diff options
-rw-r--r-- | Makefile.in | 2 | ||||
-rw-r--r-- | src/firejail/fs_bin.c | 3 | ||||
-rw-r--r-- | src/firejail/fs_etc.c | 3 | ||||
-rw-r--r-- | src/firejail/fs_mkdir.c | 6 | ||||
-rw-r--r-- | src/firejail/ls.c | 12 | ||||
-rw-r--r-- | src/firejail/main.c | 3 | ||||
-rw-r--r-- | src/firejail/x11.c | 3 | ||||
-rw-r--r-- | src/firemon/interface.c | 3 | ||||
-rw-r--r-- | src/firemon/procevent.c | 4 | ||||
-rwxr-xr-x | test/fs/fs.sh | 9 | ||||
-rwxr-xr-x | test/fs/read-write.exp | 49 | ||||
-rwxr-xr-x | test/root/configure | 27 | ||||
-rwxr-xr-x | test/root/firemon-events.exp | 72 | ||||
-rwxr-xr-x | test/root/net_interface.exp | 93 | ||||
-rwxr-xr-x | test/root/option_tmpfs.exp | 8 | ||||
-rwxr-xr-x | test/root/profile_tmpfs.exp | 37 | ||||
-rwxr-xr-x | test/root/root.sh | 31 | ||||
-rwxr-xr-x | test/root/start.sh | 4 | ||||
-rw-r--r-- | test/root/tmpfs-bad.profile | 1 | ||||
-rw-r--r-- | test/root/tmpfs.profile | 2 | ||||
-rwxr-xr-x | test/utils/firemon-cgroup.exp (renamed from test/root/firemon-interface.exp) | 28 |
21 files changed, 212 insertions, 188 deletions
diff --git a/Makefile.in b/Makefile.in index 41885ddcf..64970d4a5 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -174,7 +174,7 @@ test-compile: dist | |||
174 | cd test/compile; ./compile.sh $(NAME)-$(VERSION) | 174 | cd test/compile; ./compile.sh $(NAME)-$(VERSION) |
175 | 175 | ||
176 | test-root: | 176 | test-root: |
177 | cd test/root; su -c ./start.sh | 177 | cd test/root; su -c ./root.sh | grep TESTING |
178 | 178 | ||
179 | .PHONY: rpms | 179 | .PHONY: rpms |
180 | rpms: | 180 | rpms: |
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c index a3576e7c4..c906e32c0 100644 --- a/src/firejail/fs_bin.c +++ b/src/firejail/fs_bin.c | |||
@@ -247,6 +247,9 @@ void fs_private_bin_list(void) { | |||
247 | duplicate(ptr); | 247 | duplicate(ptr); |
248 | free(dlist); | 248 | free(dlist); |
249 | fs_logger_print(); | 249 | fs_logger_print(); |
250 | #ifdef HAVE_GCOV | ||
251 | __gcov_flush(); | ||
252 | #endif | ||
250 | _exit(0); | 253 | _exit(0); |
251 | } | 254 | } |
252 | // wait for the child to finish | 255 | // wait for the child to finish |
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 830de7c9f..ebcde29a3 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -171,6 +171,9 @@ void fs_private_etc_list(void) { | |||
171 | duplicate(ptr); | 171 | duplicate(ptr); |
172 | free(dlist); | 172 | free(dlist); |
173 | fs_logger_print(); | 173 | fs_logger_print(); |
174 | #ifdef HAVE_GCOV | ||
175 | __gcov_flush(); | ||
176 | #endif | ||
174 | _exit(0); | 177 | _exit(0); |
175 | } | 178 | } |
176 | // wait for the child to finish | 179 | // wait for the child to finish |
diff --git a/src/firejail/fs_mkdir.c b/src/firejail/fs_mkdir.c index cffe32a7a..6bcb3f33e 100644 --- a/src/firejail/fs_mkdir.c +++ b/src/firejail/fs_mkdir.c | |||
@@ -81,6 +81,9 @@ void fs_mkdir(const char *name) { | |||
81 | 81 | ||
82 | // create directory | 82 | // create directory |
83 | mkdir_recursive(expanded); | 83 | mkdir_recursive(expanded); |
84 | #ifdef HAVE_GCOV | ||
85 | __gcov_flush(); | ||
86 | #endif | ||
84 | _exit(0); | 87 | _exit(0); |
85 | } | 88 | } |
86 | // wait for the child to finish | 89 | // wait for the child to finish |
