diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-13 10:47:20 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-13 10:47:20 -0500 |
commit | 63e16bfcd9f79c63f3801f51df4840f74fa6f41b (patch) | |
tree | fa62784ad7ff5becbb4856ed84264cb5d4de8828 /test/root | |
parent | set_perms cleanup (diff) | |
download | firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.gz firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.zst firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.zip |
major cleanup and testing
Diffstat (limited to 'test/root')
-rw-r--r-- | test/root/firejail.config | 20 | ||||
-rwxr-xr-x | test/root/root.sh | 6 | ||||
-rwxr-xr-x | test/root/seccomp-umount.exp | 2 |
3 files changed, 27 insertions, 1 deletions
diff --git a/test/root/firejail.config b/test/root/firejail.config new file mode 100644 index 000000000..71ff2f4e9 --- /dev/null +++ b/test/root/firejail.config | |||
@@ -0,0 +1,20 @@ | |||
1 | bind yes | ||
2 | chroot yes | ||
3 | chroot-desktop yes | ||
4 | file-transfer yes | ||
5 | force-nonewprivs no | ||
6 | network yes | ||
7 | overlayfs yes | ||
8 | private-bin-no-local no | ||
9 | private-home yes | ||
10 | quiet-by-default no | ||
11 | remount-proc-sys yes | ||
12 | restricted-network no | ||
13 | # netfilter-default /etc/iptables.iptables.rules | ||
14 | seccomp yes | ||
15 | userns yes | ||
16 | whitelist yes | ||
17 | x11 yes | ||
18 | xephyr-screen 800x600 | ||
19 | xephyr-window-title yes | ||
20 | xephyr-extra-params -grayscale | ||
diff --git a/test/root/root.sh b/test/root/root.sh index 8c7437e49..471b7d535 100755 --- a/test/root/root.sh +++ b/test/root/root.sh | |||
@@ -1,5 +1,8 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | 2 | ||
3 | # set a new firejail config file | ||
4 | cp firejail.config /etc/firejail/firejail.config | ||
5 | |||
3 | #******************************** | 6 | #******************************** |
4 | # servers | 7 | # servers |
5 | #******************************** | 8 | #******************************** |
@@ -91,3 +94,6 @@ else | |||
91 | echo "TESTING SKIP: firecfg, firefox not found" | 94 | echo "TESTING SKIP: firecfg, firefox not found" |
92 | fi | 95 | fi |
93 | 96 | ||
97 | # restore the default config file | ||
98 | cp ../../etc/firejail.config /etc/firejail/firejail.config | ||
99 | |||
diff --git a/test/root/seccomp-umount.exp b/test/root/seccomp-umount.exp index 04a9b7a3d..c441c5fc4 100755 --- a/test/root/seccomp-umount.exp +++ b/test/root/seccomp-umount.exp | |||
@@ -7,7 +7,7 @@ set timeout 10 | |||
7 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | send -- "firejail --net=br0 --ip=10.10.20.5 --seccomp --noprofile\r" | 10 | send -- "firejail --seccomp --noprofile\r" |
11 | expect { | 11 | expect { |
12 | timeout {puts "TESTING ERROR 0\n";exit} | 12 | timeout {puts "TESTING ERROR 0\n";exit} |
13 | "Child process initialized" | 13 | "Child process initialized" |