feature test

author: netblue30 <netblue30@yahoo.com> 2015-11-22 13:15:13 -0500
committer: netblue30 <netblue30@yahoo.com> 2015-11-22 13:15:13 -0500
commit: a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0 (patch)
tree: 4002cad80b79157ef2c300ca8f12625a5b0b8b17 /test/features
parent: fixes (diff)
download: firejail-a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0.tar.gz
firejail-a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0.tar.zst
firejail-a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0.zip
8 files changed, 578 insertions, 0 deletions
diff --git a/test/features/1.1.exp b/test/features/1.1.exp
new file mode 100755
index 000000000..41443a080
--- /dev/null
+++ b/test/features/1.1.exp
@@ -0,0 +1,69 @@
+#!/usr/bin/expect -f
+#
+# new /boot
+#
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+#
+# N
+#
+send -- "firejail --noprofile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /boot | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "1"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# O
+#
+send -- "firejail --noprofile --overlay\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /boot | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "1"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# C
+#
+send -- "firejail --noprofile --chroot=/tmp/chroot\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /boot | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "1"
+}
+after 100
+send -- "exit\r"
+sleep 1
+puts "\nall done\n"
diff --git a/test/features/1.2.exp b/test/features/1.2.exp
new file mode 100755
index 000000000..399e9948b
--- /dev/null
+++ b/test/features/1.2.exp
@@ -0,0 +1,141 @@
+#!/usr/bin/expect -f
+#
+# new /proc
+#
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+#
+# N
+#
+send -- "firejail --noprofile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "cat /proc/mounts | grep proc\r"
+expect {
+        timeout {puts "TESTING ERROR 1.1\n";exit}
+        "proc /proc proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.2\n";exit}
+        "proc /proc proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.3\n";exit}
+        "proc /proc/sys proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.4\n";exit}
+        "proc /proc/sysrq-trigger proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.5\n";exit}
+        "proc /proc/sys/kernel/hotplug"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.6\n";exit}
+        "proc /proc/irq proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.7\n";exit}
+        "proc /proc/bus proc"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# O
+#
+send -- "firejail --noprofile --overlay\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "cat /proc/mounts | grep proc\r"
+expect {
+        timeout {puts "TESTING ERROR 3.1\n";exit}
+        "proc /proc proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.2\n";exit}
+        "proc /proc proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.3\n";exit}
+        "proc /proc/sys proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.4\n";exit}
+        "proc /proc/sysrq-trigger proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.5\n";exit}
+        "proc /proc/sys/kernel/hotplug"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.6\n";exit}