@@ -126,6 +129,9 @@ void fs_mkfile(const char *name) { | |||
126 | (void) rv; | 129 | (void) rv; |
127 | fclose(fp); | 130 | fclose(fp); |
128 | } | 131 | } |
132 | #ifdef HAVE_GCOV | ||
133 | __gcov_flush(); | ||
134 | #endif | ||
129 | _exit(0); | 135 | _exit(0); |
130 | } | 136 | } |
131 | // wait for the child to finish | 137 | // wait for the child to finish |
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 7c5585324..1b759d7a1 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
@@ -358,6 +358,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
358 | // copy the file | 358 | // copy the file |
359 | if (copy_file(src_fname, tmp_fname, getuid(), getgid(), 0600)) | 359 | if (copy_file(src_fname, tmp_fname, getuid(), getgid(), 0600)) |
360 | _exit(1); | 360 | _exit(1); |
361 | #ifdef HAVE_GCOV | ||
362 | __gcov_flush(); | ||
363 | #endif | ||
361 | _exit(0); | 364 | _exit(0); |
362 | } | 365 | } |
363 | 366 | ||
@@ -381,6 +384,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
381 | // copy the file | 384 | // copy the file |
382 | if (copy_file(tmp_fname, dest_fname, getuid(), getgid(), 0600)) | 385 | if (copy_file(tmp_fname, dest_fname, getuid(), getgid(), 0600)) |
383 | _exit(1); | 386 | _exit(1); |
387 | #ifdef HAVE_GCOV | ||
388 | __gcov_flush(); | ||
389 | #endif | ||
384 | _exit(0); | 390 | _exit(0); |
385 | } | 391 | } |
386 | 392 | ||
@@ -423,6 +429,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
423 | // copy the file | 429 | // copy the file |
424 | if (copy_file(src_fname, tmp_fname, getuid(), getgid(), 0600)) | 430 | if (copy_file(src_fname, tmp_fname, getuid(), getgid(), 0600)) |
425 | _exit(1); | 431 | _exit(1); |
432 | #ifdef HAVE_GCOV | ||
433 | __gcov_flush(); | ||
434 | #endif | ||
426 | _exit(0); | 435 | _exit(0); |
427 | } | 436 | } |
428 | 437 | ||
@@ -452,6 +461,9 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
452 | // copy the file | 461 | // copy the file |
453 | if (copy_file(tmp_fname, dest_fname, getuid(), getgid(), 0600)) | 462 | if (copy_file(tmp_fname, dest_fname, getuid(), getgid(), 0600)) |
454 | _exit(1); | 463 | _exit(1); |
464 | #ifdef HAVE_GCOV | ||
465 | __gcov_flush(); | ||
466 | #endif | ||
455 | _exit(0); | 467 | _exit(0); |
456 | } | 468 | } |
457 | 469 | ||
diff --git a/src/firejail/main.c b/src/firejail/main.c index 4759e6a5f..3f005b547 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -2461,6 +2461,9 @@ int main(int argc, char **argv) { | |||
2461 | network_main(child); | 2461 | network_main(child); |
2462 | if (arg_debug) | 2462 | if (arg_debug) |
2463 | printf("Host network configured\n"); | 2463 | printf("Host network configured\n"); |
2464 | #ifdef HAVE_GCOV | ||
2465 | __gcov_flush(); | ||
2466 | #endif | ||
2464 | _exit(0); | 2467 | _exit(0); |
2465 | } | 2468 | } |
2466 | 2469 | ||
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index ecab8880a..54f947c45 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -692,6 +692,9 @@ void x11_xorg(void) { | |||
692 | execlp("/usr/bin/xauth", "/usr/bin/xauth", "-f", tmpfname, | 692 | execlp("/usr/bin/xauth", "/usr/bin/xauth", "-f", tmpfname, |
693 | "generate", display, "MIT-MAGIC-COOKIE-1", "untrusted", NULL); | 693 | "generate", display, "MIT-MAGIC-COOKIE-1", "untrusted", NULL); |
