--chroot testing

author: netblue30 <netblue30@yahoo.com> 2015-10-31 13:07:38 -0400
committer: netblue30 <netblue30@yahoo.com> 2015-10-31 13:07:38 -0400
commit: 1cb8ef59101eeaa1b325fb7f881ded148b0de1d3 (patch)
tree: ea114440c2236e1418a17f0e78c3050262965d98 /test
parent: readme.md (diff)
download: firejail-1cb8ef59101eeaa1b325fb7f881ded148b0de1d3.tar.gz
firejail-1cb8ef59101eeaa1b325fb7f881ded148b0de1d3.tar.zst
firejail-1cb8ef59101eeaa1b325fb7f881ded148b0de1d3.zip
5 files changed, 113 insertions, 7 deletions
diff --git a/test/configure b/test/configure
index 17bb22e1b..01f0c6ff0 100755
--- a/test/configure
+++ b/test/configure
@@ -22,7 +22,7 @@ ROOTDIR="/tmp/chroot"			# default chroot directory
 DEFAULT_FILES="/bin/bash /bin/sh "      # basic chroot files
 DEFAULT_FILES+="/etc/passwd /etc/nsswitch.conf /etc/group "
 DEFAULT_FILES+=`find /lib -name libnss*`        # files required by glibc
-DEFAULT_FILES+=" /bin/ls /bin/cat /bin/ps /usr/bin/id /usr/bin/whoami /usr/bin/wc /usr/bin/wget"
+DEFAULT_FILES+=" /bin/ls /bin/cat /bin/ps /usr/bin/id /usr/bin/whoami /usr/bin/wc /usr/bin/wget /bin/umount"
 rm -fr $ROOTDIR
 mkdir -p $ROOTDIR/{root,bin,lib,lib64,usr,home,etc,dev/shm,tmp,var/run,var/tmp,var/lock,proc}
@@ -33,6 +33,8 @@ do
 done
 cp --parents /lib64/ld-linux-x86-64.so.2 $ROOTDIR
 cp --parents /lib/ld-linux.so.2 $ROOTDIR
+cp ../src/tools/unchroot $ROOTDIR/.
+touch $ROOTDIR/this-is-my-chroot
 cd $ROOTDIR; find .
 mkdir -p usr/lib/firejail/
diff --git a/test/fs_chroot.exp b/test/fs_chroot.exp
index 448a00a7a..4ddf8d32a 100755
--- a/test/fs_chroot.exp
+++ b/test/fs_chroot.exp
@@ -4,7 +4,7 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
-send -- "firejail --noprofile --chroot=/tmp/chroot\r"
+send -- "firejail  --chroot=/tmp/chroot\r"
 expect {
        timeout {puts "TESTING ERROR 0\n";exit}
        "Child process initialized"
@@ -13,12 +13,24 @@ sleep 1
 send -- "cd /home;pwd\r"
 expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
+        timeout {puts "TESTING ERROR 0.1\n";exit}
        "home"
 }
 sleep 1
 send -- "bash\r"
 sleep 1
+send -- "ls /; pwd\r"
+expect {
+        timeout {puts "TESTING ERROR 0.2\n";exit}
+        "this-is-my-chroot"
+}
+expect {
+        timeout {puts "TESTING ERROR 0.3\n";exit}
+        "home"
+}
 send -- "ps aux; pwd\r"
 expect {
        timeout {puts "TESTING ERROR 1\n";exit}
@@ -50,5 +62,6 @@ expect {
 }
 sleep 1
 puts "all done\n"
diff --git a/test/fs_chroot_asroot.exp b/test/fs_chroot_asroot.exp
new file mode 100755
index 000000000..7e18153e0
--- /dev/null
+++ b/test/fs_chroot_asroot.exp
@@ -0,0 +1,91 @@
+#!/usr/bin/expect -f
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail  --chroot=/tmp/chroot\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "cd /home;pwd\r"
+expect {
+        timeout {puts "TESTING ERROR 0.1\n";exit}
+        "home"
+}
+sleep 1
+send -- "bash\r"
+sleep 1
+send -- "ls /; pwd\r"
+expect {
+        timeout {puts "TESTING ERROR 0.2\n";exit}
+        "this-is-my-chroot"
+}
+expect {
+        timeout {puts "TESTING ERROR 0.3\n";exit}
+        "home"
+}
+send -- "umount /boot; pwd\r"
+expect {
+        timeout {puts "TESTING ERROR 0.4\n";exit}
+        "Bad system call"
+}
+expect {
+        timeout {puts "TESTING ERROR 0.5\n";exit}
+        "home"
+}
+send -- "/unchroot; pwd\r"
+expect {
+        timeout {puts "TESTING ERROR 0.6\n";exit}
+        "Bad system call"
+}
+expect {
+        timeout {puts "TESTING ERROR 0.7\n";exit}
+        "home"
+}
+send -- "ps aux; pwd\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "/bin/bash"
+}
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "bash"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "ps aux"
+}
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "home"
+}
+sleep 1
+send -- "ps aux |wc -l; pwd\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "5"
+}
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "home"
+}
+sleep 1
+puts "all done\n"
diff --git a/test/test-root.sh b/test/test-root.sh
index fcfe32a58..94ac3447d 100755
--- a/test/test-root.sh
+++ b/test/test-root.sh
@@ -5,6 +5,9 @@
 echo "TESTING: network interfaces"
 ./net_interface.exp
+echo "TESTING: chroot"
+./fs_chroot_asroot.exp
 echo "TESTING: servers rsyslogd, sshd, nginx"
 ./servers.exp
@@ -46,9 +49,6 @@ echo hello > tmpfile
 ./option_bind_file.exp
 rm -f tmpfile
-echo "TESTING: chroot"
-./fs_chroot.exp
 echo "TESTING: firemon --interface"
 ./firemon-interface.exp
diff --git a/test/trace.exp b/test/trace.exp
index bca3ac3b3..2b5003d83 100755
--- a/test/trace.exp
+++ b/test/trace.exp
@@ -91,5 +91,5 @@ expect {
 sleep 1
-puts "\n"
+puts "\nall done\n"
author	netblue30 <netblue30@yahoo.com>	2015-10-31 13:07:38 -0400
committer	netblue30 <netblue30@yahoo.com>	2015-10-31 13:07:38 -0400
commit	1cb8ef59101eeaa1b325fb7f881ded148b0de1d3 (patch)
tree	ea114440c2236e1418a17f0e78c3050262965d98 /test
parent	readme.md (diff)
download	firejail-1cb8ef59101eeaa1b325fb7f881ded148b0de1d3.tar.gz firejail-1cb8ef59101eeaa1b325fb7f881ded148b0de1d3.tar.zst firejail-1cb8ef59101eeaa1b325fb7f881ded148b0de1d3.zip