+        "proc /proc/irq proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.7\n";exit}
+        "proc /proc/bus proc"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# C
+#
+send -- "firejail --noprofile --chroot=/tmp/chroot\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "cat /proc/mounts | grep proc\r"
+expect {
+        timeout {puts "TESTING ERROR 5.1\n";exit}
+        "proc /proc proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.2\n";exit}
+        "proc /proc proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.3\n";exit}
+        "proc /proc/sys proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.4\n";exit}
+        "proc /proc/sysrq-trigger proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.5\n";exit}
+        "proc /proc/sys/kernel/hotplug"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.6\n";exit}
+        "proc /proc/irq proc"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.7\n";exit}
+        "proc /proc/bus proc"
+}
+after 100
+send -- "exit\r"
+sleep 1
+puts "\nall done\n"
diff --git a/test/features/1.5.exp b/test/features/1.5.exp
new file mode 100755
index 000000000..d722c5811
--- /dev/null
+++ b/test/features/1.5.exp
@@ -0,0 +1,69 @@
+#!/usr/bin/expect -f
+#
+# PID namespace
+#
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+#
+# N
+#
+send -- "firejail --noprofile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ps aux | wc -l \r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "5"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# O
+#
+send -- "firejail --noprofile --overlay\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ps aux | wc -l \r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "5"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# C
+#
+send -- "firejail --noprofile --chroot=/tmp/chroot\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ps aux | wc -l \r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "5"
+}
+after 100
+send -- "exit\r"
+sleep 1
+puts "\nall done\n"
diff --git a/test/features/1.6.exp b/test/features/1.6.exp
new file mode 100755
index 000000000..a9c8f2a19
--- /dev/null
+++ b/test/features/1.6.exp
@@ -0,0 +1,69 @@
+#!/usr/bin/expect -f
+#
+# new /var/log
+#
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+#
+# N
+#
+send -- "firejail --noprofile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/log/syslog | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# O
+#
+send -- "firejail --noprofile --overlay\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/log/syslog | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# C
+#
+send -- "firejail --noprofile --chroot=/tmp/chroot\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/log/syslog | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+puts "\nall done\n"
diff --git a/test/features/1.7.exp b/test/features/1.7.exp
new file mode 100755
index 000000000..0de3e224d
--- /dev/null
+++ b/test/features/1.7.exp
@@ -0,0 +1,71 @@
+#!/usr/bin/expect -f
+#
+# new /var/tmp
+#
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+#
+# N
+#
+send -- "touch /var/tmp/somefile\r"
+sleep 1