694 | 694 | ||
695 | #ifdef HAVE_GCOV | ||
696 | __gcov_flush(); | ||
697 | #endif | ||
695 | _exit(0); | 698 | _exit(0); |
696 | } | 699 | } |
697 | 700 | ||
diff --git a/src/firemon/interface.c b/src/firemon/interface.c index bceed93d3..58990e6e5 100644 --- a/src/firemon/interface.c +++ b/src/firemon/interface.c | |||
@@ -146,6 +146,9 @@ static void print_sandbox(pid_t pid) { | |||
146 | return; | 146 | return; |
147 | net_ifprint(); | 147 | net_ifprint(); |
148 | printf("\n"); | 148 | printf("\n"); |
149 | #ifdef HAVE_GCOV | ||
150 | __gcov_flush(); | ||
151 | #endif | ||
149 | _exit(0); | 152 | _exit(0); |
150 | } | 153 | } |
151 | 154 | ||
diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c index 78a3a4fb2..1940f4a34 100644 --- a/src/firemon/procevent.c +++ b/src/firemon/procevent.c | |||
@@ -192,6 +192,10 @@ static int procevent_monitor(const int sock, pid_t mypid) { | |||
192 | tv.tv_usec = 0; | 192 | tv.tv_usec = 0; |
193 | 193 | ||
194 | while (1) { | 194 | while (1) { |
195 | #ifdef HAVE_GCOV | ||
196 | __gcov_flush(); | ||
197 | #endif | ||
198 | |||
195 | #define BUFFSIZE 4096 | 199 | #define BUFFSIZE 4096 |
196 | char __attribute__ ((aligned(NLMSG_ALIGNTO)))buf[BUFFSIZE]; | 200 | char __attribute__ ((aligned(NLMSG_ALIGNTO)))buf[BUFFSIZE]; |
197 | 201 | ||
diff --git a/test/fs/fs.sh b/test/fs/fs.sh index 8ad67141a..0b9cf977e 100755 --- a/test/fs/fs.sh +++ b/test/fs/fs.sh | |||
@@ -8,6 +8,15 @@ export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) | |||
8 | 8 | ||
9 | rm -fr ~/_firejail_test_* | 9 | rm -fr ~/_firejail_test_* |
10 | echo "TESTING: mkdir/mkfile (test/fs/mkdir_mkfile.exp)" | 10 | echo "TESTING: mkdir/mkfile (test/fs/mkdir_mkfile.exp)" |
11 | ./mkdir_mkfile.exp | ||
12 | rm -fr ~/_firejail_test_* | ||
13 | |||
14 | mkdir ~/_firejail_test_dir | ||
15 | touch ~/_firejail_test_dir/a | ||
16 | mkdir ~/_firejail_test_dir/test1 | ||
17 | touch ~/_firejail_test_dir/test1/b | ||
18 | echo "TESTING: read/write (test/fs/read-write.exp)" | ||
19 | ./read-write.exp | ||
11 | rm -fr ~/_firejail_test_* | 20 | rm -fr ~/_firejail_test_* |
12 | 21 | ||
13 | echo "TESTING: /sys/fs access (test/fs/sys_fs.exp)" | 22 | echo "TESTING: /sys/fs access (test/fs/sys_fs.exp)" |
diff --git a/test/fs/read-write.exp b/test/fs/read-write.exp new file mode 100755 index 000000000..cfca15605 --- /dev/null +++ b/test/fs/read-write.exp | |||
@@ -0,0 +1,49 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | |||
11 | send -- "firejail --read-only=~/_firejail_test_dir --read-write=~/_firejail_test_dir/test1\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "Child process initialized" | ||
15 | } | ||
16 | sleep 1 | ||
17 | |||
18 | send -- "echo mytest >~/_firejail_test_dir/a;echo done\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 1\n";exit} | ||
21 | "done" | ||
22 | } | ||
23 | |||
24 | send -- "echo mytest >~/_firejail_test_dir/test1/b;echo done\r" | ||
25 | expect { | ||
26 | timeout {puts "TESTING ERROR 2\n";exit} | ||
27 | "done" | ||
28 | } | ||
29 | |||
30 | send -- "cat ~/_firejail_test_dir/a;echo done\r" | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 3\n";exit} | ||
33 | "mytest" {puts "TESTING ERROR 4\n";exit} | ||
