7 files changed, 54 insertions, 10 deletions

diff --git a/Makefile.in b/Makefile.in
index 21055b694..7b84c5605 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -107,6 +107,7 @@ endif
         install -c -m 0755 src/fbuilder/fbuilder $(DESTDIR)/$(libdir)/firejail/.
 ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP)
         install -c -m 0755 src/fsec-print/fsec-print $(DESTDIR)/$(libdir)/firejail/.
+        install -c -m 0755 src/fsec-optimize/fsec-optimize $(DESTDIR)/$(libdir)/firejail/.
         install -c -m 0755 src/fseccomp/fseccomp $(DESTDIR)/$(libdir)/firejail/.
         install -c -m 0644 seccomp $(DESTDIR)/$(libdir)/firejail/.
         install -c -m 0644 seccomp.debug $(DESTDIR)/$(libdir)/firejail/.
diff --git a/gcov.sh b/gcov.sh
index df1fcb51b..ff910cbe0 100755
--- a/gcov.sh
+++ b/gcov.sh
@@ -10,11 +10,18 @@ gcov_init() {
         /usr/lib/firejail/fcopy --help > /dev/null
         /usr/lib/firejail/fldd --help > /dev/null
         firecfg --help > /dev/null
+
+        /usr/lib/firejail/fnetfilter --help > /dev/null
+        /usr/lib/firejail/fsec-print --help > /dev/null
+        /usr/lib/firejail/fsec-optimize --help > /dev/null
+        /usr/lib/firejail/faudit --help > /dev/null
+        /usr/lib/firejail/fbuilder --help > /dev/null
+
         sudo chown $USER:$USER `find .`
 }
 
 generate() {
-        lcov -q --capture -d src/firejail -d src/firemon -d  src/fcopy -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file-new
+        lcov -q --capture -d src/firejail -d src/firemon -d src/faudit -d src/fbuilder -d  src/fcopy -d  src/fnetfilter -d src/fsec-print -d src/fsec-optimize -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file-new
         lcov --add-tracefile gcov-file-old --add-tracefile gcov-file-new  --output-file gcov-file
         rm -fr gcov-dir
         genhtml -q gcov-file --output-directory gcov-dir
@@ -25,7 +32,7 @@ generate() {
 
 
 gcov_init
-lcov -q --capture -d src/firejail -d src/firemon -d  src/fcopy -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd  --output-file gcov-file-old
+lcov -q --capture -d src/firejail -d src/firemon -d src/faudit -d src/fbuilder -d  src/fcopy -d  src/fnetfilter -d src/fsec-print -d src/fsec-optimize -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd  --output-file gcov-file-old
 
 #make test-environment
 #generate
diff --git a/test/root/firecfg.exp b/test/root/firecfg.exp
index 02f2323a0..656b8e215 100755
--- a/test/root/firecfg.exp
+++ b/test/root/firecfg.exp
@@ -13,7 +13,7 @@ sleep 1
 send --  "firecfg --clean\r"
 expect {
         timeout {puts "TESTING ERROR 0\n";exit}
-        "/usr/local/bin/firefox removed"
+        "less removed"
 }
 sleep 1
 
@@ -30,11 +30,11 @@ sleep 1
 send --  "firecfg\r"
 expect {
         timeout {puts "TESTING ERROR 3\n";exit}
-        "firefox created"
+        "less created"
 }
 sleep 1
 
-send -- "file /usr/local/bin/firefox\r"
+send -- "file /usr/local/bin/less\r"
 expect {
         timeout {puts "TESTING ERROR 4\n";exit}
         "symbolic link to /usr/bin/firejail"
@@ -44,7 +44,7 @@ sleep 1
 send -- "firecfg --list\r"
 expect {
         timeout {puts "TESTING ERROR 5\n";exit}
-        "/usr/local/bin/firefox"
+        "/usr/local/bin/less"
 }
 sleep 1
 
diff --git a/test/root/root.sh b/test/root/root.sh
index 912ae23f0..22b12cf86 100755
--- a/test/root/root.sh
+++ b/test/root/root.sh
@@ -110,13 +110,13 @@ echo "TESTING: firemon events (test/root/firemon-events.exp)"
 #********************************
 # firecfg
 #********************************
-which firefox
+which less
 if [ "$?" -eq 0 ];
 then
         echo "TESTING: firecfg (test/root/firecfg.exp)"
         ./firecfg.exp
 else
-        echo "TESTING SKIP: firecfg, firefox not found"
+        echo "TESTING SKIP: firecfg, less not found"
 fi
 
 # restore the default config file
diff --git a/test/utils/audit.exp b/test/utils/audit.exp
index c68ee387c..684886af7 100755
--- a/test/utils/audit.exp
+++ b/test/utils/audit.exp
@@ -76,4 +76,24 @@ expect {
 }
 after 100
 
+# run audit executable without a sandbox
+send -- "faudit\r"
+expect {
+        timeout {puts "TESTING ERROR 13\n";exit}
+        "is not running in a PID namespace"
+}
+expect {
+        timeout {puts "TESTING ERROR 14\n";exit}
+        "BAD: seccomp disabled"
+}
+expect {
+        timeout {puts "TESTING ERROR 15\n";exit}
+        "BAD: the capability map is"
+}
+expect {
+        timeout {puts "TESTING ERROR 16\n";exit}
+        "MAYBE: /dev directory seems to be fully populated"
+}
+after 100
+
 puts "\nall done\n"
diff --git a/test/utils/build.exp b/test/utils/build.exp
index 916f373b9..de2a9b6ae 100755
--- a/test/utils/build.exp
+++ b/test/utils/build.exp
@@ -7,7 +7,15 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
 
-send -- "firejail --build ls ~\r"
+send -- "firejail --build cat ~/firejail-test-file-7699\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "whitelist ~/firejail-test-file-7699"
+}
+expect {
+        timeout {puts "TESTING ERROR 0.1\n";exit}
+        "include /etc/firejail/whitelist-common.inc"
+}
 expect {
         timeout {puts "TESTING ERROR 1\n";exit}
         "private-tmp"
@@ -22,7 +30,7 @@ expect {
 }
 expect {
         timeout {puts "TESTING ERROR 4\n";exit}
-        "private-bin ls,"
+        "private-bin cat,"
 }
 expect {
         timeout {puts "TESTING ERROR 5\n";exit}
diff --git a/test/utils/utils.sh b/test/utils/utils.sh
index 59cd1cfd6..d72cc2269 100755
--- a/test/utils/utils.sh
+++ b/test/utils/utils.sh
@@ -6,8 +6,16 @@
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 
+if [ -f /etc/debian_version ]; then
+        libdir=$(dirname "$(dpkg -L firejail | grep faudit)")
+        export PATH="$PATH:$libdir"
+fi
+export PATH="$PATH:/usr/lib/firejail"
+
+echo "testing" > ~/firejail-test-file-7699
 echo "TESTING: build (test/utils/build.exp)"
 ./build.exp
+rm -f ~/firejail-test-file-7699
 
 echo "TESTING: audit (test/utils/audit.exp)"
 ./audit.exp