+send -- "firejail --noprofile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/tmp/somefile | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# O
+#
+send -- "firejail --noprofile --overlay\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/tmp/somefile | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# C
+#
+send -- "firejail --noprofile --chroot=/tmp/chroot\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/tmp/somefile | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+puts "\nall done\n"
diff --git a/test/features/1.8.exp b/test/features/1.8.exp
new file mode 100755
index 000000000..514dd3b81
--- /dev/null
+++ b/test/features/1.8.exp
@@ -0,0 +1,71 @@
+#!/usr/bin/expect -f
+#
+# disable /etc/firejail and ~/.config/firejail
+#
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+#
+# N
+#
+send -- "touch /var/tmp/somefile\r"
+sleep 1
+send -- "firejail --noprofile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/tmp/somefile | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# O
+#
+send -- "firejail --noprofile --overlay\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/tmp/somefile | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+#
+# C
+#
+send -- "firejail --noprofile --chroot=/tmp/chroot\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "ls -l /var/tmp/somefile | wc -l\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "0"
+}
+after 100
+send -- "exit\r"
+sleep 1
+puts "\nall done\n"
diff --git a/test/features/features.txt b/test/features/features.txt
new file mode 100644
index 000000000..a95eeef37
--- /dev/null
+++ b/test/features/features.txt
@@ -0,0 +1,64 @@
+Firejail Feature Testing
+N - normal user filesystem
+O - overlay filesystem
+C - chroot filesystem
+1. Default features (tesing with --noprofile)
+1.1 new /boot
+        - N, O, C
+1.2 new /proc
+        - N, O, C
+1.3 new /sys
+        - N, O fails remount, C fails remount
+1.4 mask other users
+        - home directory: N, O, C
+        - /etc/passwd: N, O, C to test
+        - /etc/group: N, O, C to test
+1.5 PID namespace
+        - N, O, C
+1.6 new /var/log
+        - N, O, C
+1.7 new /var/tmp
+        -N, O, C
+1.8 disable /etc/firejail and ~/.config/firejail
+2. Networking features
+2.1 Hostname (use --hostname=bing, do a ping and cat /etc/hostname)
+        - N, O, C
+        - ping disabled for C by default seccomp filter, use "getent hosts bingo"
+2.2 DNS (use --dns=4.2.2.1, use "dig google.com")
+        - N, O, C
+2.3 mac-vlan (use --net=eth0 and --noprofile; run ifconfig and dig google.com)
+        - N, O, C
+2.4 bridge (use --net=br0 and --noprofile; run ifconfig, netstat -rn, ping default gw)
+        - N, O, C
+        - ping disabled for C by default seccomp filter
+2.5 IP address (--noprofile --net=eth0 --ip=192.168.1.226 --net=br0 --ip=10.10.20.3, run ifconfig and netstat -rn)
+        - N, O, C
+        
+2.6 Default gw (--noprofile --net=eth0 --defaultgw=192.168.1.10, run netstat -rn)
+        - N, O, C
+3. Filesystem features (use --noprofile)
+        
+\ No newline at end of file
diff --git a/test/features/test.sh b/test/features/test.sh
new file mode 100755
index 000000000..b4ef6503a
--- /dev/null
+++ b/test/features/test.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+#
+# Feature testing
+#
