diff options
-rwxr-xr-x | test/fs/fs.sh | 8 | ||||
-rwxr-xr-x | test/fs/private-home-dir.exp | 70 | ||||
-rwxr-xr-x | test/fs/private-home.exp | 45 | ||||
-rwxr-xr-x | test/fs/private.exp | 51 |
4 files changed, 147 insertions, 27 deletions
diff --git a/test/fs/fs.sh b/test/fs/fs.sh index 3139b8eae..812da02b0 100755 --- a/test/fs/fs.sh +++ b/test/fs/fs.sh | |||
@@ -22,7 +22,13 @@ echo "TESTING: read/write /dev/shm (test/fs/fs_dev_shm.exp)" | |||
22 | ./fs_dev_shm.exp | 22 | ./fs_dev_shm.exp |
23 | 23 | ||
24 | echo "TESTING: private (test/fs/private.exp)" | 24 | echo "TESTING: private (test/fs/private.exp)" |
25 | ./private.exp `whoami` | 25 | ./private.exp |
26 | |||
27 | echo "TESTING: private home (test/fs/private-home.exp)" | ||
28 | ./private-home.exp | ||
29 | |||
30 | echo "TESTING: private home dir (test/fs/private-home-dir.exp)" | ||
31 | ./private-home-dir.exp | ||
26 | 32 | ||
27 | echo "TESTING: private-etc (test/fs/private-etc.exp)" | 33 | echo "TESTING: private-etc (test/fs/private-etc.exp)" |
28 | ./private-etc.exp | 34 | ./private-etc.exp |
diff --git a/test/fs/private-home-dir.exp b/test/fs/private-home-dir.exp new file mode 100755 index 000000000..5491be834 --- /dev/null +++ b/test/fs/private-home-dir.exp | |||
@@ -0,0 +1,70 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | |||
11 | if {[file exists ~/.asoundrc]} { | ||
12 | puts "found .asoundrc file\n" | ||
13 | } else { | ||
14 | send -- "touch ~/.asoundrc\r" | ||
15 | } | ||
16 | after 100 | ||
17 | |||
18 | if {[file exists ~/.Xauthority]} { | ||
19 | puts "found .Xauthority file\n" | ||
20 | } else { | ||
21 | send -- "touch ~/.Xauthority\r" | ||
22 | } | ||
23 | after 100 | ||
24 | send -- "mkdir ~/_firejail_test_dir_\r" | ||
25 | sleep 1 | ||
26 | |||
27 | # testing profile and private | ||
28 | send -- "firejail --private=~/_firejail_test_dir_\r" | ||
29 | expect { | ||
30 | timeout {puts "TESTING ERROR 0\n";exit} | ||
31 | "Child process initialized" | ||
32 | } | ||
33 | sleep 1 | ||
34 | |||
35 | send -- "ls -l ~\r" | ||
36 | expect { | ||
37 | timeout {puts "TESTING ERROR 1\n";exit} | ||
38 | "total 0" | ||
39 | } | ||
40 | after 100 | ||
41 | |||
42 | send -- "ls -al ~\r" | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 2\n";exit} | ||
45 | ".asoundrc" | ||
46 | } | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 3\n";exit} | ||
49 | ".bashrc" | ||
50 | } | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 4\n";exit} | ||
53 | ".Xauthority" | ||
54 | } | ||
55 | after 100 | ||
56 | |||
57 | send -- "exit\r" | ||
58 | sleep 1 | ||
59 | |||
60 | |||
61 | # testing profile and private | ||
62 | send -- "firejail --private=/etc\r" | ||
63 | expect { | ||
64 | timeout {puts "TESTING ERROR 5\n";exit} | ||
65 | "private directory should be owned by the current user" | ||
66 | } | ||
67 | sleep 1 | ||
68 | |||
69 | |||
70 | puts "all done\n" | ||
diff --git a/test/fs/private-home.exp b/test/fs/private-home.exp new file mode 100755 index 000000000..de5a88dea --- /dev/null +++ b/test/fs/private-home.exp | |||
@@ -0,0 +1,45 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # create some test files in user home directory | ||
11 | send -- "touch ~/_firejail_test_file1\r" | ||
12 | send -- "touch ~/_firejail_test_file2\r" | ||
13 | send -- "mkdir ~/_firejail_test_dir1\r" | ||
14 | send -- "mkdir ~/_firejail_test_dir1/_firejail_test_dir2\r" | ||
15 | send -- "touch ~/_firejail_test_dir1/_firejail_test_dir2/_firejail_test_file3\r" | ||
16 | after 100 | ||
17 | |||
