testing

author: netblue30 <netblue30@protonmail.com> 2023-03-09 08:39:25 -0500
committer: netblue30 <netblue30@protonmail.com> 2023-03-09 08:39:25 -0500
commit: c79aa14295f907ffac0cf5555515602b7393b8b6 (patch)
tree: 87a114af4e12388e09e2d16d518b50be9ddbe0a6 /test/filters
parent: testing (diff)
download: firejail-c79aa14295f907ffac0cf5555515602b7393b8b6.tar.gz
firejail-c79aa14295f907ffac0cf5555515602b7393b8b6.tar.zst
firejail-c79aa14295f907ffac0cf5555515602b7393b8b6.zip
10 files changed, 0 insertions, 447 deletions
diff --git a/test/filters/block-secondary.profile b/test/filters/block-secondary.profile
deleted file mode 100644
index e32056c3d..000000000
--- a/test/filters/block-secondary.profile
+++ /dev/null
@@ -1 +0,0 @@
-seccomp.block-secondary
diff --git a/test/filters/filters.sh b/test/filters/filters.sh
index e19047e6f..56c97482e 100755
--- a/test/filters/filters.sh
+++ b/test/filters/filters.sh
@@ -53,9 +53,6 @@ fi
 echo "TESTING: seccomp postexec (test/filters/seccomp-postexec.exp)"
 ./seccomp-postexec.exp
-echo "TESTING: noroot (test/filters/noroot.exp)"
-./noroot.exp
 #if grep -q "^CapBnd:\\s0000003fffffffff" /proc/self/status; then
 #       echo "TESTING: capabilities (test/filters/caps.exp)"
diff --git a/test/filters/memwrexe b/test/filters/memwrexe
deleted file mode 100755
index 1173cdc07..000000000
--- a/test/filters/memwrexe
+++ /dev/null
Binary files differ
diff --git a/test/filters/memwrexe.c b/test/filters/memwrexe.c
deleted file mode 100644
index 548320df9..000000000
--- a/test/filters/memwrexe.c
+++ /dev/null
@@ -1,105 +0,0 @@
-// This file is part of Firejail project
-// Copyright (C) 2014-2023 Firejail Authors
-// License GPL v2
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <sys/mman.h>
-#include <sys/syscall.h>
-static void usage(void) {
-        printf("memwrexe options\n");
-        printf("where options is:\n");
-        printf("\tmmap - mmap test\n");
-        printf("\tmprotect - mprotect test\n");
-        printf("\tmemfd_create - memfd_create test\n");
-}
-int main(int argc, char **argv) {
-        if (argc != 2) {
-                fprintf(stderr, "TESTING ERROR: memwrexe insufficient params\n");
-                usage();
-                return 1;
-        }
-        if (strcmp(argv[1], "mmap") == 0) {
-                // open some file
-                int fd = open("memwrexe.c", O_RDONLY);
-                if (fd == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-                int size = lseek(fd, 0, SEEK_END);
-                if (size == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-                void *p = mmap (0, size, PROT_WRITE|PROT_READ|PROT_EXEC, MAP_SHARED, fd, 0);
-                if (p == MAP_FAILED) {
-                        printf("mmap failed\n");
-                        return 0;
-                }
-                printf("mmap successful\n");
-                // wait for expect to timeout
-                sleep(100);
-                return 0;
-        }
-        else if (strcmp(argv[1], "mprotect") == 0) {
-                // open some file
-                int fd = open("memwrexe.c", O_RDWR);
-                if (fd == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-                int size = lseek(fd, 0, SEEK_END);
-                if (size == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-                void *p = mmap (0, size, PROT_READ, MAP_SHARED, fd, 0);
-                if (p == MAP_FAILED) {
-                        fprintf(stderr, "TESTING ERROR: cannot map file for mprotect test\n");
-                        return 1;
-                }
-                int rv = mprotect(p, size, PROT_READ|PROT_WRITE|PROT_EXEC);
-                if (rv) {
