transfer | ||
206 | #***************************************************************** | ||
207 | print_title "${arr[9]}" | ||
208 | # seccomp | ||
209 | cd firejail | ||
210 | make distclean | ||
211 | ./configure --prefix=/usr --disable-file-transfer --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
212 | make -j4 2>&1 | tee ../output-make | ||
213 | cd .. | ||
214 | grep Warning output-configure output-make > ./report-test9 | ||
215 | grep Error output-configure output-make >> ./report-test9 | ||
216 | cp output-configure oc9 | ||
217 | cp output-make om9 | ||
218 | rm output-configure output-make | ||
219 | |||
220 | #***************************************************************** | ||
221 | # TEST 10 | ||
222 | #***************************************************************** | ||
223 | # - disable whitelist | ||
224 | #***************************************************************** | ||
225 | print_title "${arr[10]}" | ||
226 | # seccomp | ||
227 | cd firejail | ||
228 | make distclean | ||
229 | ./configure --prefix=/usr --disable-whitelist --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
230 | make -j4 2>&1 | tee ../output-make | ||
231 | cd .. | ||
232 | grep Warning output-configure output-make > ./report-test10 | ||
233 | grep Error output-configure output-make >> ./report-test10 | ||
234 | cp output-configure oc10 | ||
235 | cp output-make om10 | ||
236 | rm output-configure output-make | ||
237 | |||
238 | #***************************************************************** | ||
239 | # TEST 11 | ||
240 | #***************************************************************** | ||
241 | # - disable global config | ||
242 | #***************************************************************** | ||
243 | print_title "${arr[11]}" | ||
244 | # seccomp | ||
245 | cd firejail | ||
246 | make distclean | ||
247 | ./configure --prefix=/usr --disable-globalcfg --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
248 | make -j4 2>&1 | tee ../output-make | ||
249 | cd .. | ||
250 | grep Warning output-configure output-make > ./report-test11 | ||
251 | grep Error output-configure output-make >> ./report-test11 | ||
252 | cp output-configure oc11 | ||
253 | cp output-make om11 | ||
254 | rm output-configure output-make | ||
255 | |||
256 | #***************************************************************** | ||
257 | # TEST 12 | ||
258 | #***************************************************************** | ||
259 | # - enable apparmor | ||
260 | #***************************************************************** | ||
261 | print_title "${arr[12]}" | ||
262 | # seccomp | ||
263 | cd firejail | ||
264 | make distclean | ||
265 | ./configure --prefix=/usr --enable-apparmor --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
266 | make -j4 2>&1 | tee ../output-make | ||
267 | cd .. | ||
268 | grep Warning output-configure output-make > ./report-test12 | ||
269 | grep Error output-configure output-make >> ./report-test12 | ||
270 | cp output-configure oc12 | ||
271 | cp output-make om12 | ||
272 | rm output-configure output-make | ||
273 | |||
274 | #***************************************************************** | ||
275 | # TEST 13 | ||
276 | #***************************************************************** | ||
277 | # - enable busybox workaround | ||
278 | #***************************************************************** | ||
279 | print_title "${arr[13]}" | ||
280 | # seccomp | ||
281 | cd firejail | ||
282 | make distclean | ||
283 | ./configure --prefix=/usr --enable-busybox-workaround --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
284 | make -j4 2>&1 | tee ../output-make | ||
285 | cd .. | ||
286 | grep Warning output-configure output-make > ./report-test13 | ||
287 | grep Error output-configure output-make >> ./report-test13 | ||
288 | cp output-configure oc13 | ||
289 | cp output-make om13 | ||
290 | rm output-configure output-make | ||
291 | |||
292 | #***************************************************************** | ||
293 | # TEST 14 | ||
294 | #***************************************************************** | ||
295 | # - disable overlayfs | ||
296 | #***************************************************************** | ||
297 | print_title "${arr[14]}" | ||
298 | # seccomp | ||
299 | cd firejail | ||
300 | make distclean | ||
301 | ./configure --prefix=/usr --disable-overlayfs --enable-fatal-warnings 2>&1 | tee ../output-configure | ||
302 | make -j4 2>&1 | tee ../output-make | ||
303 | cd .. | ||
304 | grep Warning output-configure output-make > ./report-test14 | ||
305 | grep Error output-configure output-make >> ./report-test14 | ||
306 | cp output-configure oc14 | ||
307 | cp output-make om14 | ||
308 | rm output-configure output-make | ||
309 | |||
310 | |||
311 | #***************************************************************** | ||
312 | # PRINT REPORTS | ||
313 | #***************************************************************** | ||
314 | echo | ||
315 | echo | ||
316 | echo | ||
317 | echo | ||
318 | echo "**********************************************************" | ||
319 | echo "TEST RESULTS" | ||
320 | echo "**********************************************************" | ||
321 | |||
322 | wc -l report-test* | ||
323 | echo | ||
324 | echo "Legend:" | ||
325 | echo ${arr[1]} | ||
326 | echo ${arr[2]} | ||
327 | echo ${arr[3]} | ||
328 | echo ${arr[4]} | ||
329 | echo ${arr[5]} | ||
330 | echo ${arr[6]} | ||
331 | echo ${arr[7]} | ||
332 | echo ${arr[8]} | ||
333 | echo ${arr[9]} | ||
334 | echo ${arr[10]} | ||
335 | echo ${arr[11]} | ||
336 | echo ${arr[12]} | ||
337 | echo ${arr[13]} | ||
338 | echo ${arr[14]} | ||