profile parser testing

author: netblue30 <netblue30@yahoo.com> 2018-11-08 10:49:44 -0500
committer: netblue30 <netblue30@yahoo.com> 2018-11-08 10:49:44 -0500
commit: 2acc910daf73c284965ca96bc70b4eb980c865cf (patch)
tree: 7b5733a8ccacba4089a7a9c067b12355372c8dc9 /test
parent: Merge pull request #2251 from glitsj16/sort (diff)
download: firejail-2acc910daf73c284965ca96bc70b4eb980c865cf.tar.gz
firejail-2acc910daf73c284965ca96bc70b4eb980c865cf.tar.zst
firejail-2acc910daf73c284965ca96bc70b4eb980c865cf.zip
7 files changed, 85 insertions, 26 deletions
diff --git a/test/profiles/profile_appname.exp b/test/profiles/profile_appname.exp
new file mode 100755
index 000000000..c70e7ad57
--- /dev/null
+++ b/test/profiles/profile_appname.exp
@@ -0,0 +1,25 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --profile=firefox\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Reading profile /etc/firejail/firefox.profile"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "Reading profile /etc/firejail/firefox-common.profile"
+}
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "shell=none configured, but no program specified"
+}
+after 100
+puts "\nall done\n"
diff --git a/test/profiles/profile_noperm.exp b/test/profiles/profile_noperm.exp
index b3b031cb2..9f8cb54e2 100755
--- a/test/profiles/profile_noperm.exp
+++ b/test/profiles/profile_noperm.exp
@@ -7,7 +7,7 @@ match_max 100000
 send -- "firejail --profile=/etc/shadow\r"
 expect {
        timeout {puts "TESTING ERROR 0\n";exit}
-        "cannot access profile"
+        "inaccessible profile file"
 }
 after 100
 puts "\nall done\n"
diff --git a/test/profiles/profile_recursivity.exp b/test/profiles/profile_recursivity.exp
new file mode 100755
index 000000000..66e4510bf
--- /dev/null
+++ b/test/profiles/profile_recursivity.exp
@@ -0,0 +1,25 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --profile=test3.profile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Reading profile test3.profile"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "Reading profile test3.profile"
+}
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "maximum profile include level was reached"
+}
+after 100
+puts "\nall done\n"
diff --git a/test/profiles/profile_syntax2.exp b/test/profiles/profile_syntax2.exp
index 4d621f3ec..da34b67e8 100755
--- a/test/profiles/profile_syntax2.exp
+++ b/test/profiles/profile_syntax2.exp
@@ -7,7 +7,7 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
-send -- "firejail --debug --profile=test2.profile\r"
+send -- "firejail --profile=test2.profile\r"
 expect {
        timeout {puts "TESTING ERROR 0\n";exit}
        "Reading profile test2.profile"
@@ -18,29 +18,8 @@ expect {
 }
 expect {
        timeout {puts "TESTING ERROR 2\n";exit}
-        "Mounting a new /home directory"
+        "cannot access profile file"
 }
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "Disable /bin/rmdir" {puts "Most Linux platforms\n"}
-        "Disable /usr/bin/rmdir" { puts "OpenSUSE platform\n"}
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        "Drop CAP_SYS_MODULE"
-}
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "seccomp entries in /run/firejail/mnt/seccomp"
-}
-expect {
-        timeout {puts "TESTING ERROR 7\n";exit}
-        "jeq mount"
-}
-expect {
-        timeout {puts "TESTING ERROR 8\n";exit}
-        "Child process initialized"
-}
-send -- "exit\r"
 after 100
 puts "\nall done\n"
diff --git a/test/profiles/profiles.sh b/test/profiles/profiles.sh
index 7c3549aea..a3d24ac0c 100755
--- a/test/profiles/profiles.sh
+++ b/test/profiles/profiles.sh
@@ -6,6 +6,33 @@
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
+echo "TESTING: profile recursivity (test/profiles/profile_recursivity.exp)"
+./profile_recursivity.exp
+echo "TESTING: profile application name (test/profiles/profile_appname.exp)"
+./profile_appname.exp
+echo "TESTING: profile syntax (test/profiles/profile_syntax.exp)"
+./profile_syntax.exp
+echo "TESTING: profile syntax 2 (test/profiles/profile_syntax2.exp)"
+./profile_syntax2.exp
+echo "TESTING: ignore command (test/profiles/ignore.exp)"
+./ignore.exp
+echo "TESTING: profile read-only (test/profiles/profile_readonly.exp)"
+./profile_readonly.exp
+echo "TESTING: profile read-only links (test/profiles/profile_readonly.exp)"
+./profile_followlnk.exp
+echo "TESTING: profile no permissions (test/profiles/profile_noperm.exp)"
+./profile_noperm.exp
 echo "TESTING: default profiles installed in /etc"
 PROFILES=`ls /etc/firejail/*.profile`
 for PROFILE in $PROFILES
diff --git a/test/profiles/test2.profile b/test/profiles/test2.profile
index e219d800d..9fbd5219a 100644
--- a/test/profiles/test2.profile
+++ b/test/profiles/test2.profile
@@ -1,4 +1,6 @@
-caps    
+caps
 seccomp
  private
  include test.profile
+  include test.local
+  include test25.profile
diff --git a/test/profiles/test3.profile b/test/profiles/test3.profile
new file mode 100644
index 000000000..c28ddadb5
--- /dev/null
+++ b/test/profiles/test3.profile
@@ -0,0 +1 @@
+include test3.profile
+\ No newline at end of file
author	netblue30 <netblue30@yahoo.com>	2018-11-08 10:49:44 -0500
committer	netblue30 <netblue30@yahoo.com>	2018-11-08 10:49:44 -0500
commit	2acc910daf73c284965ca96bc70b4eb980c865cf (patch)
tree	7b5733a8ccacba4089a7a9c067b12355372c8dc9 /test
parent	Merge pull request #2251 from glitsj16/sort (diff)
download	firejail-2acc910daf73c284965ca96bc70b4eb980c865cf.tar.gz firejail-2acc910daf73c284965ca96bc70b4eb980c865cf.tar.zst firejail-2acc910daf73c284965ca96bc70b4eb980c865cf.zip

