diff options
author | netblue30 <netblue30@yahoo.com> | 2018-04-12 12:45:43 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-04-12 12:45:43 -0400 |
commit | 38276c9c64c8a0e086f2fb84402c5105c1483216 (patch) | |
tree | 98f2bbafeef4bb1bdad64795607e961109eb1880 /test/filters | |
parent | AppArmor: disable MAC related capabilities (diff) | |
download | firejail-38276c9c64c8a0e086f2fb84402c5105c1483216.tar.gz firejail-38276c9c64c8a0e086f2fb84402c5105c1483216.tar.zst firejail-38276c9c64c8a0e086f2fb84402c5105c1483216.zip |
cleanup seccomp run files
Diffstat (limited to 'test/filters')
-rwxr-xr-x | test/filters/filters.sh | 3 | ||||
-rwxr-xr-x | test/filters/seccomp-run-files.exp | 98 |
2 files changed, 101 insertions, 0 deletions
diff --git a/test/filters/filters.sh b/test/filters/filters.sh index 45b1d0459..12f13606b 100755 --- a/test/filters/filters.sh +++ b/test/filters/filters.sh | |||
@@ -28,6 +28,9 @@ fi | |||
28 | echo "TESTING: debug options (test/filters/debug.exp)" | 28 | echo "TESTING: debug options (test/filters/debug.exp)" |
29 | ./debug.exp | 29 | ./debug.exp |
30 | 30 | ||
31 | echo "TESTING: seccomp run files (test/filters/seccomp-run-files.exp)" | ||
32 | ./seccomp-run-files.exp | ||
33 | |||
31 | echo "TESTING: noroot (test/filters/noroot.exp)" | 34 | echo "TESTING: noroot (test/filters/noroot.exp)" |
32 | ./noroot.exp | 35 | ./noroot.exp |
33 | 36 | ||
diff --git a/test/filters/seccomp-run-files.exp b/test/filters/seccomp-run-files.exp new file mode 100755 index 000000000..a72b9aef7 --- /dev/null +++ b/test/filters/seccomp-run-files.exp | |||
@@ -0,0 +1,98 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2018 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --debug\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | "/run/firejail/mnt/seccomp seccomp filter" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "/run/firejail/mnt/seccomp.32 seccomp filter" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 2\n";exit} | ||
21 | "/run/firejail/mnt/seccomp.protocol seccomp filter" | ||
22 | } | ||
23 | after 100 | ||
24 | send -- "ls -l /run/firejail/mnt | grep seccomp | wc -l\r" | ||
25 | expect { | ||
26 | timeout {puts "TESTING ERROR 3\n";exit} | ||
27 | "4" | ||
28 | } | ||
29 | send -- "exit\r" | ||
30 | sleep 1 | ||
31 | |||
32 | send -- "firejail --ignore=seccomp --debug\r" | ||
33 | expect { | ||
34 | timeout {puts "TESTING ERROR 4\n";exit} | ||
35 | "/run/firejail/mnt/seccomp seccomp filter" {puts "TESTING ERROR 5\n";exit} | ||
36 | "/run/firejail/mnt/seccomp.32 seccomp filter" {puts "TESTING ERROR 6\n";exit} | ||
37 | "/run/firejail/mnt/seccomp.64 seccomp filter" {puts "TESTING ERROR 7\n";exit} | ||
38 | "/run/firejail/mnt/seccomp.protocol seccomp filter" | ||
39 | } | ||
40 | after 100 | ||
41 | send -- "ls -l /run/firejail/mnt | grep seccomp | wc -l\r" | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 8\n";exit} | ||
44 | "1" | ||
45 | } | ||
46 | send -- "exit\r" | ||
47 | sleep 1 | ||
48 | |||
49 | send -- "firejail --ignore=protocol --debug\r" | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 9\n";exit} | ||
52 | "/run/firejail/mnt/seccomp seccomp filter" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 10\n";exit} | ||
56 | "/run/firejail/mnt/seccomp.32 seccomp filter" | ||
57 | } | ||
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 11\n";exit} | ||
60 | "/run/firejail/mnt/seccomp.protocol seccomp filter" {puts "TESTING ERROR 12\n";exit} | ||
61 | "monitoring" | ||
62 | } | ||
63 | after 100 | ||
64 | send -- "ls -l /run/firejail/mnt | grep seccomp | wc -l\r" | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 13\n";exit} | ||
67 | "3" | ||
68 | } | ||
69 | send -- "exit\r" | ||
70 | sleep 1 | ||
71 | |||
72 | send -- "firejail --memory-deny-write-execute --debug\r" | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 14\n";exit} | ||
75 | "/run/firejail/mnt/seccomp.mdwx seccomp filter" | ||
76 | } | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 15\n";exit} | ||
79 | "/run/firejail/mnt/seccomp seccomp filter" | ||
80 | } | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 16\n";exit} | ||
83 | "/run/firejail/mnt/seccomp.32 seccomp filter" | ||
84 | } | ||
85 | expect { | ||
86 | timeout {puts "TESTING ERROR 17\n";exit} | ||
87 | "/run/firejail/mnt/seccomp.protocol seccomp filter" | ||
88 | } | ||
89 | after 100 | ||
90 | send -- "ls -l /run/firejail/mnt | grep seccomp | wc -l\r" | ||
91 | expect { | ||
92 | timeout {puts "TESTING ERROR 18\n";exit} | ||
93 | "5" | ||
94 | } | ||
95 | send -- "exit\r" | ||
96 | sleep 1 | ||
97 | |||
98 | puts "all done\n" | ||