diff options
-rw-r--r-- | Makefile.in | 4 | ||||
-rwxr-xr-x | test/dns.exp | 69 | ||||
-rwxr-xr-x | test/environment/dns.exp | 30 | ||||
-rwxr-xr-x | test/environment/doubledash.exp (renamed from test/doubledash.exp) | 0 | ||||
-rwxr-xr-x | test/environment/environment.sh | 16 | ||||
-rwxr-xr-x | test/environment/extract_command.exp (renamed from test/extract_command.exp) | 2 | ||||
-rwxr-xr-x | test/environment/output.exp (renamed from test/output.exp) | 7 | ||||
-rwxr-xr-x | test/environment/output.sh (renamed from test/output.sh) | 0 | ||||
-rwxr-xr-x | test/google-chrome.exp | 80 | ||||
-rwxr-xr-x | test/test.sh | 7 |
10 files changed, 54 insertions, 161 deletions
diff --git a/Makefile.in b/Makefile.in index c89f9167b..8726e4211 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -49,6 +49,10 @@ clean: | |||
49 | rm -f test/utils/index.html* | 49 | rm -f test/utils/index.html* |
50 | rm -f test/utils/wget-log | 50 | rm -f test/utils/wget-log |
51 | rm -f test/utils/lstesting | 51 | rm -f test/utils/lstesting |
52 | rm -f test/environment/index.html* | ||
53 | rm -f test/environment/wget-log* | ||
54 | rm -fr test/environment/-testdir | ||
55 | rm -f test/environment/logfile* | ||
52 | cd test/compile; ./compile.sh --clean; cd ../.. | 56 | cd test/compile; ./compile.sh --clean; cd ../.. |
53 | cd test/dist-compile; ./compile.sh --clean; cd ../.. | 57 | cd test/dist-compile; ./compile.sh --clean; cd ../.. |
54 | 58 | ||
diff --git a/test/dns.exp b/test/dns.exp deleted file mode 100755 index 96513f278..000000000 --- a/test/dns.exp +++ /dev/null | |||
@@ -1,69 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 30 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | # no chroot | ||
8 | send -- "firejail --trace --dns=208.67.222.222 wget -q debian.org\r" | ||
9 | expect { | ||
10 | timeout {puts "TESTING ERROR 1.1\n";exit} | ||
11 | "Child process initialized" | ||
12 | } | ||
13 | expect { | ||
14 | timeout {puts "TESTING ERROR 1.2\n";exit} | ||
15 | "1:wget:connect 208.67.222.222:53" | ||
16 | } | ||
17 | sleep 1 | ||
18 | |||
19 | send -- "rm index.html\r" | ||
20 | sleep 1 | ||
21 | |||
22 | # with chroot | ||
23 | send -- "firejail --chroot=/tmp/chroot --trace --dns=208.67.222.222 wget -q debian.org\r" | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 2.1\n";exit} | ||
26 | "Child process initialized" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 2.2\n";exit} | ||
30 | "1:wget:connect 208.67.222.222:53" | ||
31 | } | ||
32 | sleep 1 | ||
33 | |||
34 | send -- "rm index.html\r" | ||
35 | sleep 1 | ||
36 | |||
37 | # net eth0 | ||
38 | send -- "firejail --net=eth0 --trace --dns=208.67.222.222 wget -q debian.org\r" | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
41 | "Child process initialized" | ||
42 | } | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 3.2\n";exit} | ||
45 | "1:wget:connect 208.67.222.222:53" | ||
46 | } | ||
47 | sleep 1 | ||
48 | |||
49 | send -- "rm index.html\r" | ||
50 | sleep 1 | ||
51 | |||
52 | # net eth0 and chroot | ||
53 | send -- "firejail --net=eth0 --chroot=/tmp/chroot --trace --dns=208.67.222.222 wget -q debian.org\r" | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 4.1\n";exit} | ||
56 | "Child process initialized" | ||
57 | } | ||
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 4.2\n";exit} | ||
60 | "1:wget:connect 208.67.222.222:53" | ||
61 | } | ||
62 | sleep 1 | ||
63 | |||
64 | send -- "rm index.html\r" | ||
65 | sleep 1 | ||
66 | |||
67 | |||
68 | puts "\n" | ||
69 | |||
diff --git a/test/environment/dns.exp b/test/environment/dns.exp new file mode 100755 index 000000000..6ffb124cf --- /dev/null +++ b/test/environment/dns.exp | |||
@@ -0,0 +1,30 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 30 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | # no chroot | ||
8 | send -- "firejail --trace --dns=208.67.222.222 wget -q debian.org\r" | ||
9 | expect { | ||
10 | timeout {puts "TESTING ERROR 1.1\n";exit} | ||
11 | "Child process initialized" | ||
12 | } | ||
13 | expect { | ||
14 | timeout {puts "TESTING ERROR 1.2\n";exit} | ||
15 | "connect" | ||
16 | } | ||
17 | expect { | ||
18 | timeout {puts "TESTING ERROR 1.2\n";exit} | ||
19 | "208.67.222.222" | ||
20 | } | ||
21 | expect { | ||
22 | timeout {puts "TESTING ERROR 1.2\n";exit} | ||
23 | "53" | ||
24 | } | ||
25 | |||
26 | after 100 | ||
27 | |||
28 | send -- "rm index.html\r" | ||
29 | after 100 | ||
30 | puts "\nall done\n" | ||
diff --git a/test/doubledash.exp b/test/environment/doubledash.exp index 668468980..668468980 100755 --- a/test/doubledash.exp +++ b/test/environment/doubledash.exp | |||
diff --git a/test/environment/environment.sh b/test/environment/environment.sh index 49b50797a..a6fe07a1c 100755 --- a/test/environment/environment.sh +++ b/test/environment/environment.sh | |||