diff --git a/test/profiles/profile_appname.exp b/test/profiles/profile_appname.exp new file mode 100755 index 000000000..c70e7ad57 --- /dev/null +++ b/test/profiles/profile_appname.exp
@@ -0,0 +1,25 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2018 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --profile=firefox\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 0\n";exit}
		13	"Reading profile /etc/firejail/firefox.profile"
		14	}
		15	expect {
		16	timeout {puts "TESTING ERROR 1\n";exit}
		17	"Reading profile /etc/firejail/firefox-common.profile"
		18	}
		19	expect {
		20	timeout {puts "TESTING ERROR 2\n";exit}
		21	"shell=none configured, but no program specified"
		22	}
		23
		24	after 100
		25	puts "\nall done\n"


diff --git a/test/profiles/profile_noperm.exp b/test/profiles/profile_noperm.exp index b3b031cb2..9f8cb54e2 100755 --- a/test/profiles/profile_noperm.exp +++ b/test/profiles/profile_noperm.exp
@@ -7,7 +7,7 @@ match_max 100000
7	send -- "firejail --profile=/etc/shadow\r"	7	send -- "firejail --profile=/etc/shadow\r"
8	expect {	8	expect {
9	timeout {puts "TESTING ERROR 0\n";exit}	9	timeout {puts "TESTING ERROR 0\n";exit}
10	"cannot access profile"	10	"inaccessible profile file"
11	}	11	}
12	after 100	12	after 100
13	puts "\nall done\n"	13	puts "\nall done\n"


diff --git a/test/profiles/profile_recursivity.exp b/test/profiles/profile_recursivity.exp new file mode 100755 index 000000000..66e4510bf --- /dev/null +++ b/test/profiles/profile_recursivity.exp
@@ -0,0 +1,25 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2018 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --profile=test3.profile\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 0\n";exit}
		13	"Reading profile test3.profile"
		14	}
		15	expect {
		16	timeout {puts "TESTING ERROR 1\n";exit}
		17	"Reading profile test3.profile"
		18	}
		19	expect {
		20	timeout {puts "TESTING ERROR 2\n";exit}
		21	"maximum profile include level was reached"
		22	}
		23
		24	after 100
		25	puts "\nall done\n"