+echo "TESTING: 1.1. new /boot"
+./1.1.exp
+echo "TESTING: 1.2. new /proc"
+./1.2.exp
+echo "TESTING: 1.5. PID namespace"
+./1.5.exp
+echo "TESTING: 1.6 new /var/log"
+./1.6.exp
+echo "TESTING: 1.7 new /var/tmp"
+./1.7.exp
+#echo "TESTING: "
+#./1..exp
author	netblue30 <netblue30@yahoo.com>	2015-11-22 13:15:13 -0500
committer	netblue30 <netblue30@yahoo.com>	2015-11-22 13:15:13 -0500
commit	a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0 (patch)
tree	4002cad80b79157ef2c300ca8f12625a5b0b8b17 /test/features
parent	fixes (diff)
download	firejail-a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0.tar.gz firejail-a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0.tar.zst firejail-a8d758ba9e7314de9208e4b7d4a5307d1b4fefd0.zip

diff --git a/test/features/1.1.exp b/test/features/1.1.exp new file mode 100755 index 000000000..41443a080 --- /dev/null +++ b/test/features/1.1.exp
@@ -0,0 +1,69 @@
	1	#!/usr/bin/expect -f
	2	#
	3	# new /boot
	4	#
	5
	6	set timeout 10
	7	spawn $env(SHELL)
	8	match_max 100000
	9
	10	#
	11	# N
	12	#
	13	send -- "firejail --noprofile\r"
	14	expect {
	15	timeout {puts "TESTING ERROR 0\n";exit}
	16	"Child process initialized"
	17	}
	18	sleep 1
	19
	20	send -- "ls -l /boot \| wc -l\r"
	21	expect {
	22	timeout {puts "TESTING ERROR 1\n";exit}
	23	"1"
	24	}
	25	after 100
	26	send -- "exit\r"
	27	sleep 1
	28
	29
	30	#
	31	# O
	32	#
	33	send -- "firejail --noprofile --overlay\r"
	34	expect {
	35	timeout {puts "TESTING ERROR 2\n";exit}
	36	"Child process initialized"
	37	}
	38	sleep 1
	39
	40	send -- "ls -l /boot \| wc -l\r"
	41	expect {
	42	timeout {puts "TESTING ERROR 3\n";exit}
	43	"1"
	44	}
	45	after 100
	46	send -- "exit\r"
	47	sleep 1
	48
	49	#
	50	# C
	51	#
	52	send -- "firejail --noprofile --chroot=/tmp/chroot\r"
	53	expect {
	54	timeout {puts "TESTING ERROR 3\n";exit}
	55	"Child process initialized"
	56	}
	57	sleep 1
	58
	59	send -- "ls -l /boot \| wc -l\r"
	60	expect {
	61	timeout {puts "TESTING ERROR 4\n";exit}
	62	"1"
	63	}
	64	after 100
	65	send -- "exit\r"
	66	sleep 1
	67
	68
	69	puts "\nall done\n"


diff --git a/test/features/1.2.exp b/test/features/1.2.exp new file mode 100755 index 000000000..399e9948b --- /dev/null +++ b/test/features/1.2.exp
@@ -0,0 +1,141 @@
	1	#!/usr/bin/expect -f
	2	#
	3	# new /proc
	4	#
	5
	6	set timeout 10
	7	spawn $env(SHELL)
	8	match_max 100000
	9
	10	#
	11	# N
	12	#
	13	send -- "firejail --noprofile\r"
	14	expect {
	15	timeout {puts "TESTING ERROR 0\n";exit}
	16	"Child process initialized"
	17	}
	18	sleep 1
	19
	20	send -- "cat /proc/mounts \| grep proc\r"
	21	expect {
	22	timeout {puts "TESTING ERROR 1.1\n";exit}
	23	"proc /proc proc"
	24	}
	25	expect {
	26	timeout {puts "TESTING ERROR 1.2\n";exit}
	27	"proc /proc proc"
	28	}
	29	expect {
	30	timeout {puts "TESTING ERROR 1.3\n";exit}
	31	"proc /proc/sys proc"
	32	}
	33	expect {
	34	timeout {puts "TESTING ERROR 1.4\n";exit}
	35	"proc /proc/sysrq-trigger proc"
	36	}
	37	expect {
	38	timeout {puts "TESTING ERROR 1.5\n";exit}
	39	"proc /proc/sys/kernel/hotplug"
	40	}
	41	expect {
	42	timeout {puts "TESTING ERROR 1.6\n";exit}
	43	"proc /proc/irq proc"
	44	}
	45	expect {
	46	timeout {puts "TESTING ERROR 1.7\n";exit}
	47	"proc /proc/bus proc"
	48	}
	49	after 100