-                        printf("mprotect failed\n");
-                        return 1;
-                }
-                printf("mprotect successful\n");
-                // wait for expect to timeout
-                sleep(100);
-                return 0;
-        }
-        else if (strcmp(argv[1], "memfd_create") == 0) {
-                int fd = syscall(SYS_memfd_create, "memfd_create", 0);
-                if (fd == -1) {
-                        printf("memfd_create failed\n");
-                        return 1;
-                }
-                printf("memfd_create successful\n");
-                // wait for expect to timeout
-                sleep(100);
-                return 0;
-        }
-}
diff --git a/test/filters/memwrexe.exp b/test/filters/memwrexe.exp
deleted file mode 100755
index e51b3372e..000000000
--- a/test/filters/memwrexe.exp
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-send --  "firejail --memory-deny-write-execute ./memwrexe mmap\r"
-expect {
-        timeout {puts "TESTING ERROR 0\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        "mmap successful" {puts "TESTING ERROR 2\n";exit}
-        "Parent is shutting down"
-}
-after 100
-send --  "firejail --memory-deny-write-execute ./memwrexe mprotect\r"
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "mprotect successful" {puts "TESTING ERROR 12\n";exit}
-        "Parent is shutting down"
-}
-after 100
-send --  "firejail --memory-deny-write-execute ./memwrexe memfd_create\r"
-expect {
-        timeout {puts "TESTING ERROR 20\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 21\n";exit}
-        "memfd_create successful" {puts "TESTING ERROR 22\n";exit}
-        "Parent is shutting down"
-}
-after 100
-puts "\nall done\n"
diff --git a/test/filters/noroot.exp b/test/filters/noroot.exp
deleted file mode 100755
index 8a8842cd9..000000000
--- a/test/filters/noroot.exp
+++ /dev/null
@@ -1,136 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-send -- "firejail --name=test --noroot --noprofile\r"
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-# check seccomp disabled and all caps enabled
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "CapBnd:"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "ffffffff"
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        "Seccomp:"
-}
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "0"
-}
-expect {
-        timeout {puts "TESTING ERROR 6\n";exit}
-        "Cpus_allowed:"
-}
-puts "\n"
-send -- "whoami\r"
-expect {
-        timeout {puts "TESTING ERROR 7\n";exit}
-        $env(USER)
-}
-send -- "sudo -s\r"
-expect {
-        timeout {puts "TESTING ERROR 8\n";exit}
-        "effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-}
-send -- "sudo su -\r"
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "effective uid is not 0" {puts "OK\n"}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-}
-send -- "sudo ls\r"
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        "effective uid is not 0" {puts "OK\n"}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-}
-send -- "cat /proc/self/uid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "1"
-}
-send -- "cat /proc/self/gid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 12\n";exit}
-        "9"
-}
-spawn $env(SHELL)
-send -- "firejail --debug --join=test\r"
-expect {
-        timeout {puts "TESTING ERROR 13\n";exit}
-        "Joining user namespace"
-}
-expect {
-        timeout {puts "TESTING ERROR 14\n";exit}
-        "Child process initialized"
-}
-sleep 1
-send -- "sudo -s\r"
-expect {
-        timeout {puts "TESTING ERROR 15\n";exit}
-        "effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-        "Permission denied" { puts "OK\n";}