diff --git a/test/profiles/profile_syntax2.exp b/test/profiles/profile_syntax2.exp index 4d621f3ec..da34b67e8 100755 --- a/test/profiles/profile_syntax2.exp +++ b/test/profiles/profile_syntax2.exp
@@ -7,7 +7,7 @@ set timeout 10
7	spawn $env(SHELL)	7	spawn $env(SHELL)
8	match_max 100000	8	match_max 100000
9		9
10	send -- "firejail --debug --profile=test2.profile\r"	10	send -- "firejail --profile=test2.profile\r"
11	expect {	11	expect {
12	timeout {puts "TESTING ERROR 0\n";exit}	12	timeout {puts "TESTING ERROR 0\n";exit}
13	"Reading profile test2.profile"	13	"Reading profile test2.profile"
@@ -18,29 +18,8 @@ expect {
18	}	18	}
19	expect {	19	expect {
20	timeout {puts "TESTING ERROR 2\n";exit}	20	timeout {puts "TESTING ERROR 2\n";exit}
21	"Mounting a new /home directory"	21	"cannot access profile file"
22	}	22	}
23	expect {	23
24	timeout {puts "TESTING ERROR 3\n";exit}
25	"Disable /bin/rmdir" {puts "Most Linux platforms\n"}
26	"Disable /usr/bin/rmdir" { puts "OpenSUSE platform\n"}
27	}
28	expect {
29	timeout {puts "TESTING ERROR 4\n";exit}
30	"Drop CAP_SYS_MODULE"
31	}
32	expect {
33	timeout {puts "TESTING ERROR 5\n";exit}
34	"seccomp entries in /run/firejail/mnt/seccomp"
35	}
36	expect {
37	timeout {puts "TESTING ERROR 7\n";exit}
38	"jeq mount"
39	}
40	expect {
41	timeout {puts "TESTING ERROR 8\n";exit}
42	"Child process initialized"
43	}
44	send -- "exit\r"
45	after 100	24	after 100
46	puts "\nall done\n"	25	puts "\nall done\n"


diff --git a/test/profiles/profiles.sh b/test/profiles/profiles.sh index 7c3549aea..a3d24ac0c 100755 --- a/test/profiles/profiles.sh +++ b/test/profiles/profiles.sh
@@ -6,6 +6,33 @@
6	export MALLOC_CHECK_=3	6	export MALLOC_CHECK_=3
7	export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))	7	export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
8		8
		9	echo "TESTING: profile recursivity (test/profiles/profile_recursivity.exp)"
		10	./profile_recursivity.exp
		11
		12	echo "TESTING: profile application name (test/profiles/profile_appname.exp)"
		13	./profile_appname.exp
		14
		15	echo "TESTING: profile syntax (test/profiles/profile_syntax.exp)"
		16	./profile_syntax.exp
		17
		18	echo "TESTING: profile syntax 2 (test/profiles/profile_syntax2.exp)"
		19	./profile_syntax2.exp
		20
		21	echo "TESTING: ignore command (test/profiles/ignore.exp)"
		22	./ignore.exp
		23
		24	echo "TESTING: profile read-only (test/profiles/profile_readonly.exp)"
		25	./profile_readonly.exp
		26
		27	echo "TESTING: profile read-only links (test/profiles/profile_readonly.exp)"
		28	./profile_followlnk.exp
		29
		30	echo "TESTING: profile no permissions (test/profiles/profile_noperm.exp)"
		31	./profile_noperm.exp
		32
		33
		34
		35
9	echo "TESTING: default profiles installed in /etc"	36	echo "TESTING: default profiles installed in /etc"
10	PROFILES=`ls /etc/firejail/*.profile`	37	PROFILES=`ls /etc/firejail/*.profile`
11	for PROFILE in $PROFILES	38	for PROFILE in $PROFILES


diff --git a/test/profiles/test2.profile b/test/profiles/test2.profile index e219d800d..9fbd5219a 100644 --- a/test/profiles/test2.profile +++ b/test/profiles/test2.profile
@@ -1,4 +1,6 @@
1	caps	1	caps
2	seccomp	2	seccomp
3	private	3	private
4	include test.profile	4	include test.profile
		5	include test.local
		6	include test25.profile


diff --git a/test/profiles/test3.profile b/test/profiles/test3.profile new file mode 100644 index 000000000..c28ddadb5 --- /dev/null +++ b/test/profiles/test3.profile
@@ -0,0 +1 @@
			include test3.profile \ No newline at end of file