	50	send -- "exit\r"
	51	sleep 1
	52
	53
	54	#
	55	# O
	56	#
	57	send -- "firejail --noprofile --overlay\r"
	58	expect {
	59	timeout {puts "TESTING ERROR 2\n";exit}
	60	"Child process initialized"
	61	}
	62	sleep 1
	63
	64	send -- "cat /proc/mounts \| grep proc\r"
	65	expect {
	66	timeout {puts "TESTING ERROR 3.1\n";exit}
	67	"proc /proc proc"
	68	}
	69	expect {
	70	timeout {puts "TESTING ERROR 3.2\n";exit}
	71	"proc /proc proc"
	72	}
	73	expect {
	74	timeout {puts "TESTING ERROR 3.3\n";exit}
	75	"proc /proc/sys proc"
	76	}
	77	expect {
	78	timeout {puts "TESTING ERROR 3.4\n";exit}
	79	"proc /proc/sysrq-trigger proc"
	80	}
	81	expect {
	82	timeout {puts "TESTING ERROR 3.5\n";exit}
	83	"proc /proc/sys/kernel/hotplug"
	84	}
	85	expect {
	86	timeout {puts "TESTING ERROR 3.6\n";exit}
	87	"proc /proc/irq proc"
	88	}
	89	expect {
	90	timeout {puts "TESTING ERROR 3.7\n";exit}
	91	"proc /proc/bus proc"
	92	}
	93	after 100
	94	send -- "exit\r"
	95	sleep 1
	96
	97	#
	98	# C
	99	#
	100	send -- "firejail --noprofile --chroot=/tmp/chroot\r"
	101	expect {
	102	timeout {puts "TESTING ERROR 4\n";exit}
	103	"Child process initialized"
	104	}
	105	sleep 1
	106
	107	send -- "cat /proc/mounts \| grep proc\r"
	108	expect {
	109	timeout {puts "TESTING ERROR 5.1\n";exit}
	110	"proc /proc proc"
	111	}
	112	expect {
	113	timeout {puts "TESTING ERROR 5.2\n";exit}
	114	"proc /proc proc"
	115	}
	116	expect {
	117	timeout {puts "TESTING ERROR 5.3\n";exit}
	118	"proc /proc/sys proc"
	119	}
	120	expect {
	121	timeout {puts "TESTING ERROR 5.4\n";exit}
	122	"proc /proc/sysrq-trigger proc"
	123	}
	124	expect {
	125	timeout {puts "TESTING ERROR 5.5\n";exit}
	126	"proc /proc/sys/kernel/hotplug"
	127	}
	128	expect {
	129	timeout {puts "TESTING ERROR 5.6\n";exit}
	130	"proc /proc/irq proc"
	131	}
	132	expect {
	133	timeout {puts "TESTING ERROR 5.7\n";exit}
	134	"proc /proc/bus proc"
	135	}
	136	after 100
	137	send -- "exit\r"
	138	sleep 1
	139
	140
	141	puts "\nall done\n"


diff --git a/test/features/1.5.exp b/test/features/1.5.exp new file mode 100755 index 000000000..d722c5811 --- /dev/null +++ b/test/features/1.5.exp
@@ -0,0 +1,69 @@
	1	#!/usr/bin/expect -f
	2	#
	3	# PID namespace
	4	#
	5
	6	set timeout 10
	7	spawn $env(SHELL)
	8	match_max 100000
	9
	10	#
	11	# N
	12	#
	13	send -- "firejail --noprofile\r"
	14	expect {
	15	timeout {puts "TESTING ERROR 0\n";exit}
	16	"Child process initialized"
	17	}
	18	sleep 1
	19
	20	send -- "ps aux \| wc -l \r"
	21	expect {
	22	timeout {puts "TESTING ERROR 1\n";exit}
	23	"5"
	24	}
	25	after 100
	26	send -- "exit\r"
	27	sleep 1
	28
	29
	30	#
	31	# O
	32	#
	33	send -- "firejail --noprofile --overlay\r"
	34	expect {
	35	timeout {puts "TESTING ERROR 2\n";exit}
	36	"Child process initialized"
	37	}
	38	sleep 1
	39
	40	send -- "ps aux \| wc -l \r"
	41	expect {
	42	timeout {puts "TESTING ERROR 3\n";exit}
	43	"5"
	44	}
	45	after 100
	46	send -- "exit\r"
	47	sleep 1
	48
	49	#
	50	# C
	51	#
	52	send -- "firejail --noprofile --chroot=/tmp/chroot\r"
	53	expect {
	54	timeout {puts "TESTING ERROR 3\n";exit}
	55	"Child process initialized"
	56	}
	57	sleep 1
	58
	59	send -- "ps aux \| wc -l \r"
	60	expect {
	61	timeout {puts "TESTING ERROR 4\n";exit}
	62	"5"
	63	}
	64	after 100
	65	send -- "exit\r"