34 | "done" | ||
35 | } | ||
36 | |||
37 | |||
38 | send -- "cat ~/_firejail_test_dir/test1/b;echo done\r" | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 5\n";exit} | ||
41 | "mytest" | ||
42 | } | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 6\n";exit} | ||
45 | "done" | ||
46 | } | ||
47 | |||
48 | after 100 | ||
49 | puts "\nall done\n" | ||
diff --git a/test/root/configure b/test/root/configure deleted file mode 100755 index 35d938340..000000000 --- a/test/root/configure +++ /dev/null | |||
@@ -1,27 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | brctl addbr br0 | ||
7 | ifconfig br0 10.10.20.1/29 up | ||
8 | # NAT masquerade | ||
9 | iptables -t nat -A POSTROUTING -o eth0 -s 10.10.20.0/29 -j MASQUERADE | ||
10 | # port forwarding | ||
11 | # iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.10.20.2:80 | ||
12 | |||
13 | brctl addbr br1 | ||
14 | ifconfig br1 10.10.30.1/24 up | ||
15 | brctl addbr br2 | ||
16 | ifconfig br2 10.10.40.1/24 up | ||
17 | brctl addbr br3 | ||
18 | ifconfig br3 10.10.50.1/24 up | ||
19 | brctl addbr br4 | ||
20 | ifconfig br4 10.10.60.1/24 up | ||
21 | ip link add link eth0 name eth0.5 type vlan id 5 | ||
22 | /sbin/ifconfig eth0.5 10.10.205.10/24 up | ||
23 | ip link add link eth0 name eth0.6 type vlan id 6 | ||
24 | /sbin/ifconfig eth0.6 10.10.206.10/24 up | ||
25 | ip link add link eth0 name eth0.7 type vlan id 7 | ||
26 | /sbin/ifconfig eth0.7 10.10.207.10/24 up | ||
27 | |||
diff --git a/test/root/firemon-events.exp b/test/root/firemon-events.exp new file mode 100755 index 000000000..4f305e51d --- /dev/null +++ b/test/root/firemon-events.exp | |||
@@ -0,0 +1,72 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | # start firemon | ||
8 | set firemon_id $spawn_id | ||
9 | send -- "firemon\r" | ||
10 | sleep 1 | ||
11 | |||
12 | # start firejail | ||
13 | spawn $env(SHELL) | ||
14 | set firejail_id $spawn_id | ||
15 | send -- "firejail\r" | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 0\n";exit} | ||
18 | "Child process initialized" | ||
19 | } | ||
20 | |||
21 | # get messages on firemon | ||
22 | set spawn_id $firemon_id | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 1\n";exit} | ||
25 | "exec" | ||
26 | } | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 2\n";exit} | ||
29 | "/bin/bash -c /bin/bash" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 3\n";exit} | ||
33 | "exec" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 4\n";exit} | ||
37 | "/bin/bash" | ||
38 | } | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 5\n";exit} | ||
41 | "fork" | ||
42 | } | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 6\n";exit} | ||
45 | "child" | ||
46 | } | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 7\n";exit} | ||
49 | "/bin/bash" | ||
50 | } | ||
51 | after 100 | ||
52 | |||
53 | # exit firejail | ||
54 | set spawn_id $firejail_id | ||
55 | send -- "exit\r" | ||
56 | sleep 1 | ||
57 | |||
58 | # get messages on firemon | ||
59 | set spawn_id $firemon_id | ||
60 | expect { | ||
61 | timeout {puts "TESTING ERROR 8\n";exit} | ||
62 | "exit" | ||
63 | } | ||
64 | |||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 9\n";exit} | ||
67 | "EXIT SANDBOX" | ||