diff --git a/test/configure b/test/configure index 17bb22e1b..01f0c6ff0 100755 --- a/test/configure +++ b/test/configure
@@ -22,7 +22,7 @@ ROOTDIR="/tmp/chroot" # default chroot directory
22	DEFAULT_FILES="/bin/bash /bin/sh " # basic chroot files	22	DEFAULT_FILES="/bin/bash /bin/sh " # basic chroot files
23	DEFAULT_FILES+="/etc/passwd /etc/nsswitch.conf /etc/group "	23	DEFAULT_FILES+="/etc/passwd /etc/nsswitch.conf /etc/group "
24	DEFAULT_FILES+=`find /lib -name libnss*` # files required by glibc	24	DEFAULT_FILES+=`find /lib -name libnss*` # files required by glibc
25	DEFAULT_FILES+=" /bin/ls /bin/cat /bin/ps /usr/bin/id /usr/bin/whoami /usr/bin/wc /usr/bin/wget"	25	DEFAULT_FILES+=" /bin/ls /bin/cat /bin/ps /usr/bin/id /usr/bin/whoami /usr/bin/wc /usr/bin/wget /bin/umount"
26		26
27	rm -fr $ROOTDIR	27	rm -fr $ROOTDIR
28	mkdir -p $ROOTDIR/{root,bin,lib,lib64,usr,home,etc,dev/shm,tmp,var/run,var/tmp,var/lock,proc}	28	mkdir -p $ROOTDIR/{root,bin,lib,lib64,usr,home,etc,dev/shm,tmp,var/run,var/tmp,var/lock,proc}
@@ -33,6 +33,8 @@ do
33	done	33	done
34	cp --parents /lib64/ld-linux-x86-64.so.2 $ROOTDIR	34	cp --parents /lib64/ld-linux-x86-64.so.2 $ROOTDIR
35	cp --parents /lib/ld-linux.so.2 $ROOTDIR	35	cp --parents /lib/ld-linux.so.2 $ROOTDIR
		36	cp ../src/tools/unchroot $ROOTDIR/.
		37	touch $ROOTDIR/this-is-my-chroot
36		38
37	cd $ROOTDIR; find .	39	cd $ROOTDIR; find .
38	mkdir -p usr/lib/firejail/	40	mkdir -p usr/lib/firejail/


diff --git a/test/fs_chroot.exp b/test/fs_chroot.exp index 448a00a7a..4ddf8d32a 100755 --- a/test/fs_chroot.exp +++ b/test/fs_chroot.exp
@@ -4,7 +4,7 @@ set timeout 10
4	spawn $env(SHELL)	4	spawn $env(SHELL)
5	match_max 100000	5	match_max 100000
6		6
7	send -- "firejail --noprofile --chroot=/tmp/chroot\r"	7	send -- "firejail --chroot=/tmp/chroot\r"
8	expect {	8	expect {
9	timeout {puts "TESTING ERROR 0\n";exit}	9	timeout {puts "TESTING ERROR 0\n";exit}
10	"Child process initialized"	10	"Child process initialized"
@@ -13,12 +13,24 @@ sleep 1
13		13
14	send -- "cd /home;pwd\r"	14	send -- "cd /home;pwd\r"
15	expect {	15	expect {
16	timeout {puts "TESTING ERROR 3\n";exit}	16	timeout {puts "TESTING ERROR 0.1\n";exit}
17	"home"	17	"home"
18	}	18	}
19	sleep 1	19	sleep 1
20	send -- "bash\r"	20	send -- "bash\r"
21	sleep 1	21	sleep 1
		22	send -- "ls /; pwd\r"
		23	expect {
		24	timeout {puts "TESTING ERROR 0.2\n";exit}
		25	"this-is-my-chroot"
		26	}
		27	expect {
		28	timeout {puts "TESTING ERROR 0.3\n";exit}
		29	"home"
		30	}
		31
		32
		33
22	send -- "ps aux; pwd\r"	34	send -- "ps aux; pwd\r"
23	expect {	35	expect {
24	timeout {puts "TESTING ERROR 1\n";exit}	36	timeout {puts "TESTING ERROR 1\n";exit}
@@ -50,5 +62,6 @@ expect {
50	}	62	}
51	sleep 1	63	sleep 1
52		64
		65
53	puts "all done\n"	66	puts "all done\n"
54		67


