diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-11 07:47:46 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-11 07:47:46 -0500 |
commit | a8b23c83998c7964f8898c39784ac186a0216c3f (patch) | |
tree | eeccf98bab92b5b3818f0b30af688d736a92a599 /test | |
parent | testing (diff) | |
download | firejail-a8b23c83998c7964f8898c39784ac186a0216c3f.tar.gz firejail-a8b23c83998c7964f8898c39784ac186a0216c3f.tar.zst firejail-a8b23c83998c7964f8898c39784ac186a0216c3f.zip |
testing
Diffstat (limited to 'test')
-rwxr-xr-x | test/overlay/firefox-x11-xorg.exp | 90 | ||||
-rwxr-xr-x | test/overlay/firefox-x11.exp | 90 | ||||
-rwxr-xr-x | test/overlay/firefox.exp | 99 | ||||
-rwxr-xr-x | test/overlay/fs.exp (renamed from test/fs_overlay.exp) | 42 | ||||
-rwxr-xr-x | test/overlay/overlay.sh | 57 |
5 files changed, 347 insertions, 31 deletions
diff --git a/test/overlay/firefox-x11-xorg.exp b/test/overlay/firefox-x11-xorg.exp new file mode 100755 index 000000000..76c0e55fc --- /dev/null +++ b/test/overlay/firefox-x11-xorg.exp | |||
@@ -0,0 +1,90 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --overlay --name=test --x11=xorg firefox -no-remote www.gentoo.org\r" | ||
11 | sleep 10 | ||
12 | |||
13 | spawn $env(SHELL) | ||
14 | send -- "firejail --list\r" | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 3\n";exit} | ||
17 | ":firejail" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
21 | "firefox" {puts "firefox detected\n";} | ||
22 | "iceweasel" {puts "iceweasel detected\n";} | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3.2\n";exit} | ||
26 | "no-remote" | ||
27 | } | ||
28 | sleep 1 | ||
29 | # grsecurity exit | ||
30 | send -- "file /proc/sys/kernel/grsecurity\r" | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR - grsecurity detection\n";exit} | ||
33 | "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit} | ||
34 | "cannot open" {puts "grsecurity not present\n"} | ||
35 | } | ||
36 | send -- "firejail --overlay --name=blablabla\r" | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 4\n";exit} | ||
39 | "Child process initialized" | ||
40 | } | ||
41 | sleep 2 | ||
42 | |||
43 | spawn $env(SHELL) | ||
44 | send -- "firemon --seccomp\r" | ||
45 | expect { | ||
46 | timeout {puts "TESTING ERROR 5\n";exit} | ||
47 | " firefox" {puts "firefox detected\n";} | ||
48 | " iceweasel" {puts "iceweasel detected\n";} | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 5.0\n";exit} | ||
52 | "no-remote" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} | ||
56 | "Seccomp: 2" | ||
57 | } | ||
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
60 | "name=blablabla" | ||
61 | } | ||
62 | sleep 1 | ||
63 | send -- "firemon --caps\r" | ||
64 | expect { | ||
65 | timeout {puts "TESTING ERROR 6\n";exit} | ||
66 | " firefox" {puts "firefox detected\n";} | ||
67 | " iceweasel" {puts "iceweasel detected\n";} | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 6.0\n";exit} | ||
71 | "no-remote" | ||
72 | } | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
75 | "CapBnd:" | ||
76 | } | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 6.2\n";exit} | ||
79 | "0000000000000000" | ||
80 | } | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 6.3\n";exit} | ||
83 | "name=blablabla" | ||
