diff options
author | netblue30 <netblue30@yahoo.com> | 2015-12-23 21:20:14 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-12-23 21:20:14 -0500 |
commit | c0dc4e056589c41b423e9a5c1fe5edd2b845967a (patch) | |
tree | e61d391ac05062514c2ae692378ac8171a02da59 /test | |
parent | 0.9.36 testing (diff) | |
download | firejail-c0dc4e056589c41b423e9a5c1fe5edd2b845967a.tar.gz firejail-c0dc4e056589c41b423e9a5c1fe5edd2b845967a.tar.zst firejail-c0dc4e056589c41b423e9a5c1fe5edd2b845967a.zip |
0.9.36 testing
Diffstat (limited to 'test')
-rwxr-xr-x | test/features/1.2.exp | 24 | ||||
-rwxr-xr-x | test/features/test.sh | 33 | ||||
-rwxr-xr-x | test/private-etc.exp | 12 | ||||
-rwxr-xr-x | test/profile_syntax.exp | 11 | ||||
-rw-r--r-- | test/test.profile | 3 |
5 files changed, 39 insertions, 44 deletions
diff --git a/test/features/1.2.exp b/test/features/1.2.exp index 0b92247f1..623957f5f 100755 --- a/test/features/1.2.exp +++ b/test/features/1.2.exp | |||
@@ -36,10 +36,10 @@ expect { | |||
36 | timeout {puts "TESTING ERROR 1.4\n";exit} | 36 | timeout {puts "TESTING ERROR 1.4\n";exit} |
37 | "proc /proc/sysrq-trigger proc" | 37 | "proc /proc/sysrq-trigger proc" |
38 | } | 38 | } |
39 | expect { | 39 | #expect { |
40 | timeout {puts "TESTING ERROR 1.5\n";exit} | 40 | # timeout {puts "TESTING ERROR 1.5\n";exit} |
41 | "proc /proc/sys/kernel/hotplug" | 41 | # "proc /proc/sys/kernel/hotplug" |
42 | } | 42 | #} |
43 | expect { | 43 | expect { |
44 | timeout {puts "TESTING ERROR 1.6\n";exit} | 44 | timeout {puts "TESTING ERROR 1.6\n";exit} |
45 | "proc /proc/irq proc" | 45 | "proc /proc/irq proc" |
@@ -69,10 +69,10 @@ if { $overlay == "overlay" } { | |||
69 | timeout {puts "TESTING ERROR 3.1\n";exit} | 69 | timeout {puts "TESTING ERROR 3.1\n";exit} |
70 | "proc /proc proc" | 70 | "proc /proc proc" |
71 | } | 71 | } |
72 | expect { | 72 | # expect { |
73 | timeout {puts "TESTING ERROR 3.2\n";exit} | 73 | # timeout {puts "TESTING ERROR 3.2\n";exit} |
74 | "proc /proc proc" | 74 | # "proc /proc proc" |
75 | } | 75 | # } |
76 | expect { | 76 | expect { |
77 | timeout {puts "TESTING ERROR 3.3\n";exit} | 77 | timeout {puts "TESTING ERROR 3.3\n";exit} |
78 | "proc /proc/sys proc" | 78 | "proc /proc/sys proc" |
@@ -81,10 +81,10 @@ if { $overlay == "overlay" } { | |||
81 | timeout {puts "TESTING ERROR 3.4\n";exit} | 81 | timeout {puts "TESTING ERROR 3.4\n";exit} |
82 | "proc /proc/sysrq-trigger proc" | 82 | "proc /proc/sysrq-trigger proc" |
83 | } | 83 | } |
84 | expect { | 84 | # expect { |
85 | timeout {puts "TESTING ERROR 3.5\n";exit} | 85 | # timeout {puts "TESTING ERROR 3.5\n";exit} |
86 | "proc /proc/sys/kernel/hotplug" | 86 | # "proc /proc/sys/kernel/hotplug" |