68 | } | ||
69 | |||
70 | |||
71 | puts "\nall done\n" | ||
72 | |||
diff --git a/test/root/net_interface.exp b/test/root/net_interface.exp deleted file mode 100755 index 2f87024d8..000000000 --- a/test/root/net_interface.exp +++ /dev/null | |||
@@ -1,93 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "ip link add link eth0 name eth0.100 type vlan id 100\r" | ||
11 | sleep 1 | ||
12 | send -- "ip link add link eth0 name eth0.101 type vlan id 101\r" | ||
13 | sleep 1 | ||
14 | send -- "ip link add link eth0 name eth0.102 type vlan id 102\r" | ||
15 | sleep 1 | ||
16 | send -- "ip link add link eth0 name eth0.103 type vlan id 103\r" | ||
17 | sleep 1 | ||
18 | send -- "ip link add link eth0 name eth0.104 type vlan id 104\r" | ||
19 | sleep 1 | ||
20 | puts "\n" | ||
21 | |||
22 | send -- "/sbin/ifconfig eth0.100 10.200.0.1/24\r" | ||
23 | sleep 1 | ||
24 | send -- "/sbin/ifconfig eth0.101 10.200.1.1/24\r" | ||
25 | sleep 1 | ||
26 | send -- "/sbin/ifconfig eth0.102 10.200.2.1/24\r" | ||
27 | sleep 1 | ||
28 | send -- "/sbin/ifconfig eth0.103 10.200.3.1/24\r" | ||
29 | sleep 1 | ||
30 | send -- "/sbin/ifconfig eth0.104 10.200.4.1/24\r" | ||
31 | sleep 1 | ||
32 | puts "\n" | ||
33 | |||
34 | |||
35 | |||
36 | send -- "firejail --noprofile --interface=eth0.100 --interface=eth0.101 --interface=eth0.102 --interface=eth0.103 --interface=eth0.104\r" | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 0\n";exit} | ||
39 | "maximum 4 interfaces are allowed" | ||
40 | } | ||
41 | sleep 1 | ||
42 | |||
43 | send -- "firejail --noprofile --interface=eth0.100 --interface=eth0.101 --interface=eth0.102 --interface=eth0.103\r" | ||
44 | expect { | ||
45 | timeout {puts "TESTING ERROR 1\n";exit} | ||
46 | "eth0.100" | ||
47 | } | ||
48 | expect { | ||
49 | timeout {puts "TESTING ERROR 1.1\n";exit} | ||
50 | "UP" | ||
51 | } | ||
52 | expect { | ||
53 | timeout {puts "TESTING ERROR 2\n";exit} | ||
54 | "eth0.101" | ||
55 | } | ||
56 | expect { | ||
57 | timeout {puts "TESTING ERROR 2.2\n";exit} | ||
58 | "UP" | ||
59 | } | ||
60 | expect { | ||
61 | timeout {puts "TESTING ERROR 3\n";exit} | ||
62 | "eth0.102" | ||
63 | } | ||
64 | expect { | ||
65 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
66 | "UP" | ||
67 | } | ||
68 | expect { | ||
69 | timeout {puts "TESTING ERROR 4\n";exit} | ||
70 | "eth0.103" | ||
71 | } | ||
72 | expect { | ||
73 | timeout {puts "TESTING ERROR 4.1\n";exit} | ||
74 | "UP" | ||
75 | } | ||
76 | sleep 1 | ||
77 | send -- "exit\r" | ||
78 | sleep 1 | ||
79 | |||
80 | send -- "firejail --noprofile --interface=eth0.104\r" | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 5\n";exit} | ||
83 | "eth0.104" | ||
84 | } | ||
85 | expect { | ||
86 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
87 | "UP" | ||
88 | } | ||
89 | send -- "exit\r" | ||
90 | after 100 | ||
91 | |||
92 | puts "all done\n" | ||
93 | |||
diff --git a/test/root/option_tmpfs.exp b/test/root/option_tmpfs.exp index 20e42a858..3d492dfdb 100755 --- a/test/root/option_tmpfs.exp +++ b/test/root/option_tmpfs.exp | |||
@@ -16,13 +16,9 @@ expect { | |||
16 | timeout {puts "TESTING ERROR 1\n";exit} | 16 | timeout {puts "TESTING ERROR 1\n";exit} |
17 | "total 0" | 17 | "total 0" |