-}
-send -- "cat /proc/self/uid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 16\n";exit}
-        "1"
-}
-send -- "cat /proc/self/gid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 17\n";exit}
-        "9"
-}
-# check seccomp disabled and all caps enabled
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 18\n";exit}
-        "CapBnd:"
-}
-expect {
-        timeout {puts "TESTING ERROR 19\n";exit}
-        "ffffffff"
-}
-expect {
-        timeout {puts "TESTING ERROR 20\n";exit}
-        "Seccomp:"
-}
-expect {
-        timeout {puts "TESTING ERROR 21\n";exit}
-        "0"
-}
-expect {
-        timeout {puts "TESTING ERROR 22\n";exit}
-        "Cpus_allowed:"
-}
-puts "\n"
-after 100
-puts "\nall done\n"
diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp
deleted file mode 100755
index 5320dde6f..000000000
--- a/test/filters/protocol.exp
+++ /dev/null
@@ -1,97 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-send -- "firejail --noprofile --protocol=unix --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        "0009: 20 00 00 00000000"
-}
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "000f: 20 00 00 00000010"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "0010: 15 00 01 00000001"
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        "0011: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "0012: 06 00 00 0005005f"
-}
-after 100
-send -- "exit\r"
-sleep 1
-send -- "firejail --noprofile --protocol=bluetooth --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "0009: 20 00 00 00000000"
-}
-expect {
-        timeout {puts "TESTING ERROR 12\n";exit}
-        "000f: 20 00 00 00000010"
-}
-expect {
-        timeout {puts "TESTING ERROR 13\n";exit}
-        "0010: 15 00 01 0000001f"
-}
-expect {
-        timeout {puts "TESTING ERROR 14\n";exit}
-        "0011: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR1 5\n";exit}
-        "0012: 06 00 00 0005005f"
-}
-after 100
-send -- "exit\r"
-sleep 1
-send -- "firejail --noprofile --protocol=inet,inet6 --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 31\n";exit}
-        "0009: 20 00 00 00000000"
-}
-expect {
-        timeout {puts "TESTING ERROR 32\n";exit}
-        "000f: 20 00 00 00000010"
-}
-expect {
-        timeout {puts "TESTING ERROR 33\n";exit}
-        "0010: 15 00 01 00000002"
-}
-expect {
-        timeout {puts "TESTING ERROR 34\n";exit}
-        "0011: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR1 35\n";exit}
-        "0012: 15 00 01 0000000a"
-}
-expect {
-        timeout {puts "TESTING ERROR 36\n";exit}
-        "0013: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR 37\n";exit}
-        "0014: 06 00 00 0005005f"
-}
-after 100
-send -- "exit\r"
-after 100
-puts "\nall done\n"
diff --git a/test/filters/protocol1.profile b/test/filters/protocol1.profile
deleted file mode 100644
index 3e1ea2a29..000000000
--- a/test/filters/protocol1.profile
+++ /dev/null
@@ -1 +0,0 @@
-protocol unix
diff --git a/test/filters/protocol2.profile b/test/filters/protocol2.profile
deleted file mode 100644
index b7eb4ab91..000000000
--- a/test/filters/protocol2.profile
+++ /dev/null
@@ -1 +0,0 @@
-protocol inet6,packet
diff --git a/test/filters/seccomp-debug.exp b/test/filters/seccomp-debug.exp
index dc6befcfe..33a992a93 100755
--- a/test/filters/seccomp-debug.exp
+++ b/test/filters/seccomp-debug.exp
@@ -97,61 +97,4 @@ expect {
 }
 after 100
-# memory-deny-write-execute
-send --  "firejail --debug --memory-deny-write-execute sleep 1; echo done\r"
-expect {
-        timeout {puts "TESTING ERROR 24\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 25\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.mdwx seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 26\n";exit}
