diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-06 13:14:53 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-06 13:14:53 -0500 |
commit | 322ce2cdc98cf3eec22ebd0f83296ddde8347d09 (patch) | |
tree | 035026b607ee8b34a9ea03a6f1df30d03c584f43 /test/filters | |
parent | cleanup (diff) | |
download | firejail-322ce2cdc98cf3eec22ebd0f83296ddde8347d09.tar.gz firejail-322ce2cdc98cf3eec22ebd0f83296ddde8347d09.tar.zst firejail-322ce2cdc98cf3eec22ebd0f83296ddde8347d09.zip |
seccomp rework
Diffstat (limited to 'test/filters')
-rwxr-xr-x | test/filters/seccomp-errno.exp | 44 |
1 files changed, 4 insertions, 40 deletions
diff --git a/test/filters/seccomp-errno.exp b/test/filters/seccomp-errno.exp index 4df1948be..c3af2fbe9 100755 --- a/test/filters/seccomp-errno.exp +++ b/test/filters/seccomp-errno.exp | |||
@@ -8,23 +8,23 @@ spawn $env(SHELL) | |||
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | send -- "touch seccomp-test-file\r" | 10 | send -- "touch seccomp-test-file\r" |
11 | sleep 1 | 11 | after 100 |
12 | 12 | ||
13 | send -- "firejail --seccomp.enoent=unlinkat rm seccomp-test-file\r" | 13 | send -- "firejail --seccomp=unlinkat:ENOENT rm seccomp-test-file\r" |
14 | expect { | 14 | expect { |
15 | timeout {puts "TESTING ERROR 0\n";exit} | 15 | timeout {puts "TESTING ERROR 0\n";exit} |
16 | "No such file or directory" | 16 | "No such file or directory" |
17 | } | 17 | } |
18 | sleep 1 | 18 | sleep 1 |
19 | 19 | ||
20 | send -- "firejail --seccomp.enoent=unlinkat --debug rm seccomp-test-file\r" | 20 | send -- "firejail --seccomp=unlinkat:ENOENT --debug rm seccomp-test-file\r" |
21 | expect { | 21 | expect { |
22 | timeout {puts "TESTING ERROR 1\n";exit} | 22 | timeout {puts "TESTING ERROR 1\n";exit} |
23 | "unlinkat 2 ENOENT" | 23 | "unlinkat 2 ENOENT" |
24 | } | 24 | } |
25 | sleep 1 | 25 | sleep 1 |
26 | 26 | ||
27 | send -- "firejail --seccomp.enoent=unlinkat,mkdir\r" | 27 | send -- "firejail --seccomp=unlinkat:ENOENT,mkdir:ENOENT\r" |
28 | expect { | 28 | expect { |
29 | timeout {puts "TESTING ERROR 2\n";exit} | 29 | timeout {puts "TESTING ERROR 2\n";exit} |
30 | "Child process initialized" | 30 | "Child process initialized" |
@@ -49,42 +49,6 @@ puts "\n" | |||
49 | send -- "exit\r" | 49 | send -- "exit\r" |
50 | sleep 1 | 50 | sleep 1 |
51 | 51 | ||
52 | |||
53 | send -- "firejail --seccomp.enoent=unlinkat --seccomp.enoent=mkdir\r" | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 5\n";exit} | ||
56 | "errno enoent already configured" | ||
57 | } | ||
58 | sleep 1 | ||
59 | |||
60 | send -- "firejail --seccomp.enoent=unlinkat --seccomp.eperm=mkdir\r" | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 6\n";exit} | ||
63 | "Child process initialized" | ||
64 | } | ||
65 | sleep 1 | ||
66 | send -- "rm seccomp-test-file\r" | ||
67 | expect { | ||
68 | timeout {puts "TESTING ERROR 7\n";exit} | ||
69 | "No such file or directory" | ||
70 | } | ||
71 | after 100 | ||
72 | puts "\n" | ||
73 | |||
74 | send -- "mkdir seccomp-test-dir\r" | ||
75 | expect { | ||
76 | timeout {puts "TESTING ERROR 8\n";exit} | ||
77 | "Operation not permitted" | ||
78 | } | ||
79 | after 100 | ||
80 | puts "\n" | ||
81 | |||
82 | send -- "exit\r" | ||
83 | sleep 1 | ||
84 | |||
85 | |||
86 | |||
87 | |||
88 | send -- "rm seccomp-test-file\r" | 52 | send -- "rm seccomp-test-file\r" |
89 | after 100 | 53 | after 100 |
90 | puts "all done\n" | 54 | puts "all done\n" |