major cleanup and testing

3 files changed, 27 insertions, 1 deletions

diff --git a/test/root/firejail.config b/test/root/firejail.config
new file mode 100644
index 000000000..71ff2f4e9
--- /dev/null
+++ b/test/root/firejail.config
@@ -0,0 +1,20 @@
+bind yes
+chroot yes
+chroot-desktop yes
+file-transfer yes
+force-nonewprivs no
+network yes
+overlayfs yes
+private-bin-no-local no
+private-home yes
+quiet-by-default no
+remount-proc-sys yes
+restricted-network no
+# netfilter-default /etc/iptables.iptables.rules
+seccomp yes
+userns yes
+whitelist yes
+x11 yes
+xephyr-screen 800x600
+xephyr-window-title yes
+xephyr-extra-params -grayscale
diff --git a/test/root/root.sh b/test/root/root.sh
index 8c7437e49..471b7d535 100755
--- a/test/root/root.sh
+++ b/test/root/root.sh
@@ -1,5 +1,8 @@
 #!/bin/bash
 
+# set a new firejail config file
+cp firejail.config /etc/firejail/firejail.config
+
 #********************************
 # servers
 #********************************
@@ -91,3 +94,6 @@ else
         echo "TESTING SKIP: firecfg, firefox not found"
 fi
 
+# restore the default config file
+cp ../../etc/firejail.config /etc/firejail/firejail.config
+
diff --git a/test/root/seccomp-umount.exp b/test/root/seccomp-umount.exp
index 04a9b7a3d..c441c5fc4 100755
--- a/test/root/seccomp-umount.exp
+++ b/test/root/seccomp-umount.exp
@@ -7,7 +7,7 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
 
-send --  "firejail --net=br0 --ip=10.10.20.5 --seccomp --noprofile\r"
+send --  "firejail --seccomp --noprofile\r"
 expect {
         timeout {puts "TESTING ERROR 0\n";exit}
         "Child process initialized"