diff --git a/test/fs_chroot_asroot.exp b/test/fs_chroot_asroot.exp new file mode 100755 index 000000000..7e18153e0 --- /dev/null +++ b/test/fs_chroot_asroot.exp
@@ -0,0 +1,91 @@
		1	#!/usr/bin/expect -f
		2
		3	set timeout 10
		4	spawn $env(SHELL)
		5	match_max 100000
		6
		7	send -- "firejail --chroot=/tmp/chroot\r"
		8	expect {
		9	timeout {puts "TESTING ERROR 0\n";exit}
		10	"Child process initialized"
		11	}
		12	sleep 1
		13
		14	send -- "cd /home;pwd\r"
		15	expect {
		16	timeout {puts "TESTING ERROR 0.1\n";exit}
		17	"home"
		18	}
		19	sleep 1
		20	send -- "bash\r"
		21	sleep 1
		22	send -- "ls /; pwd\r"
		23	expect {
		24	timeout {puts "TESTING ERROR 0.2\n";exit}
		25	"this-is-my-chroot"
		26	}
		27	expect {
		28	timeout {puts "TESTING ERROR 0.3\n";exit}
		29	"home"
		30	}
		31
		32	send -- "umount /boot; pwd\r"
		33	expect {
		34	timeout {puts "TESTING ERROR 0.4\n";exit}
		35	"Bad system call"
		36	}
		37	expect {
		38	timeout {puts "TESTING ERROR 0.5\n";exit}
		39	"home"
		40	}
		41
		42	send -- "/unchroot; pwd\r"
		43	expect {
		44	timeout {puts "TESTING ERROR 0.6\n";exit}
		45	"Bad system call"
		46	}
		47	expect {
		48	timeout {puts "TESTING ERROR 0.7\n";exit}
		49	"home"
		50	}
		51
		52
		53
		54
		55
		56	send -- "ps aux; pwd\r"
		57	expect {
		58	timeout {puts "TESTING ERROR 1\n";exit}
		59	"/bin/bash"
		60	}
		61	expect {
		62	timeout {puts "TESTING ERROR 2\n";exit}
		63	"bash"
		64	}
		65	expect {
		66	timeout {puts "TESTING ERROR 3\n";exit}
		67	"ps aux"
		68	}
		69	expect {
		70	timeout {puts "TESTING ERROR 4\n";exit}
		71	"home"
		72	}
		73	sleep 1
		74
		75
		76	send -- "ps aux \|wc -l; pwd\r"
		77	expect {
		78	timeout {puts "TESTING ERROR 5\n";exit}
		79	"5"
		80	}
		81	expect {
		82	timeout {puts "TESTING ERROR 6\n";exit}
		83	"home"
		84	}
		85	sleep 1
		86
		87
		88
		89
		90	puts "all done\n"
		91


diff --git a/test/test-root.sh b/test/test-root.sh index fcfe32a58..94ac3447d 100755 --- a/test/test-root.sh +++ b/test/test-root.sh
@@ -5,6 +5,9 @@
5	echo "TESTING: network interfaces"	5	echo "TESTING: network interfaces"
6	./net_interface.exp	6	./net_interface.exp
7		7
		8	echo "TESTING: chroot"
		9	./fs_chroot_asroot.exp
		10
8	echo "TESTING: servers rsyslogd, sshd, nginx"	11	echo "TESTING: servers rsyslogd, sshd, nginx"
9	./servers.exp	12	./servers.exp
10		13
@@ -46,9 +49,6 @@ echo hello > tmpfile
46	./option_bind_file.exp	49	./option_bind_file.exp
47	rm -f tmpfile	50	rm -f tmpfile
48		51
49	echo "TESTING: chroot"
50	./fs_chroot.exp
51
52	echo "TESTING: firemon --interface"	52	echo "TESTING: firemon --interface"
53	./firemon-interface.exp	53	./firemon-interface.exp
54		54


diff --git a/test/trace.exp b/test/trace.exp index bca3ac3b3..2b5003d83 100755 --- a/test/trace.exp +++ b/test/trace.exp
@@ -91,5 +91,5 @@ expect {
91	sleep 1	91	sleep 1
92		92
93		93
94	puts "\n"	94	puts "\nall done\n"
95		95