	66	sleep 1
	67
	68
	69	puts "\nall done\n"


diff --git a/test/features/1.6.exp b/test/features/1.6.exp new file mode 100755 index 000000000..a9c8f2a19 --- /dev/null +++ b/test/features/1.6.exp
@@ -0,0 +1,69 @@
	1	#!/usr/bin/expect -f
	2	#
	3	# new /var/log
	4	#
	5
	6	set timeout 10
	7	spawn $env(SHELL)
	8	match_max 100000
	9
	10	#
	11	# N
	12	#
	13	send -- "firejail --noprofile\r"
	14	expect {
	15	timeout {puts "TESTING ERROR 0\n";exit}
	16	"Child process initialized"
	17	}
	18	sleep 1
	19
	20	send -- "ls -l /var/log/syslog \| wc -l\r"
	21	expect {
	22	timeout {puts "TESTING ERROR 1\n";exit}
	23	"0"
	24	}
	25	after 100
	26	send -- "exit\r"
	27	sleep 1
	28
	29
	30	#
	31	# O
	32	#
	33	send -- "firejail --noprofile --overlay\r"
	34	expect {
	35	timeout {puts "TESTING ERROR 2\n";exit}
	36	"Child process initialized"
	37	}
	38	sleep 1
	39
	40	send -- "ls -l /var/log/syslog \| wc -l\r"
	41	expect {
	42	timeout {puts "TESTING ERROR 3\n";exit}
	43	"0"
	44	}
	45	after 100
	46	send -- "exit\r"
	47	sleep 1
	48
	49	#
	50	# C
	51	#
	52	send -- "firejail --noprofile --chroot=/tmp/chroot\r"
	53	expect {
	54	timeout {puts "TESTING ERROR 3\n";exit}
	55	"Child process initialized"
	56	}
	57	sleep 1
	58
	59	send -- "ls -l /var/log/syslog \| wc -l\r"
	60	expect {
	61	timeout {puts "TESTING ERROR 4\n";exit}
	62	"0"
	63	}
	64	after 100
	65	send -- "exit\r"
	66	sleep 1
	67
	68
	69	puts "\nall done\n"


diff --git a/test/features/1.7.exp b/test/features/1.7.exp new file mode 100755 index 000000000..0de3e224d --- /dev/null +++ b/test/features/1.7.exp
@@ -0,0 +1,71 @@
	1	#!/usr/bin/expect -f
	2	#
	3	# new /var/tmp
	4	#
	5
	6	set timeout 10
	7	spawn $env(SHELL)
	8	match_max 100000
	9
	10	#
	11	# N
	12	#
	13	send -- "touch /var/tmp/somefile\r"
	14	sleep 1
	15	send -- "firejail --noprofile\r"
	16	expect {
	17	timeout {puts "TESTING ERROR 0\n";exit}
	18	"Child process initialized"
	19	}
	20	sleep 1
	21
	22	send -- "ls -l /var/tmp/somefile \| wc -l\r"
	23	expect {
	24	timeout {puts "TESTING ERROR 1\n";exit}
	25	"0"
	26	}
	27	after 100
	28	send -- "exit\r"
	29	sleep 1
	30
	31
	32	#
	33	# O
	34	#
	35	send -- "firejail --noprofile --overlay\r"
	36	expect {
	37	timeout {puts "TESTING ERROR 2\n";exit}
	38	"Child process initialized"
	39	}
	40	sleep 1
	41
	42	send -- "ls -l /var/tmp/somefile \| wc -l\r"
	43	expect {
	44	timeout {puts "TESTING ERROR 3\n";exit}
	45	"0"
	46	}
	47	after 100
	48	send -- "exit\r"
	49	sleep 1
	50
	51	#
	52	# C
	53	#
	54	send -- "firejail --noprofile --chroot=/tmp/chroot\r"
	55	expect {
	56	timeout {puts "TESTING ERROR 3\n";exit}
	57	"Child process initialized"
	58	}
	59	sleep 1
	60
	61	send -- "ls -l /var/tmp/somefile \| wc -l\r"
	62	expect {
	63	timeout {puts "TESTING ERROR 4\n";exit}
	64	"0"
	65	}
	66	after 100
	67	send -- "exit\r"
	68	sleep 1
	69
	70
	71	puts "\nall done\n"


diff --git a/test/features/1.8.exp b/test/features/1.8.exp new file mode 100755 index 000000000..514dd3b81 --- /dev/null +++ b/test/features/1.8.exp
@@ -0,0 +1,71 @@
	1	#!/usr/bin/expect -f
	2	#
	3	# disable /etc/firejail and ~/.config/firejail
	4	#
	5
	6	set timeout 10
	7	spawn $env(SHELL)
	8	match_max 100000
	9
	10	#
	11	# N
	12	#
	13	send -- "touch /var/tmp/somefile\r"
	14	sleep 1
	15	send -- "firejail --noprofile\r"