87 | } | 87 | # } |
88 | expect { | 88 | expect { |
89 | timeout {puts "TESTING ERROR 3.6\n";exit} | 89 | timeout {puts "TESTING ERROR 3.6\n";exit} |
90 | "proc /proc/irq proc" | 90 | "proc /proc/irq proc" |
diff --git a/test/features/test.sh b/test/features/test.sh index c3a4f21ae..d4bcead0b 100755 --- a/test/features/test.sh +++ b/test/features/test.sh | |||
@@ -1,6 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | OVERLAY="overlay" | 2 | OVERLAY="overlay" |
3 | CHROOT="chroot" | 3 | CHROOT="chroot" |
4 | NETWORK="network" | ||
4 | 5 | ||
5 | while [ $# -gt 0 ]; do # Until you run out of parameters . . . | 6 | while [ $# -gt 0 ]; do # Until you run out of parameters . . . |
6 | case "$1" in | 7 | case "$1" in |
@@ -10,8 +11,11 @@ while [ $# -gt 0 ]; do # Until you run out of parameters . . . | |||
10 | --nochroot) | 11 | --nochroot) |
11 | CHROOT="none" | 12 | CHROOT="none" |
12 | ;; | 13 | ;; |
14 | --nonetwork) | ||
15 | NETWORK="none" | ||
16 | ;; | ||
13 | --help) | 17 | --help) |
14 | echo "./test.sh [--nooverlay|--nochroot|--help] | grep TESTING" | 18 | echo "./test.sh [--nooverlay|--nochroot|--nonetwork|--help] | grep TESTING" |
15 | exit | 19 | exit |
16 | ;; | 20 | ;; |
17 | esac | 21 | esac |
@@ -55,23 +59,26 @@ echo "TESTING: 1.10 disable /selinux" | |||
55 | #################### | 59 | #################### |
56 | # networking features | 60 | # networking features |
57 | #################### | 61 | #################### |
58 | echo "TESTING: 2.1 hostname" | 62 | if [ $NETWORK == "network" ] |
59 | ./2.1.exp $OVERLAY $CHROOT | 63 | then |
64 | echo "TESTING: 2.1 hostname" | ||
65 | ./2.1.exp $OVERLAY $CHROOT | ||
60 | 66 | ||
61 | echo "TESTING: 2.2 DNS" | 67 | echo "TESTING: 2.2 DNS" |
62 | ./2.2.exp $OVERLAY $CHROOT | 68 | ./2.2.exp $OVERLAY $CHROOT |
63 | 69 | ||
64 | echo "TESTING: 2.3 mac-vlan" | 70 | echo "TESTING: 2.3 mac-vlan" |
65 | ./2.3.exp $OVERLAY $CHROOT | 71 | ./2.3.exp $OVERLAY $CHROOT |
66 | 72 | ||
67 | echo "TESTING: 2.4 bridge" | 73 | echo "TESTING: 2.4 bridge" |
68 | ./2.4.exp $OVERLAY $CHROOT | 74 | ./2.4.exp $OVERLAY $CHROOT |
69 | 75 | ||
70 | echo "TESTING: 2.5 interface" | 76 | echo "TESTING: 2.5 interface" |
71 | ./2.5.exp $OVERLAY $CHROOT | 77 | ./2.5.exp $OVERLAY $CHROOT |
72 | 78 | ||
73 | echo "TESTING: 2.6 Default gateway" | 79 | echo "TESTING: 2.6 Default gateway" |
74 | ./2.6.exp $OVERLAY $CHROOT | 80 | ./2.6.exp $OVERLAY $CHROOT |
81 | fi | ||
75 | 82 | ||
76 | #################### | 83 | #################### |
77 | # filesystem features | 84 | # filesystem features |
diff --git a/test/private-etc.exp b/test/private-etc.exp index 9df798e22..db1d1df3a 100755 --- a/test/private-etc.exp +++ b/test/private-etc.exp | |||