18 | } | 18 | } |
19 | expect { | 19 | after 100 |
20 | timeout {puts "TESTING ERROR 2\n";exit} | ||
21 | "/root" | ||
22 | } | ||
23 | sleep 1 | ||
24 | send -- "exit\r" | 20 | send -- "exit\r" |
25 | sleep 2 | 21 | sleep 1 |
26 | 22 | ||
27 | send -- "firejail --debug-check-filename --tmpfs=\"bla&&bla\"\r" | 23 | send -- "firejail --debug-check-filename --tmpfs=\"bla&&bla\"\r" |
28 | expect { | 24 | expect { |
diff --git a/test/root/profile_tmpfs.exp b/test/root/profile_tmpfs.exp index da7c084a2..25f73b50b 100755 --- a/test/root/profile_tmpfs.exp +++ b/test/root/profile_tmpfs.exp | |||
@@ -4,34 +4,37 @@ set timeout 10 | |||
4 | spawn $env(SHELL) | 4 | spawn $env(SHELL) |
5 | match_max 100000 | 5 | match_max 100000 |
6 | 6 | ||
7 | send -- "mkdir /tmp/firejailtestdir\r" | ||
8 | sleep 1 | ||
9 | send -- "ls > /tmp/firejailtestdir/tmpfile\r" | ||
10 | sleep 1 | ||
11 | |||
12 | send -- "firejail --profile=tmpfs.profile\r" | 7 | send -- "firejail --profile=tmpfs.profile\r" |
13 | expect { | 8 | expect { |
14 | timeout {puts "TESTING ERROR 0\n";exit} | 9 | timeout {puts "TESTING ERROR 0\n";exit} |
15 | "Child process initialized" | 10 | "Child process initialized" |
16 | } | 11 | } |
17 | |||
18 | # testing private only | ||
19 | send -- "bash\r" | ||
20 | sleep 1 | 12 | sleep 1 |
21 | 13 | ||
22 | send -- "ls -l /tmp/firejailtestdir;pwd\r" | 14 | send -- "ls -l /var;pwd\r" |
23 | expect { | 15 | expect { |
24 | timeout {puts "TESTING ERROR 1.1\n";exit} | 16 | timeout {puts "TESTING ERROR 1\n";exit} |
25 | "tmpfile" {puts "TESTING ERROR 1\n";exit} | 17 | "total 0" |
26 | "home" | ||
27 | } | 18 | } |
28 | sleep 1 | 19 | after 100 |
29 | send -- "exit\r" | ||
30 | sleep 1 | ||
31 | send -- "exit\r" | 20 | send -- "exit\r" |
32 | sleep 1 | 21 | sleep 1 |
33 | send -- "rm -fr /tmp/firejailtestdir\r" | ||
34 | 22 | ||
35 | sleep 1 | 23 | send -- "firejail --debug-check-filename --profile=tmpfs-bad.profile\r" |
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 13.1\n";exit} | ||
26 | "Checking filename bla&&bla" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 13.2\n";exit} | ||
30 | "Error:" | ||
31 | } | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 13.3\n";exit} | ||
34 | "is an invalid filename" | ||
35 | } | ||
36 | after 100 | ||
37 | |||
36 | 38 | ||
37 | puts "\nall done\n" | 39 | puts "\nall done\n" |
40 | |||
diff --git a/test/root/root.sh b/test/root/root.sh index 960071d45..5576faad6 100755 --- a/test/root/root.sh +++ b/test/root/root.sh | |||
@@ -1,7 +1,5 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | 2 | ||
3 | ./configure 2 > /dev/null | ||
4 | |||
5 | #******************************** | 3 | #******************************** |
6 | # servers | 4 | # servers |
7 | #******************************** | 5 | #******************************** |
@@ -76,30 +74,7 @@ echo hello > tmpfile | |||
76 | rm -f tmpfile | 74 | rm -f tmpfile |
77 | 75 | ||
78 | #******************************** | 76 | #******************************** |
79 | # networking | 77 | # firemon |
80 | #******************************** | 78 | #******************************** |
81 | echo "TESTING: network interfaces (test/root/net_interface.exp)" | 79 | echo "TESTING: firemon events (test/root/firemon-events.exp)" |