	16	expect {
	17	timeout {puts "TESTING ERROR 0\n";exit}
	18	"Child process initialized"
	19	}
	20	sleep 1
	21
	22	send -- "ls -l /var/tmp/somefile \| wc -l\r"
	23	expect {
	24	timeout {puts "TESTING ERROR 1\n";exit}
	25	"0"
	26	}
	27	after 100
	28	send -- "exit\r"
	29	sleep 1
	30
	31
	32	#
	33	# O
	34	#
	35	send -- "firejail --noprofile --overlay\r"
	36	expect {
	37	timeout {puts "TESTING ERROR 2\n";exit}
	38	"Child process initialized"
	39	}
	40	sleep 1
	41
	42	send -- "ls -l /var/tmp/somefile \| wc -l\r"
	43	expect {
	44	timeout {puts "TESTING ERROR 3\n";exit}
	45	"0"
	46	}
	47	after 100
	48	send -- "exit\r"
	49	sleep 1
	50
	51	#
	52	# C
	53	#
	54	send -- "firejail --noprofile --chroot=/tmp/chroot\r"
	55	expect {
	56	timeout {puts "TESTING ERROR 3\n";exit}
	57	"Child process initialized"
	58	}
	59	sleep 1
	60
	61	send -- "ls -l /var/tmp/somefile \| wc -l\r"
	62	expect {
	63	timeout {puts "TESTING ERROR 4\n";exit}
	64	"0"
	65	}
	66	after 100
	67	send -- "exit\r"
	68	sleep 1
	69
	70
	71	puts "\nall done\n"


diff --git a/test/features/features.txt b/test/features/features.txt new file mode 100644 index 000000000..a95eeef37 --- /dev/null +++ b/test/features/features.txt
@@ -0,0 +1,64 @@
	1	Firejail Feature Testing
	2
	3	N - normal user filesystem
	4	O - overlay filesystem
	5	C - chroot filesystem
	6
	7
	8
	9	1. Default features (tesing with --noprofile)
	10
	11	1.1 new /boot
	12	- N, O, C
	13
	14	1.2 new /proc
	15	- N, O, C
	16
	17	1.3 new /sys
	18	- N, O fails remount, C fails remount
	19
	20	1.4 mask other users
	21	- home directory: N, O, C
	22	- /etc/passwd: N, O, C to test
	23	- /etc/group: N, O, C to test
	24
	25	1.5 PID namespace
	26	- N, O, C
	27
	28	1.6 new /var/log
	29	- N, O, C
	30
	31	1.7 new /var/tmp
	32	-N, O, C
	33
	34	1.8 disable /etc/firejail and ~/.config/firejail
	35
	36
	37
	38	2. Networking features
	39
	40	2.1 Hostname (use --hostname=bing, do a ping and cat /etc/hostname)
	41	- N, O, C
	42	- ping disabled for C by default seccomp filter, use "getent hosts bingo"
	43
	44	2.2 DNS (use --dns=4.2.2.1, use "dig google.com")
	45	- N, O, C
	46
	47	2.3 mac-vlan (use --net=eth0 and --noprofile; run ifconfig and dig google.com)
	48	- N, O, C
	49
	50	2.4 bridge (use --net=br0 and --noprofile; run ifconfig, netstat -rn, ping default gw)
	51	- N, O, C
	52	- ping disabled for C by default seccomp filter
	53
	54	2.5 IP address (--noprofile --net=eth0 --ip=192.168.1.226 --net=br0 --ip=10.10.20.3, run ifconfig and netstat -rn)
	55	- N, O, C
	56
	57	2.6 Default gw (--noprofile --net=eth0 --defaultgw=192.168.1.10, run netstat -rn)
	58	- N, O, C
	59
	60
	61
	62	3. Filesystem features (use --noprofile)
	63
	64	\ No newline at end of file


diff --git a/test/features/test.sh b/test/features/test.sh new file mode 100755 index 000000000..b4ef6503a --- /dev/null +++ b/test/features/test.sh
@@ -0,0 +1,24 @@
	1	#!/bin/bash
	2
	3	#
	4	# Feature testing
	5	#
	6
	7	echo "TESTING: 1.1. new /boot"
	8	./1.1.exp
	9
	10	echo "TESTING: 1.2. new /proc"
	11	./1.2.exp
	12
	13	echo "TESTING: 1.5. PID namespace"
	14	./1.5.exp
	15
	16	echo "TESTING: 1.6 new /var/log"
	17	./1.6.exp
	18
	19	echo "TESTING: 1.7 new /var/tmp"
	20	./1.7.exp
	21
	22	#echo "TESTING: "
	23	#./1..exp
	24