diff options
author | netblue30 <netblue30@yahoo.com> | 2016-04-30 07:27:31 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-04-30 07:27:31 -0400 |
commit | a1272742cfbdbfe999a701f804b58ceb4605713d (patch) | |
tree | 16d6013c8d99d9e4370d1672b4018f958081f416 /test/noroot.exp | |
parent | Merge pull request #490 from reinerh/master (diff) | |
download | firejail-a1272742cfbdbfe999a701f804b58ceb4605713d.tar.gz firejail-a1272742cfbdbfe999a701f804b58ceb4605713d.tar.zst firejail-a1272742cfbdbfe999a701f804b58ceb4605713d.zip |
added make test-filters
Diffstat (limited to 'test/noroot.exp')
-rwxr-xr-x | test/noroot.exp | 117 |
1 files changed, 0 insertions, 117 deletions
diff --git a/test/noroot.exp b/test/noroot.exp deleted file mode 100755 index 37d55fe78..000000000 --- a/test/noroot.exp +++ /dev/null | |||
@@ -1,117 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | send -- "firejail --debug --noprofile --noroot --caps.drop=all --seccomp --cpu=0,1 --name=noroot-sandbox\r" | ||
8 | expect { | ||
9 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
10 | "Child process initialized" | ||
11 | } | ||
12 | sleep 1 | ||
13 | |||
14 | send -- "cat /proc/self/status\r" | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "CapBnd:" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 1.1\n";exit} | ||
21 | "0000000000000000" | ||
22 | } | ||
23 | |||
24 | send -- "cat /proc/self/status\r" | ||
25 | expect { | ||
26 | timeout {puts "TESTING ERROR 2\n";exit} | ||
27 | "Cpus_allowed:" | ||
28 | } | ||
29 | expect { | ||
30 | timeout {puts "TESTING ERROR 2.1\n";exit} | ||
31 | "3" | ||
32 | } | ||
33 | expect { | ||
34 | timeout {puts "TESTING ERROR 2.2\n";exit} | ||
35 | "Cpus_allowed_list:" | ||
36 | } | ||
37 | puts "\n" | ||
38 | |||
39 | send -- "cat /proc/self/status\r" | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR 2\n";exit} | ||
42 | "Seccomp:" | ||
43 | } | ||
44 | expect { | ||
45 | timeout {puts "TESTING ERROR 2.1\n";exit} | ||
46 | "2" | ||
47 | } | ||
48 | expect { | ||
49 | timeout {puts "TESTING ERROR 2.2\n";exit} | ||
50 | "Cpus_allowed:" | ||
51 | } | ||
52 | puts "\n" | ||
53 | |||
54 | send -- "ping 0\r" | ||
55 | expect { | ||
56 | timeout {puts "TESTING ERROR 4\n";exit} | ||
57 | "Operation not permitted" | ||
58 | } | ||
59 | puts "\n" | ||
60 | |||
61 | send -- "whoami\r" | ||
62 | expect { | ||
63 | timeout {puts "TESTING ERROR 55\\n";exit} | ||
64 | "netblue" | ||
65 | } | ||
66 | puts "\n" | ||
67 | send -- "exit\r" | ||
68 | sleep 2 | ||
69 | |||
70 | |||
71 | send -- "firejail --noroot --noprofile\r" | ||
72 | expect { | ||
73 | timeout {puts "TESTING ERROR 6\n";exit} | ||
74 | "Child process initialized" | ||
75 | } | ||
76 | sleep 1 | ||
77 | send -- "whoami\r" | ||
78 | expect { | ||
79 | timeout {puts "TESTING ERROR 7\n";exit} | ||
80 | "netblue" | ||
81 | } | ||
82 | send -- "sudo -s\r" | ||
83 | expect { | ||
84 | timeout {puts "TESTING ERROR 8\n";exit} | ||
85 | "effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";} | ||
86 | "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";} | ||
87 | } | ||
88 | puts "\n" | ||
89 | send -- "exit\r" | ||
90 | sleep 2 | ||
91 | |||
92 | send -- "firejail --name=test --noroot --noprofile\r" | ||
93 | expect { | ||
94 | timeout {puts "TESTING ERROR 9\n";exit} | ||
95 | "Child process initialized" | ||
96 | } | ||
97 | sleep 1 | ||
98 | |||
99 | spawn $env(SHELL) | ||
100 | send -- "firejail --debug --join=test\r" | ||
101 | expect { | ||
102 | timeout {puts "TESTING ERROR 9\n";exit} | ||
103 | "User namespace detected" | ||
104 | } | ||
105 | expect { | ||
106 | timeout {puts "TESTING ERROR 9\n";exit} | ||
107 | "Joining user namespace" | ||
108 | } | ||
109 | sleep 1 | ||
110 | |||
111 | send -- "sudo -s\r" | ||
112 | expect { | ||
113 | timeout {puts "TESTING ERROR 8\n";exit} | ||
114 | "effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";} | ||
115 | "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";} | ||
116 | } | ||
117 | puts "all done\n" | ||