84 | } | ||
85 | sleep 1 | ||
86 | send -- "firejail --shutdown=test\r" | ||
87 | sleep 3 | ||
88 | |||
89 | puts "\nall done\n" | ||
90 | |||
diff --git a/test/overlay/firefox-x11.exp b/test/overlay/firefox-x11.exp new file mode 100755 index 000000000..aa248f328 --- /dev/null +++ b/test/overlay/firefox-x11.exp | |||
@@ -0,0 +1,90 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --overlay --name=test --x11 firefox -no-remote www.gentoo.org\r" | ||
11 | sleep 10 | ||
12 | |||
13 | spawn $env(SHELL) | ||
14 | send -- "firejail --list\r" | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 3\n";exit} | ||
17 | ":firejail" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
21 | "firefox" {puts "firefox detected\n";} | ||
22 | "iceweasel" {puts "iceweasel detected\n";} | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3.2\n";exit} | ||
26 | "no-remote" | ||
27 | } | ||
28 | sleep 1 | ||
29 | # grsecurity exit | ||
30 | send -- "file /proc/sys/kernel/grsecurity\r" | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR - grsecurity detection\n";exit} | ||
33 | "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit} | ||
34 | "cannot open" {puts "grsecurity not present\n"} | ||
35 | } | ||
36 | send -- "firejail --name=blablabla --overlay\r" | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 4\n";exit} | ||
39 | "Child process initialized" | ||
40 | } | ||
41 | sleep 2 | ||
42 | |||
43 | spawn $env(SHELL) | ||
44 | send -- "firemon --seccomp\r" | ||
45 | expect { | ||
46 | timeout {puts "TESTING ERROR 5\n";exit} | ||
47 | " firefox" {puts "firefox detected\n";} | ||
48 | " iceweasel" {puts "iceweasel detected\n";} | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 5.0\n";exit} | ||
52 | "no-remote" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} | ||
56 | "Seccomp: 2" | ||
57 | } | ||
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
60 | "name=blablabla" | ||
61 | } | ||
62 | sleep 1 | ||
63 | send -- "firemon --caps\r" | ||
64 | expect { | ||
65 | timeout {puts "TESTING ERROR 6\n";exit} | ||
66 | " firefox" {puts "firefox detected\n";} | ||
67 | " iceweasel" {puts "iceweasel detected\n";} | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 6.0\n";exit} | ||
71 | "no-remote" | ||
72 | } | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
75 | "CapBnd:" | ||
76 | } | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 6.2\n";exit} | ||
79 | "0000000000000000" | ||
80 | } | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 6.3\n";exit} | ||
83 | "name=blablabla" | ||
84 | } | ||
85 | sleep 1 | ||
86 | send -- "firejail --shutdown=test\r" | ||
87 | sleep 3 | ||
88 | |||
89 | puts "\nall done\n" | ||
90 | |||
diff --git a/test/overlay/firefox.exp b/test/overlay/firefox.exp new file mode 100755 index 000000000..6ef23558d --- /dev/null +++ b/test/overlay/firefox.exp | |||
@@ -0,0 +1,99 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --overlay firefox -no-remote www.gentoo.org\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | "Reading profile /etc/firejail/firefox.profile" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "Child process initialized" | ||
18 | } | ||
19 | sleep 10 | ||
20 | |||
21 | spawn $env(SHELL) | ||