-        "done"
-}
-# 64 bit architecture - seccomp.block-secondary
-send --  "firejail --debug --seccomp.block-secondary sleep 1; echo done\r"
-expect {
-        timeout {puts "TESTING ERROR 27\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 28\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 29\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 30\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 31\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 32\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 33\n";exit}
-        "done"
-}
-after 100
-# 64 bit architecture - seccomp.block-secondary, profile
-send --  "firejail --debug --profile=block-secondary.profile sleep 1; echo done\r"
-expect {
-        timeout {puts "TESTING ERROR 33\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 34\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 35\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 35\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 37\n";exit}
-        "done"
-}
-after 100
 puts "all done\n"
author	netblue30 <netblue30@protonmail.com>	2023-03-09 08:39:25 -0500
committer	netblue30 <netblue30@protonmail.com>	2023-03-09 08:39:25 -0500
commit	c79aa14295f907ffac0cf5555515602b7393b8b6 (patch)
tree	87a114af4e12388e09e2d16d518b50be9ddbe0a6 /test/filters
parent	testing (diff)
download	firejail-c79aa14295f907ffac0cf5555515602b7393b8b6.tar.gz firejail-c79aa14295f907ffac0cf5555515602b7393b8b6.tar.zst firejail-c79aa14295f907ffac0cf5555515602b7393b8b6.zip

diff --git a/test/filters/block-secondary.profile b/test/filters/block-secondary.profile deleted file mode 100644 index e32056c3d..000000000 --- a/test/filters/block-secondary.profile +++ /dev/null
@@ -1 +0,0 @@
1	seccomp.block-secondary


diff --git a/test/filters/filters.sh b/test/filters/filters.sh index e19047e6f..56c97482e 100755 --- a/test/filters/filters.sh +++ b/test/filters/filters.sh
@@ -53,9 +53,6 @@ fi
53	echo "TESTING: seccomp postexec (test/filters/seccomp-postexec.exp)"	53	echo "TESTING: seccomp postexec (test/filters/seccomp-postexec.exp)"
54	./seccomp-postexec.exp	54	./seccomp-postexec.exp
55		55
56	echo "TESTING: noroot (test/filters/noroot.exp)"
57	./noroot.exp
58
59		56
60	#if grep -q "^CapBnd:\\s0000003fffffffff" /proc/self/status; then	57	#if grep -q "^CapBnd:\\s0000003fffffffff" /proc/self/status; then
61	# echo "TESTING: capabilities (test/filters/caps.exp)"	58	# echo "TESTING: capabilities (test/filters/caps.exp)"


diff --git a/test/filters/memwrexe b/test/filters/memwrexe deleted file mode 100755 index 1173cdc07..000000000 --- a/test/filters/memwrexe +++ /dev/null
Binary files differ


diff --git a/test/filters/memwrexe.c b/test/filters/memwrexe.c deleted file mode 100644 index 548320df9..000000000 --- a/test/filters/memwrexe.c +++ /dev/null
@@ -1,105 +0,0 @@
1	// This file is part of Firejail project
2	// Copyright (C) 2014-2023 Firejail Authors
3	// License GPL v2
4
5	#include <stdio.h>
6	#include <stdlib.h>
7	#include <string.h>
8	#include <unistd.h>
9	#include <sys/types.h>
10	#include <sys/stat.h>
11	#include <fcntl.h>
12	#include <sys/mman.h>
13	#include <sys/syscall.h>
14
15	static void usage(void) {
16	printf("memwrexe options\n");
17	printf("where options is:\n");
18	printf("\tmmap - mmap test\n");
19	printf("\tmprotect - mprotect test\n");
20	printf("\tmemfd_create - memfd_create test\n");
21	}
22
23	int main(int argc, char **argv) {
24	if (argc != 2) {
25	fprintf(stderr, "TESTING ERROR: memwrexe insufficient params\n");
26	usage();
27	return 1;
28	}
29
30	if (strcmp(argv[1], "mmap") == 0) {
31	// open some file
32	int fd = open("memwrexe.c", O_RDONLY);