82 | ./net_interface.exp | 80 | ./firemon-events.exp |
83 | |||
84 | echo "TESTING: firemon --interface (test/root/firemon-interface.exp)" | ||
85 | ./firemon-interface.exp | ||
86 | |||
87 | #if [ -f /sys/fs/cgroup/g1/tasks ] | ||
88 | #then | ||
89 | # echo "TESTING: firemon --cgroup (firemon-cgroup.exp)" | ||
90 | # ./firemon-cgroup.exp | ||
91 | #fi | ||
92 | # | ||
93 | #echo "TESTING: chroot resolv.conf (chroot-resolvconf.exp)" | ||
94 | #rm -f tmpfile | ||
95 | #touch tmpfile | ||
96 | #rm -f /tmp/chroot/etc/resolv.conf | ||
97 | #ln -s tmp /tmp/chroot/etc/resolv.conf | ||
98 | #./chroot-resolvconf.exp | ||
99 | #rm -f tmpfile | ||
100 | #rm /tmp/chroot/etc/resolv.conf | ||
101 | |||
102 | #echo "TESTING: chroot (fs_chroot_asroot.exp)" | ||
103 | #./fs_chroot_asroot.exp | ||
104 | |||
105 | |||
diff --git a/test/root/start.sh b/test/root/start.sh deleted file mode 100755 index 8e7a869cd..000000000 --- a/test/root/start.sh +++ /dev/null | |||
@@ -1,4 +0,0 @@ | |||
1 | #/bin/bash | ||
2 | |||
3 | ./configure | ||
4 | ./root.sh | grep TESTING \ No newline at end of file | ||
diff --git a/test/root/tmpfs-bad.profile b/test/root/tmpfs-bad.profile new file mode 100644 index 000000000..7264e18ff --- /dev/null +++ b/test/root/tmpfs-bad.profile | |||
@@ -0,0 +1 @@ | |||
tmpfs bla&&bla | |||
diff --git a/test/root/tmpfs.profile b/test/root/tmpfs.profile index 0680f4d69..55a6f7ebc 100644 --- a/test/root/tmpfs.profile +++ b/test/root/tmpfs.profile | |||
@@ -1 +1 @@ | |||
tmpfs /tmp/firejailtestdir \ No newline at end of file | tmpfs /var | ||
diff --git a/test/root/firemon-interface.exp b/test/utils/firemon-cgroup.exp index 6a82ae41e..3cd4f5a03 100755 --- a/test/root/firemon-interface.exp +++ b/test/utils/firemon-cgroup.exp | |||
@@ -1,10 +1,13 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
5 | match_max 100000 | 8 | match_max 100000 |
6 | 9 | ||
7 | send -- "firejail\r" | 10 | send -- "firejail --name=test1\r" |
8 | expect { | 11 | expect { |
9 | timeout {puts "TESTING ERROR 0\n";exit} | 12 | timeout {puts "TESTING ERROR 0\n";exit} |
10 | "Child process initialized" | 13 | "Child process initialized" |
@@ -12,23 +15,26 @@ expect { | |||
12 | sleep 1 | 15 | sleep 1 |
13 | 16 | ||
14 | spawn $env(SHELL) | 17 | spawn $env(SHELL) |
15 | send -- "firemon --interface\r" | 18 | send -- "firejail --name=test2\r" |
16 | expect { | 19 | expect { |
17 | timeout {puts "TESTING ERROR 1\n";exit} | 20 | timeout {puts "TESTING ERROR 1\n";exit} |
18 | "lo UP" | 21 | "Child process initialized" |
19 | } | 22 | } |
23 | sleep 1 | ||
24 | |||
25 | spawn $env(SHELL) | ||
26 | send -- "firemon --cgroup\r" | ||
27 | sleep 4 | ||
20 | expect { | 28 | expect { |
21 | timeout {puts "TESTING ERROR 2\n";exit} | 29 | timeout {puts "TESTING ERROR 2\n";exit} |
22 | "10.10.20.1/29" | 30 | "name=test1" |
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | "10.10.50.1/24" | ||
27 | } | 31 | } |
28 | expect { | 32 | expect { |
29 | timeout {puts "TESTING ERROR 3\n";exit} | 33 | timeout {puts "TESTING ERROR 3\n";exit} |
30 | "br3" | 34 | "name=test2" |
31 | } | 35 | } |
32 | sleep 1 | ||
33 | 36 | ||
34 | puts "\n" | 37 | after 100 |
38 | |||
39 | puts "\nall done\n" | ||
40 | |||