diff options
-rw-r--r-- | Makefile.in | 1 | ||||
-rwxr-xr-x | gcov.sh | 11 | ||||
-rwxr-xr-x | test/root/firecfg.exp | 8 | ||||
-rwxr-xr-x | test/root/root.sh | 4 | ||||
-rwxr-xr-x | test/utils/audit.exp | 20 | ||||
-rwxr-xr-x | test/utils/build.exp | 12 | ||||
-rwxr-xr-x | test/utils/utils.sh | 8 |
7 files changed, 54 insertions, 10 deletions
diff --git a/Makefile.in b/Makefile.in index 21055b694..7b84c5605 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -107,6 +107,7 @@ endif | |||
107 | install -c -m 0755 src/fbuilder/fbuilder $(DESTDIR)/$(libdir)/firejail/. | 107 | install -c -m 0755 src/fbuilder/fbuilder $(DESTDIR)/$(libdir)/firejail/. |
108 | ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP) | 108 | ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP) |
109 | install -c -m 0755 src/fsec-print/fsec-print $(DESTDIR)/$(libdir)/firejail/. | 109 | install -c -m 0755 src/fsec-print/fsec-print $(DESTDIR)/$(libdir)/firejail/. |
110 | install -c -m 0755 src/fsec-optimize/fsec-optimize $(DESTDIR)/$(libdir)/firejail/. | ||
110 | install -c -m 0755 src/fseccomp/fseccomp $(DESTDIR)/$(libdir)/firejail/. | 111 | install -c -m 0755 src/fseccomp/fseccomp $(DESTDIR)/$(libdir)/firejail/. |
111 | install -c -m 0644 seccomp $(DESTDIR)/$(libdir)/firejail/. | 112 | install -c -m 0644 seccomp $(DESTDIR)/$(libdir)/firejail/. |
112 | install -c -m 0644 seccomp.debug $(DESTDIR)/$(libdir)/firejail/. | 113 | install -c -m 0644 seccomp.debug $(DESTDIR)/$(libdir)/firejail/. |
@@ -10,11 +10,18 @@ gcov_init() { | |||
10 | /usr/lib/firejail/fcopy --help > /dev/null | 10 | /usr/lib/firejail/fcopy --help > /dev/null |
11 | /usr/lib/firejail/fldd --help > /dev/null | 11 | /usr/lib/firejail/fldd --help > /dev/null |
12 | firecfg --help > /dev/null | 12 | firecfg --help > /dev/null |
13 | |||
14 | /usr/lib/firejail/fnetfilter --help > /dev/null | ||
15 | /usr/lib/firejail/fsec-print --help > /dev/null | ||
16 | /usr/lib/firejail/fsec-optimize --help > /dev/null | ||
17 | /usr/lib/firejail/faudit --help > /dev/null | ||
18 | /usr/lib/firejail/fbuilder --help > /dev/null | ||
19 | |||
13 | sudo chown $USER:$USER `find .` | 20 | sudo chown $USER:$USER `find .` |
14 | } | 21 | } |
15 | 22 | ||
16 | generate() { | 23 | generate() { |
17 | lcov -q --capture -d src/firejail -d src/firemon -d src/fcopy -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file-new | 24 | lcov -q --capture -d src/firejail -d src/firemon -d src/faudit -d src/fbuilder -d src/fcopy -d src/fnetfilter -d src/fsec-print -d src/fsec-optimize -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file-new |
18 | lcov --add-tracefile gcov-file-old --add-tracefile gcov-file-new --output-file gcov-file | 25 | lcov --add-tracefile gcov-file-old --add-tracefile gcov-file-new --output-file gcov-file |
19 | rm -fr gcov-dir | 26 | rm -fr gcov-dir |
20 | genhtml -q gcov-file --output-directory gcov-dir | 27 | genhtml -q gcov-file --output-directory gcov-dir |
@@ -25,7 +32,7 @@ generate() { | |||
25 | 32 | ||
26 | 33 | ||
27 | gcov_init | 34 | gcov_init |
28 | lcov -q --capture -d src/firejail -d src/firemon -d src/fcopy -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file-old | 35 | lcov -q --capture -d src/firejail -d src/firemon -d src/faudit -d src/fbuilder -d src/fcopy -d src/fnetfilter -d src/fsec-print -d src/fsec-optimize -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg -d src/fldd --output-file gcov-file-old |
29 | 36 | ||
30 | #make test-environment | 37 | #make test-environment |
31 | #generate | 38 | #generate |
diff --git a/test/root/firecfg.exp b/test/root/firecfg.exp index 02f2323a0..656b8e215 100755 --- a/test/root/firecfg.exp +++ b/test/root/firecfg.exp | |||
@@ -13,7 +13,7 @@ sleep 1 | |||
13 | send -- "firecfg --clean\r" | 13 | send -- "firecfg --clean\r" |
14 | expect { | 14 | expect { |
15 | timeout {puts "TESTING ERROR 0\n";exit} | 15 | timeout {puts "TESTING ERROR 0\n";exit} |
16 | "/usr/local/bin/firefox removed" | 16 | "less removed" |
17 | } | 17 | } |
18 | sleep 1 | 18 | sleep 1 |
19 | 19 | ||
@@ -30,11 +30,11 @@ sleep 1 | |||
30 | send -- "firecfg\r" | 30 | send -- "firecfg\r" |
31 | expect { | 31 | expect { |
32 | timeout {puts "TESTING ERROR 3\n";exit} | 32 | timeout {puts "TESTING ERROR 3\n";exit} |
33 | "firefox created" | 33 | "less created" |
34 | } | 34 | } |
35 | sleep 1 | 35 | sleep 1 |
36 | 36 | ||
37 | send -- "file /usr/local/bin/firefox\r" | 37 | send -- "file /usr/local/bin/less\r" |