33	if (fd == -1) {
34	fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
35	return 1;
36	}
37
38	int size = lseek(fd, 0, SEEK_END);
39	if (size == -1) {
40	fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
41	return 1;
42	}
43
44	void *p = mmap (0, size, PROT_WRITE\|PROT_READ\|PROT_EXEC, MAP_SHARED, fd, 0);
45	if (p == MAP_FAILED) {
46	printf("mmap failed\n");
47	return 0;
48	}
49
50	printf("mmap successful\n");
51
52	// wait for expect to timeout
53	sleep(100);
54
55	return 0;
56	}
57
58	else if (strcmp(argv[1], "mprotect") == 0) {
59	// open some file
60	int fd = open("memwrexe.c", O_RDWR);
61	if (fd == -1) {
62	fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
63	return 1;
64	}
65
66	int size = lseek(fd, 0, SEEK_END);
67	if (size == -1) {
68	fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
69	return 1;
70	}
71
72	void *p = mmap (0, size, PROT_READ, MAP_SHARED, fd, 0);
73	if (p == MAP_FAILED) {
74	fprintf(stderr, "TESTING ERROR: cannot map file for mprotect test\n");
75	return 1;
76	}
77
78	int rv = mprotect(p, size, PROT_READ\|PROT_WRITE\|PROT_EXEC);
79	if (rv) {
80	printf("mprotect failed\n");
81	return 1;
82	}
83
84	printf("mprotect successful\n");
85
86	// wait for expect to timeout
87	sleep(100);
88
89	return 0;
90	}
91
92	else if (strcmp(argv[1], "memfd_create") == 0) {
93	int fd = syscall(SYS_memfd_create, "memfd_create", 0);
94	if (fd == -1) {
95	printf("memfd_create failed\n");
96	return 1;
97	}
98	printf("memfd_create successful\n");
99
100	// wait for expect to timeout
101	sleep(100);
102
103	return 0;
104	}
105	}


diff --git a/test/filters/memwrexe.exp b/test/filters/memwrexe.exp deleted file mode 100755 index e51b3372e..000000000 --- a/test/filters/memwrexe.exp +++ /dev/null
@@ -1,46 +0,0 @@
1	#!/usr/bin/expect -f
2	# This file is part of Firejail project
3	# Copyright (C) 2014-2023 Firejail Authors
4	# License GPL v2
5
6	set timeout 10
7	spawn $env(SHELL)
8	match_max 100000
9
10	send -- "firejail --memory-deny-write-execute ./memwrexe mmap\r"
11	expect {
12	timeout {puts "TESTING ERROR 0\n";exit}
13	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14	}
15	expect {
16	timeout {puts "TESTING ERROR 1\n";exit}
17	"mmap successful" {puts "TESTING ERROR 2\n";exit}
18	"Parent is shutting down"
19	}
20	after 100
21
22	send -- "firejail --memory-deny-write-execute ./memwrexe mprotect\r"
23	expect {
24	timeout {puts "TESTING ERROR 10\n";exit}
25	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
26	}
27	expect {
28	timeout {puts "TESTING ERROR 11\n";exit}
29	"mprotect successful" {puts "TESTING ERROR 12\n";exit}
30	"Parent is shutting down"
31	}
32	after 100
33
34	send -- "firejail --memory-deny-write-execute ./memwrexe memfd_create\r"
35	expect {
36	timeout {puts "TESTING ERROR 20\n";exit}
37	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
38	}
39	expect {
40	timeout {puts "TESTING ERROR 21\n";exit}
41	"memfd_create successful" {puts "TESTING ERROR 22\n";exit}
42	"Parent is shutting down"
43	}
44
45	after 100
46	puts "\nall done\n"


diff --git a/test/filters/noroot.exp b/test/filters/noroot.exp deleted file mode 100755 index 8a8842cd9..000000000 --- a/test/filters/noroot.exp +++ /dev/null
@@ -1,136 +0,0 @@
1	#!/usr/bin/expect -f
2	# This file is part of Firejail project
3	# Copyright (C) 2014-2023 Firejail Authors
4	# License GPL v2
5
6	set timeout 10
7	spawn $env(SHELL)
8	match_max 100000
9
10	send -- "firejail --name=test --noroot --noprofile\r"
11	expect {
12	timeout {puts "TESTING ERROR 1\n";exit}
13	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14	}
15	sleep 1
16
17	# check seccomp disabled and all caps enabled
18	send -- "cat /proc/self/status\r"
19	expect {
20	timeout {puts "TESTING ERROR 2\n";exit}