22 | send -- "firejail --list\r" | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 3\n";exit} | ||
25 | ":firejail" | ||
26 | } | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
29 | "firefox" {puts "firefox detected\n";} | ||
30 | "iceweasel" {puts "iceweasel detected\n";} | ||
31 | } | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 3.2\n";exit} | ||
34 | "no-remote" | ||
35 | } | ||
36 | after 100 | ||
37 | |||
38 | # grsecurity exit | ||
39 | send -- "file /proc/sys/kernel/grsecurity\r" | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR - grsecurity detection\n";exit} | ||
42 | "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit} | ||
43 | "cannot open" {puts "grsecurity not present\n"} | ||
44 | } | ||
45 | |||
46 | |||
47 | send -- "firejail --name=blablabla --overlay\r" | ||
48 | expect { | ||
49 | timeout {puts "TESTING ERROR 4\n";exit} | ||
50 | "Child process initialized" | ||
51 | } | ||
52 | sleep 2 | ||
53 | |||
54 | spawn $env(SHELL) | ||
55 | send -- "firemon --seccomp\r" | ||
56 | expect { | ||
57 | timeout {puts "TESTING ERROR 5\n";exit} | ||
58 | " firefox" {puts "firefox detected\n";} | ||
59 | " iceweasel" {puts "iceweasel detected\n";} | ||
60 | } | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 5.0\n";exit} | ||
63 | "no-remote" | ||
64 | } | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} | ||
67 | "Seccomp: 2" | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
71 | "name=blablabla" | ||
72 | } | ||
73 | after 100 | ||
74 | send -- "firemon --caps\r" | ||
75 | expect { | ||
76 | timeout {puts "TESTING ERROR 6\n";exit} | ||
77 | " firefox" {puts "firefox detected\n";} | ||
78 | " iceweasel" {puts "iceweasel detected\n";} | ||
79 | } | ||
80 | expect { | ||
81 | timeout {puts "TESTING ERROR 6.0\n";exit} | ||
82 | "no-remote" | ||
83 | } | ||
84 | expect { | ||
85 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
86 | "CapBnd:" | ||
87 | } | ||
88 | expect { | ||
89 | timeout {puts "TESTING ERROR 6.2\n";exit} | ||
90 | "0000000000000000" | ||
91 | } | ||
92 | expect { | ||
93 | timeout {puts "TESTING ERROR 6.3\n";exit} | ||
94 | "name=blablabla" | ||
95 | } | ||
96 | after 100 | ||
97 | |||
98 | puts "\nall done\n" | ||
99 | |||
diff --git a/test/fs_overlay.exp b/test/overlay/fs.exp index b7eeba80f..15ada9203 100755 --- a/test/fs_overlay.exp +++ b/test/overlay/fs.exp | |||
@@ -4,19 +4,7 @@ set timeout 10 | |||
4 | spawn $env(SHELL) | 4 | spawn $env(SHELL) |
5 | match_max 100000 | 5 | match_max 100000 |
6 | 6 | ||
7 | send -- "rm -f /tmp/firejail-overlay-test;pwd\r" | 7 | send -- "firejail --overlay\r" |
8 | expect { | ||
9 | timeout {puts "TESTING ERROR 0\n";exit} | ||
10 | "home" | ||
11 | } | ||
12 | |||
13 | send -- "ls > /tmp/firejail-overlay-test;pwd\r" | ||
14 | expect { | ||
15 | timeout {puts "TESTING ERROR 1\n";exit} | ||
16 | "home" | ||
17 | } | ||
18 | |||
19 | send -- "firejail --noprofile --overlay\r" | ||
20 | expect { | 8 | expect { |
21 | timeout {puts "TESTING ERROR 2\n";exit} | 9 | timeout {puts "TESTING ERROR 2\n";exit} |
22 | "not available for kernels older than 3.18" {puts "\nTESTING: overlayfs not available\n"; exit} | 10 | "not available for kernels older than 3.18" {puts "\nTESTING: overlayfs not available\n"; exit} |
@@ -25,42 +13,34 @@ expect { | |||
25 | } | 13 | } |
