diff options
author | netblue30 <netblue30@yahoo.com> | 2018-04-01 07:48:11 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-04-01 07:48:11 -0400 |
commit | 1fb1bfe20fbde64d769e846b1581ce021d03e864 (patch) | |
tree | b284305324ca31fa5c0b2b318a9dbeaae146da55 /test/utils/audit.exp | |
parent | merges (diff) | |
download | firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.tar.gz firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.tar.zst firejail-1fb1bfe20fbde64d769e846b1581ce021d03e864.zip |
testing
Diffstat (limited to 'test/utils/audit.exp')
-rwxr-xr-x | test/utils/audit.exp | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/test/utils/audit.exp b/test/utils/audit.exp index 684886af7..6352dc62d 100755 --- a/test/utils/audit.exp +++ b/test/utils/audit.exp | |||
@@ -96,4 +96,64 @@ expect { | |||
96 | } | 96 | } |
97 | after 100 | 97 | after 100 |
98 | 98 | ||
99 | # test seccomp | ||
100 | send -- "firejail --seccomp.drop=mkdir --audit\r" | ||
101 | expect { | ||
102 | timeout {puts "TESTING ERROR 17\n";exit} | ||
103 | "Firejail Audit" | ||
104 | } | ||
105 | expect { | ||
106 | timeout {puts "TESTING ERROR 18\n";exit} | ||
107 | "GOOD: seccomp BPF enabled" | ||
108 | } | ||
109 | expect { | ||
110 | timeout {puts "TESTING ERROR 19\n";exit} | ||
111 | "UGLY: mount syscall permitted" | ||
112 | } | ||
113 | expect { | ||
114 | timeout {puts "TESTING ERROR 20\n";exit} | ||
115 | "UGLY: umount2 syscall permitted" | ||
116 | } | ||
117 | expect { | ||
118 | timeout {puts "TESTING ERROR 21\n";exit} | ||
119 | "UGLY: ptrace syscall permitted" | ||
120 | } | ||
121 | expect { | ||
122 | timeout {puts "TESTING ERROR 22\n";exit} | ||
123 | "UGLY: swapon syscall permitted" | ||
124 | } | ||
125 | expect { | ||
126 | timeout {puts "TESTING ERROR 23\n";exit} | ||
127 | "UGLY: swapoff syscall permitted" | ||
128 | } | ||
129 | expect { | ||
130 | timeout {puts "TESTING ERROR 24\n";exit} | ||
131 | "UGLY: init_module syscall permitted" | ||
132 | } | ||
133 | expect { | ||
134 | timeout {puts "TESTING ERROR 25\n";exit} | ||
135 | "UGLY: delete_module syscall permitted" | ||
136 | } | ||
137 | expect { | ||
138 | timeout {puts "TESTING ERROR 26\n";exit} | ||
139 | "UGLY: chroot syscall permitted" | ||
140 | } | ||
141 | expect { | ||
142 | timeout {puts "TESTING ERROR 27\n";exit} | ||
143 | "UGLY: pivot_root syscall permitted" | ||
144 | } | ||
145 | expect { | ||
146 | timeout {puts "TESTING ERROR 28\n";exit} | ||
147 | "UGLY: iopl syscall permitted" | ||
148 | } | ||
149 | expect { | ||
150 | timeout {puts "TESTING ERROR 29\n";exit} | ||
151 | "UGLY: ioperm syscall permitted" | ||
152 | } | ||
153 | expect { | ||
154 | timeout {puts "TESTING ERROR 30\n";exit} | ||
155 | "GOOD: all capabilities are disabled" | ||
156 | } | ||
157 | after 100 | ||
158 | |||
99 | puts "\nall done\n" | 159 | puts "\nall done\n" |