38 | expect { | 38 | expect { |
39 | timeout {puts "TESTING ERROR 4\n";exit} | 39 | timeout {puts "TESTING ERROR 4\n";exit} |
40 | "symbolic link to /usr/bin/firejail" | 40 | "symbolic link to /usr/bin/firejail" |
@@ -44,7 +44,7 @@ sleep 1 | |||
44 | send -- "firecfg --list\r" | 44 | send -- "firecfg --list\r" |
45 | expect { | 45 | expect { |
46 | timeout {puts "TESTING ERROR 5\n";exit} | 46 | timeout {puts "TESTING ERROR 5\n";exit} |
47 | "/usr/local/bin/firefox" | 47 | "/usr/local/bin/less" |
48 | } | 48 | } |
49 | sleep 1 | 49 | sleep 1 |
50 | 50 | ||
diff --git a/test/root/root.sh b/test/root/root.sh index 912ae23f0..22b12cf86 100755 --- a/test/root/root.sh +++ b/test/root/root.sh | |||
@@ -110,13 +110,13 @@ echo "TESTING: firemon events (test/root/firemon-events.exp)" | |||
110 | #******************************** | 110 | #******************************** |
111 | # firecfg | 111 | # firecfg |
112 | #******************************** | 112 | #******************************** |
113 | which firefox | 113 | which less |
114 | if [ "$?" -eq 0 ]; | 114 | if [ "$?" -eq 0 ]; |
115 | then | 115 | then |
116 | echo "TESTING: firecfg (test/root/firecfg.exp)" | 116 | echo "TESTING: firecfg (test/root/firecfg.exp)" |
117 | ./firecfg.exp | 117 | ./firecfg.exp |
118 | else | 118 | else |
119 | echo "TESTING SKIP: firecfg, firefox not found" | 119 | echo "TESTING SKIP: firecfg, less not found" |
120 | fi | 120 | fi |
121 | 121 | ||
122 | # restore the default config file | 122 | # restore the default config file |
diff --git a/test/utils/audit.exp b/test/utils/audit.exp index c68ee387c..684886af7 100755 --- a/test/utils/audit.exp +++ b/test/utils/audit.exp | |||
@@ -76,4 +76,24 @@ expect { | |||
76 | } | 76 | } |
77 | after 100 | 77 | after 100 |
78 | 78 | ||
79 | # run audit executable without a sandbox | ||
80 | send -- "faudit\r" | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 13\n";exit} | ||
83 | "is not running in a PID namespace" | ||
84 | } | ||
85 | expect { | ||
86 | timeout {puts "TESTING ERROR 14\n";exit} | ||
87 | "BAD: seccomp disabled" | ||
88 | } | ||
89 | expect { | ||
90 | timeout {puts "TESTING ERROR 15\n";exit} | ||
91 | "BAD: the capability map is" | ||
92 | } | ||
93 | expect { | ||
94 | timeout {puts "TESTING ERROR 16\n";exit} | ||
95 | "MAYBE: /dev directory seems to be fully populated" | ||
96 | } | ||
97 | after 100 | ||
98 | |||
79 | puts "\nall done\n" | 99 | puts "\nall done\n" |
diff --git a/test/utils/build.exp b/test/utils/build.exp index 916f373b9..de2a9b6ae 100755 --- a/test/utils/build.exp +++ b/test/utils/build.exp | |||
@@ -7,7 +7,15 @@ set timeout 10 | |||
7 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | send -- "firejail --build ls ~\r" | 10 | send -- "firejail --build cat ~/firejail-test-file-7699\r" |
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | "whitelist ~/firejail-test-file-7699" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
17 | "include /etc/firejail/whitelist-common.inc" | ||
18 | } | ||
11 | expect { | 19 | expect { |
12 | timeout {puts "TESTING ERROR 1\n";exit} | 20 | timeout {puts "TESTING ERROR 1\n";exit} |
13 | "private-tmp" | 21 | "private-tmp" |
@@ -22,7 +30,7 @@ expect { | |||
22 | } | 30 | } |
23 | expect { | 31 | expect { |
24 | timeout {puts "TESTING ERROR 4\n";exit} | 32 | timeout {puts "TESTING ERROR 4\n";exit} |
25 | "private-bin ls," | 33 | "private-bin cat," |
26 | } | 34 | } |
27 | expect { | 35 | expect { |
28 | timeout {puts "TESTING ERROR 5\n";exit} | 36 | timeout {puts "TESTING ERROR 5\n";exit} |
diff --git a/test/utils/utils.sh b/test/utils/utils.sh index 59cd1cfd6..d72cc2269 100755 --- a/test/utils/utils.sh +++ b/test/utils/utils.sh | |||
@@ -6,8 +6,16 @@ | |||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) | 7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) |
8 | 8 | ||
9 | if [ -f /etc/debian_version ]; then | ||
10 | libdir=$(dirname "$(dpkg -L firejail | grep faudit)") | ||
11 | export PATH="$PATH:$libdir" | ||
12 | fi | ||
13 | export PATH="$PATH:/usr/lib/firejail" | ||
14 | |||
15 | echo "testing" > ~/firejail-test-file-7699 | ||
9 | echo "TESTING: build (test/utils/build.exp)" | 16 | echo "TESTING: build (test/utils/build.exp)" |
10 | ./build.exp | 17 | ./build.exp |
18 | rm -f ~/firejail-test-file-7699 | ||
11 | 19 | ||
12 | echo "TESTING: audit (test/utils/audit.exp)" | 20 | echo "TESTING: audit (test/utils/audit.exp)" |
13 | ./audit.exp | 21 | ./audit.exp |