21	"CapBnd:"
22	}
23	expect {
24	timeout {puts "TESTING ERROR 3\n";exit}
25	"ffffffff"
26	}
27	expect {
28	timeout {puts "TESTING ERROR 4\n";exit}
29	"Seccomp:"
30	}
31	expect {
32	timeout {puts "TESTING ERROR 5\n";exit}
33	"0"
34	}
35	expect {
36	timeout {puts "TESTING ERROR 6\n";exit}
37	"Cpus_allowed:"
38	}
39	puts "\n"
40
41	send -- "whoami\r"
42	expect {
43	timeout {puts "TESTING ERROR 7\n";exit}
44	$env(USER)
45	}
46	send -- "sudo -s\r"
47	expect {
48	timeout {puts "TESTING ERROR 8\n";exit}
49	"effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
50	"sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
51	}
52
53	send -- "sudo su -\r"
54	expect {
55	timeout {puts "TESTING ERROR 9\n";exit}
56	"effective uid is not 0" {puts "OK\n"}
57	"sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
58	}
59
60	send -- "sudo ls\r"
61	expect {
62	timeout {puts "TESTING ERROR 10\n";exit}
63	"effective uid is not 0" {puts "OK\n"}
64	"sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
65	}
66
67	send -- "cat /proc/self/uid_map \| wc -l\r"
68	expect {
69	timeout {puts "TESTING ERROR 11\n";exit}
70	"1"
71	}
72	send -- "cat /proc/self/gid_map \| wc -l\r"
73	expect {
74	timeout {puts "TESTING ERROR 12\n";exit}
75	"9"
76	}
77
78
79
80	spawn $env(SHELL)
81	send -- "firejail --debug --join=test\r"
82	expect {
83	timeout {puts "TESTING ERROR 13\n";exit}
84	"Joining user namespace"
85	}
86	expect {
87	timeout {puts "TESTING ERROR 14\n";exit}
88	"Child process initialized"
89	}
90	sleep 1
91
92	send -- "sudo -s\r"
93	expect {
94	timeout {puts "TESTING ERROR 15\n";exit}
95	"effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
96	"sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
97	"Permission denied" { puts "OK\n";}
98	}
99	send -- "cat /proc/self/uid_map \| wc -l\r"
100	expect {
101	timeout {puts "TESTING ERROR 16\n";exit}
102	"1"
103	}
104	send -- "cat /proc/self/gid_map \| wc -l\r"
105	expect {
106	timeout {puts "TESTING ERROR 17\n";exit}
107	"9"
108	}
109
110	# check seccomp disabled and all caps enabled
111	send -- "cat /proc/self/status\r"
112	expect {
113	timeout {puts "TESTING ERROR 18\n";exit}
114	"CapBnd:"
115	}
116	expect {
117	timeout {puts "TESTING ERROR 19\n";exit}
118	"ffffffff"
119	}
120	expect {
121	timeout {puts "TESTING ERROR 20\n";exit}
122	"Seccomp:"
123	}
124	expect {
125	timeout {puts "TESTING ERROR 21\n";exit}
126	"0"
127	}
128	expect {
129	timeout {puts "TESTING ERROR 22\n";exit}
130	"Cpus_allowed:"
131	}
132	puts "\n"
133
134
135	after 100
136	puts "\nall done\n"


diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp deleted file mode 100755 index 5320dde6f..000000000 --- a/test/filters/protocol.exp +++ /dev/null
@@ -1,97 +0,0 @@
1	#!/usr/bin/expect -f
2	# This file is part of Firejail project
3	# Copyright (C) 2014-2023 Firejail Authors
4	# License GPL v2
5
6	set timeout 10
7	spawn $env(SHELL)
8	match_max 100000
9
10	send -- "firejail --noprofile --protocol=unix --debug\r"
11	expect {
12	timeout {puts "TESTING ERROR 1\n";exit}
13	"0009: 20 00 00 00000000"
14	}
15	expect {
16	timeout {puts "TESTING ERROR 2\n";exit}
17	"000f: 20 00 00 00000010"
18	}
19	expect {
20	timeout {puts "TESTING ERROR 3\n";exit}
21	"0010: 15 00 01 00000001"
22	}
23	expect {
24	timeout {puts "TESTING ERROR 4\n";exit}
25	"0011: 06 00 00 7fff0000"
26	}
27	expect {
28	timeout {puts "TESTING ERROR 5\n";exit}
29	"0012: 06 00 00 0005005f"
30	}
31
32	after 100
33	send -- "exit\r"
34	sleep 1
35
36	send -- "firejail --noprofile --protocol=bluetooth --debug\r"
37	expect {
38	timeout {puts "TESTING ERROR 11\n";exit}
39	"0009: 20 00 00 00000000"
40	}
41	expect {
42	timeout {puts "TESTING ERROR 12\n";exit}
43	"000f: 20 00 00 00000010"
44	}
45	expect {