26 | sleep 1 | 14 | sleep 1 |
27 | 15 | ||
28 | send -- "echo xyzxyzxyz > /tmp/firejail-overlay-test;pwd\r" | 16 | send -- "echo xyzxyzxyz > ~/_firejail_test_file; echo done\r" |
29 | expect { | 17 | expect { |
30 | timeout {puts "TESTING ERROR 3\n";exit} | 18 | timeout {puts "TESTING ERROR 3\n";exit} |
31 | "home" | 19 | "done" |
32 | } | 20 | } |
33 | sleep 1 | 21 | after 100 |
34 | 22 | ||
35 | send -- "cat /tmp/firejail-overlay-test;pwd\r" | 23 | send -- "cat ~/_firejail_test_file; echo done\r" |
36 | expect { | 24 | expect { |
37 | timeout {puts "TESTING ERROR 4\n";exit} | 25 | timeout {puts "TESTING ERROR 4\n";exit} |
38 | "xyzxyzxyz" | 26 | "xyzxyzxyz" |
39 | } | 27 | } |
40 | expect { | 28 | expect { |
41 | timeout {puts "TESTING ERROR 4.1\n";exit} | 29 | timeout {puts "TESTING ERROR 4.1\n";exit} |
42 | "home" | 30 | "done" |
43 | } | 31 | } |
44 | sleep 1 | 32 | after 100 |
45 | 33 | ||
46 | send -- "exit\r" | 34 | send -- "exit\r" |
47 | sleep 2 | 35 | sleep 2 |
48 | 36 | ||
49 | send -- "cat /tmp/firejail-overlay-test;pwd\r" | 37 | send -- "cat ~/_firejail_test_file; echo done\r" |
50 | expect { | 38 | expect { |
51 | timeout {puts "TESTING ERROR 5\n";exit} | 39 | timeout {puts "TESTING ERROR 5\n";exit} |
52 | "xyzxyzxyz" {puts "TESTING ERROR 5.1\n";exit} | 40 | "xyzxyzxyz" {puts "TESTING ERROR 5.1\n";exit} |
53 | "home" | 41 | "done" |
54 | } | 42 | } |
55 | 43 | ||
56 | sleep 1 | 44 | after 100 |
57 | send -- "rm -f /tmp/firejail-overlay-test;pwd\r" | 45 | puts "\nall done\n" |
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 0\n";exit} | ||
60 | "home" | ||
61 | } | ||
62 | |||
63 | |||
64 | sleep 1 | ||
65 | puts "all done \n" | ||
66 | 46 | ||
diff --git a/test/overlay/overlay.sh b/test/overlay/overlay.sh new file mode 100755 index 000000000..971adddfe --- /dev/null +++ b/test/overlay/overlay.sh | |||
@@ -0,0 +1,57 @@ | |||
1 | #!/bin/bash | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | export MALLOC_CHECK_=3 | ||
7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) | ||
8 | |||
9 | echo "TESTING: overlay fs (test/overlay/fs.exp)" | ||
10 | rm -fr ~/_firejail_test_* | ||
11 | ./fs.exp | ||
12 | rm -fr ~/_firejail_test_* | ||
13 | |||
14 | which firefox | ||
15 | if [ "$?" -eq 0 ]; | ||
16 | then | ||
17 | echo "TESTING: overlay firefox" | ||
18 | ./firefox.exp | ||
19 | else | ||
20 | echo "TESTING SKIP: firefox not found" | ||
21 | fi | ||
22 | |||
23 | which firefox | ||
24 | if [ "$?" -eq 0 ]; | ||
25 | then | ||
26 | echo "TESTING: overlay firefox x11 xorg" | ||
27 | ./firefox.exp | ||
28 | else | ||
29 | echo "TESTING SKIP: firefox not found" | ||
30 | fi | ||
31 | |||
32 | |||
33 | # check xpra/xephyr | ||
34 | which xpra | ||
35 | if [ "$?" -eq 0 ]; | ||
36 | then | ||
37 | echo "xpra found" | ||
38 | else | ||
39 | echo "xpra not found" | ||
40 | which Xephyr | ||
41 | if [ "$?" -eq 0 ]; | ||
42 | then | ||
43 | echo "Xephyr found" | ||
44 | else | ||
45 | echo "TESTING SKIP: xpra and/or Xephyr not found" | ||
46 | exit | ||
47 | fi | ||
48 | fi | ||
49 | |||
50 | which firefox | ||
51 | if [ "$?" -eq 0 ]; | ||
52 | then | ||
53 | echo "TESTING: overlay firefox x11" | ||
54 | ./firefox.exp | ||
55 | else | ||
56 | echo "TESTING SKIP: firefox not found" | ||
57 | fi | ||