@@ -6,6 +6,22 @@ | |||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) | 7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) |
8 | 8 | ||
9 | echo "TESTING: DNS (test/environment/dns.exp)" | ||
10 | ./dns.exp | ||
11 | |||
12 | echo "TESTING: doubledash (test/environment/doubledash.exp" | ||
13 | mkdir -- -testdir | ||
14 | touch -- -testdir/ttt | ||
15 | cp -- /bin/bash -testdir/. | ||
16 | ./doubledash.exp | ||
17 | rm -fr -- -testdir | ||
18 | |||
19 | echo "TESTING: output (test/environment/output.exp)" | ||
20 | ./output.exp | ||
21 | |||
22 | echo "TESTING: extract command (extract_command.exp)" | ||
23 | ./extract_command.exp | ||
24 | |||
9 | echo "TESTING: environment variables (test/environment/env.exp)" | 25 | echo "TESTING: environment variables (test/environment/env.exp)" |
10 | ./env.exp | 26 | ./env.exp |
11 | 27 | ||
diff --git a/test/extract_command.exp b/test/environment/extract_command.exp index 851b793c9..266f66ff5 100755 --- a/test/extract_command.exp +++ b/test/environment/extract_command.exp | |||
@@ -17,7 +17,7 @@ expect { | |||
17 | timeout {puts "TESTING ERROR 2\n";exit} | 17 | timeout {puts "TESTING ERROR 2\n";exit} |
18 | "Parent is shutting down, bye" | 18 | "Parent is shutting down, bye" |
19 | } | 19 | } |
20 | sleep 1 | 20 | after 100 |
21 | 21 | ||
22 | puts "\nall done\n" | 22 | puts "\nall done\n" |
23 | 23 | ||
diff --git a/test/output.exp b/test/environment/output.exp index 90a9d64b6..10c325832 100755 --- a/test/output.exp +++ b/test/environment/output.exp | |||
@@ -59,8 +59,7 @@ expect { | |||
59 | timeout {puts "TESTING ERROR 7\n";exit} | 59 | timeout {puts "TESTING ERROR 7\n";exit} |
60 | "logfile.5" | 60 | "logfile.5" |
61 | } | 61 | } |
62 | sleep 1 | 62 | after 100 |
63 | send -- "rm -f logfile*\r" | 63 | send -- "rm -f logfile*\r" |
64 | sleep 1 | 64 | after 100 |
65 | 65 | puts "\nall done\n" | |
66 | puts "\n" | ||
diff --git a/test/output.sh b/test/environment/output.sh index 2be188e3a..2be188e3a 100755 --- a/test/output.sh +++ b/test/environment/output.sh | |||
diff --git a/test/google-chrome.exp b/test/google-chrome.exp deleted file mode 100755 index 389988e3c..000000000 --- a/test/google-chrome.exp +++ /dev/null | |||
@@ -1,80 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | send -- "firejail google-chrome www.gentoo.org\r" | ||
8 | expect { | ||
9 | timeout {puts "TESTING ERROR 0\n";exit} | ||
10 | "Reading profile /etc/firejail/google-chrome.profile" | ||
11 | } | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 1\n";exit} | ||
14 | "Child process initialized" | ||
15 | } | ||
16 | sleep 10 | ||
17 | |||
18 | spawn $env(SHELL) | ||
19 | send -- "firejail --list\r" | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 3\n";exit} | ||
22 | ":firejail" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
26 | "google-chrome" | ||
27 | } | ||
28 | sleep 1 | ||
29 | |||
30 | # grsecurity exit | ||
31 | send -- "file /proc/sys/kernel/grsecurity\r" | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR - grsecurity detection\n";exit} | ||
34 | "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit} | ||
35 | "cannot open" {puts "grsecurity not present\n"} | ||
36 | } | ||
37 | |||
38 | send -- "firejail --name=blablabla\r" | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 4\n";exit} | ||
41 | "Child process initialized" | ||
42 | } | ||
43 | sleep 2 | ||
44 | |||
45 | spawn $env(SHELL) | ||
46 | send -- "firemon --seccomp\r" | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 5\n";exit} | ||
49 | ":firejail google-chrome" | ||
50 | } | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
53 | "Seccomp: 0" | ||
54 | } | ||
55 | expect { | ||
56 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
57 | "name=blablabla" | ||
58 | } | ||
59 | sleep 1 | ||
60 | send -- "firemon --caps\r" | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 6\n";exit} | ||
63 | ":firejail google-chrome" | ||
64 | } | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
67 | "CapBnd:" | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 6.2\n";exit} | ||
71 | "fffffffff" | ||
72 | } | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 6.3\n";exit} | ||
75 | "name=blablabla" | ||
76 | } | ||
77 | sleep 1 | ||
78 | |||
79 | puts "\n" | ||
80 | |||
diff --git a/test/test.sh b/test/test.sh index c4f0afd94..4d57aaad2 100755 --- a/test/test.sh +++ b/test/test.sh | |||
@@ -27,13 +27,6 @@ rm -fr auto2 | |||
27 | rm -fr auto3 | 27 | rm -fr auto3 |
28 | rm -fr auto4 | 28 | rm -fr auto4 |
29 | 29 | ||
30 | echo "TESTING: doubledash" | ||
31 | mkdir -- -testdir | ||
32 | touch -- -testdir/ttt | ||
33 | cp -- /bin/bash -testdir/. | ||
34 | ./doubledash.exp | ||
35 | rm -fr -- -testdir | ||
36 | |||
37 | echo "TESTING: extract command (extract_command.exp)" | 30 | echo "TESTING: extract command (extract_command.exp)" |
38 | ./extract_command.exp | 31 | ./extract_command.exp |
39 | 32 | ||