46	timeout {puts "TESTING ERROR 13\n";exit}
47	"0010: 15 00 01 0000001f"
48	}
49	expect {
50	timeout {puts "TESTING ERROR 14\n";exit}
51	"0011: 06 00 00 7fff0000"
52	}
53	expect {
54	timeout {puts "TESTING ERROR1 5\n";exit}
55	"0012: 06 00 00 0005005f"
56	}
57
58	after 100
59	send -- "exit\r"
60	sleep 1
61
62	send -- "firejail --noprofile --protocol=inet,inet6 --debug\r"
63	expect {
64	timeout {puts "TESTING ERROR 31\n";exit}
65	"0009: 20 00 00 00000000"
66	}
67	expect {
68	timeout {puts "TESTING ERROR 32\n";exit}
69	"000f: 20 00 00 00000010"
70	}
71	expect {
72	timeout {puts "TESTING ERROR 33\n";exit}
73	"0010: 15 00 01 00000002"
74	}
75	expect {
76	timeout {puts "TESTING ERROR 34\n";exit}
77	"0011: 06 00 00 7fff0000"
78	}
79	expect {
80	timeout {puts "TESTING ERROR1 35\n";exit}
81	"0012: 15 00 01 0000000a"
82	}
83	expect {
84	timeout {puts "TESTING ERROR 36\n";exit}
85	"0013: 06 00 00 7fff0000"
86	}
87	expect {
88	timeout {puts "TESTING ERROR 37\n";exit}
89	"0014: 06 00 00 0005005f"
90	}
91
92	after 100
93	send -- "exit\r"
94
95
96	after 100
97	puts "\nall done\n"


diff --git a/test/filters/protocol1.profile b/test/filters/protocol1.profile deleted file mode 100644 index 3e1ea2a29..000000000 --- a/test/filters/protocol1.profile +++ /dev/null
@@ -1 +0,0 @@
1	protocol unix


diff --git a/test/filters/protocol2.profile b/test/filters/protocol2.profile deleted file mode 100644 index b7eb4ab91..000000000 --- a/test/filters/protocol2.profile +++ /dev/null
@@ -1 +0,0 @@
1	protocol inet6,packet


diff --git a/test/filters/seccomp-debug.exp b/test/filters/seccomp-debug.exp index dc6befcfe..33a992a93 100755 --- a/test/filters/seccomp-debug.exp +++ b/test/filters/seccomp-debug.exp
@@ -97,61 +97,4 @@ expect {
97	}	97	}
98	after 100	98	after 100
99		99
100	# memory-deny-write-execute
101	send -- "firejail --debug --memory-deny-write-execute sleep 1; echo done\r"
102	expect {
103	timeout {puts "TESTING ERROR 24\n";exit}
104	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
105	}
106	expect {
107	timeout {puts "TESTING ERROR 25\n";exit}
108	"Installing /run/firejail/mnt/seccomp/seccomp.mdwx seccomp filter"
109	}
110	expect {
111	timeout {puts "TESTING ERROR 26\n";exit}
112	"done"
113	}
114
115
116	# 64 bit architecture - seccomp.block-secondary
117	send -- "firejail --debug --seccomp.block-secondary sleep 1; echo done\r"
118	expect {
119	timeout {puts "TESTING ERROR 27\n";exit}
120	"Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 28\n";exit}
121	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
122	}
123	expect {
124	timeout {puts "TESTING ERROR 29\n";exit}
125	"Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 30\n";exit}
126	"Installing /run/firejail/mnt/seccomp/seccomp seccomp filter"
127	}
128	expect {
129	timeout {puts "TESTING ERROR 31\n";exit}
130	"Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 32\n";exit}
131	"Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter"
132	}
133	expect {
134	timeout {puts "TESTING ERROR 33\n";exit}
135	"done"
136	}
137	after 100
138
139	# 64 bit architecture - seccomp.block-secondary, profile
140	send -- "firejail --debug --profile=block-secondary.profile sleep 1; echo done\r"
141	expect {
142	timeout {puts "TESTING ERROR 33\n";exit}
143	"Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 34\n";exit}
144	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
145	}
146	expect {
147	timeout {puts "TESTING ERROR 35\n";exit}
148	"Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 35\n";exit}
149	"Installing /run/firejail/mnt/seccomp/seccomp seccomp filter"
150	}
151	expect {
152	timeout {puts "TESTING ERROR 37\n";exit}
153	"done"
154	}
155	after 100
156
157	puts "all done\n"	100	puts "all done\n"