@@ -5,7 +5,7 @@ spawn $env(SHELL) | |||
5 | match_max 100000 | 5 | match_max 100000 |
6 | 6 | ||
7 | # directory with ~ | 7 | # directory with ~ |
8 | send -- "firejail --private-etc=passwd,group,resolv.conf,bash_completion.d,timezone\r" | 8 | send -- "firejail --private-etc=passwd,group,resolv.conf,X11\r" |
9 | expect { | 9 | expect { |
10 | timeout {puts "TESTING ERROR 1\n";exit} | 10 | timeout {puts "TESTING ERROR 1\n";exit} |
11 | "Child process initialized" | 11 | "Child process initialized" |
@@ -14,10 +14,6 @@ sleep 1 | |||
14 | 14 | ||
15 | send -- "ls -al /etc\r" | 15 | send -- "ls -al /etc\r" |
16 | expect { | 16 | expect { |
17 | timeout {puts "TESTING ERROR 2\n";exit} | ||
18 | "bash_completion.d" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 3\n";exit} | 17 | timeout {puts "TESTING ERROR 3\n";exit} |
22 | "group" | 18 | "group" |
23 | } | 19 | } |
@@ -31,16 +27,16 @@ expect { | |||
31 | } | 27 | } |
32 | expect { | 28 | expect { |
33 | timeout {puts "TESTING ERROR 6\n";exit} | 29 | timeout {puts "TESTING ERROR 6\n";exit} |
34 | "timezone" | 30 | "X11" |
35 | } | 31 | } |
36 | 32 | ||
37 | send -- "ls -al /etc\r" | 33 | send -- "ls -al /etc\r" |
38 | expect { | 34 | expect { |
39 | timeout {puts "TESTING ERROR 7\n";exit} | 35 | timeout {puts "TESTING ERROR 7\n";exit} |
40 | "shadow" {puts "TESTING ERROR 8\n";exit} | 36 | "shadow" {puts "TESTING ERROR 8\n";exit} |
41 | "timezone" | 37 | "X11" |
42 | } | 38 | } |
43 | 39 | ||
44 | sleep 1 | 40 | sleep 1 |
45 | puts "\n" | 41 | puts "\nall done\n" |
46 | 42 | ||
diff --git a/test/profile_syntax.exp b/test/profile_syntax.exp index 3218177c3..5815bd619 100755 --- a/test/profile_syntax.exp +++ b/test/profile_syntax.exp | |||
@@ -11,17 +11,10 @@ expect { | |||
11 | } | 11 | } |
12 | 12 | ||
13 | sleep 2 | 13 | sleep 2 |
14 | send -- "ls /sbin\r" | 14 | send -- "cat /sbin/iptables\r" |
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "cannot open" | ||
18 | } | ||
19 | |||
20 | sleep 1 | ||
21 | send -- "ls /usr/sbin\r" | ||
22 | expect { | 15 | expect { |
23 | timeout {puts "TESTING ERROR 2\n";exit} | 16 | timeout {puts "TESTING ERROR 2\n";exit} |
24 | "cannot open" | 17 | "Permission denied" |
25 | } | 18 | } |
26 | 19 | ||
27 | sleep 1 | 20 | sleep 1 |
diff --git a/test/test.profile b/test/test.profile index 716419fd0..1d69cc960 100644 --- a/test/test.profile +++ b/test/test.profile | |||
@@ -1,5 +1,4 @@ | |||
1 | blacklist /sbin | 1 | blacklist /sbin/iptables |
2 | blacklist /usr/sbin | ||
3 | blacklist /etc/shadow | 2 | blacklist /etc/shadow |
4 | blacklist /bin/rmdir | 3 | blacklist /bin/rmdir |
5 | blacklist ${PATH}/umount | 4 | blacklist ${PATH}/umount |