18 | send -- "firejail --private-home=_firejail_test_file1,_firejail_test_file2,_firejail_test_dir1\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 1\n";exit} | ||
21 | "Child process initialized" | ||
22 | } | ||
23 | after 100 | ||
24 | |||
25 | send -- "find ~\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 2\n";exit} | ||
28 | "_firejail_test_file3" | ||
29 | } | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 3\n";exit} | ||
32 | "_firejail_test_file2" | ||
33 | } | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 4\n";exit} | ||
36 | "_firejail_test_file1" | ||
37 | } | ||
38 | after 100 | ||
39 | |||
40 | send -- "rm -f ~/_firejail_test_file*\r" | ||
41 | send -- "rm -fr ~/_firejail_test_dir*\r" | ||
42 | after 100 | ||
43 | |||
44 | puts "\nall done\n" | ||
45 | |||
diff --git a/test/fs/private.exp b/test/fs/private.exp index 67435b888..8114ee45d 100755 --- a/test/fs/private.exp +++ b/test/fs/private.exp | |||
@@ -7,53 +7,52 @@ set timeout 10 | |||
7 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | if { $argc != 1 } { | 10 | |
11 | puts "TESTING ERROR: argument missing" | 11 | if {[file exists ~/.asoundrc]} { |
12 | puts "Usage: private.exp username" | 12 | puts "found .asoundrc file\n" |
13 | puts "where username is the name of the current user" | 13 | } else { |
14 | exit | 14 | send -- "touch ~/.asoundrc\r" |
15 | } | 15 | } |
16 | after 100 | ||
17 | |||
18 | if {[file exists ~/.Xauthority]} { | ||
19 | puts "found .Xauthority file\n" | ||
20 | } else { | ||
21 | send -- "touch ~/.Xauthority\r" | ||
22 | } | ||
23 | after 100 | ||
16 | 24 | ||
17 | # testing profile and private | 25 | # testing profile and private |
18 | send -- "firejail --private --profile=/etc/firejail/default.profile\r" | 26 | send -- "firejail --private\r" |
19 | expect { | 27 | expect { |
20 | timeout {puts "TESTING ERROR 0\n";exit} | 28 | timeout {puts "TESTING ERROR 0\n";exit} |
21 | "Child process initialized" | 29 | "Child process initialized" |
22 | } | 30 | } |
23 | sleep 1 | 31 | sleep 1 |
24 | send -- "exit\r" | ||
25 | sleep 1 | ||
26 | 32 | ||
27 | send -- "firejail --private --noprofile\r" | 33 | send -- "ls -l ~\r" |
28 | expect { | 34 | expect { |
29 | timeout {puts "TESTING ERROR 1\n";exit} | 35 | timeout {puts "TESTING ERROR 1\n";exit} |
30 | "Child process initialized" | 36 | "total 0" |
31 | } | 37 | } |
38 | after 100 | ||
32 | 39 | ||
33 | sleep 1 | 40 | send -- "ls -al ~\r" |
34 | send -- "cd ~; ls -al; echo done\r" | ||
35 | expect { | 41 | expect { |
36 | timeout {puts "TESTING ERROR 2\n";exit} | 42 | timeout {puts "TESTING ERROR 2\n";exit} |
37 | ".bashrc" | 43 | ".asoundrc" |
38 | } | 44 | } |
39 | expect { | 45 | expect { |
40 | timeout {puts "TESTING ERROR 3\n";exit} | 46 | timeout {puts "TESTING ERROR 3\n";exit} |
41 | done | 47 | ".bashrc" |
42 | } | ||
43 | |||
44 | # owner /tmp | ||
45 | send -- "stat -c %U%a /tmp;echo done\r" | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 10\n";exit} | ||
48 | "root777" {puts "version 1\n";} | ||
49 | "root1777" {puts "version 2\n";} | ||
50 | "nobody777" {puts "version 3\n";} | ||
51 | "nobody1777" {puts "version 4\n";} | ||
52 | } | 48 | } |
53 | expect { | 49 | expect { |
54 | timeout {puts "TESTING ERROR 11\n";exit} | 50 | timeout {puts "TESTING ERROR 4\n";exit} |
55 | "done" | 51 | ".Xauthority" |
56 | } | 52 | } |
57 | after 100 | 53 | after 100 |
58 | 54 | ||
55 | send -- "exit\r" | ||
56 | sleep 1 | ||
57 | |||
59 | puts "all done\n" | 58 | puts "all done\n" |