diff options
-rw-r--r-- | .github/workflows/build.yml | 10 | ||||
-rw-r--r-- | Makefile.in | 62 | ||||
-rwxr-xr-x | configure | 3 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rwxr-xr-x | platform/rpm/mkrpm.sh | 2 | ||||
-rw-r--r-- | test/Makefile.in | 10 | ||||
-rwxr-xr-x | test/sysutils/less.exp | 1 | ||||
-rwxr-xr-x | test/sysutils/xz.exp | 5 | ||||
-rwxr-xr-x | test/utils/man.exp | 1 |
9 files changed, 43 insertions, 53 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 56b38cb71..71cb7f0b4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml | |||
@@ -7,16 +7,20 @@ on: | |||
7 | branches: [ master ] | 7 | branches: [ master ] |
8 | 8 | ||
9 | jobs: | 9 | jobs: |
10 | build: | 10 | build_and_test: |
11 | runs-on: ubuntu-20.04 | 11 | runs-on: ubuntu-20.04 |
12 | steps: | 12 | steps: |
13 | - uses: actions/checkout@v2 | 13 | - uses: actions/checkout@v2 |
14 | - name: install dependencies | 14 | - name: install dependencies |
15 | run: sudo apt-get install gcc-10 libapparmor-dev libselinux1-dev | 15 | run: sudo apt-get install gcc-10 libapparmor-dev libselinux1-dev expect xzdec |
16 | - name: configure | 16 | - name: configure |
17 | run: CC=gcc-10 ./configure --enable-fatal-warnings --enable-analyzer --enable-apparmor --enable-selinux | 17 | run: CC=gcc-10 ./configure --enable-fatal-warnings --enable-analyzer --enable-apparmor --enable-selinux --prefix=/usr |
18 | - name: make | 18 | - name: make |
19 | run: make | 19 | run: make |
20 | - name: make install | ||
21 | run: sudo make install | ||
22 | - name: run tests | ||
23 | run: SHELL=/bin/bash make test-github | ||
20 | build-clang: | 24 | build-clang: |
21 | runs-on: ubuntu-20.04 | 25 | runs-on: ubuntu-20.04 |
22 | steps: | 26 | steps: |
diff --git a/Makefile.in b/Makefile.in index c00d20c64..5fbbfead9 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -74,6 +74,7 @@ clean: | |||
74 | for dir in $$(dirname $(ALL_ITEMS)) $(MYDIRS); do \ | 74 | for dir in $$(dirname $(ALL_ITEMS)) $(MYDIRS); do \ |
75 | $(MAKE) -C $$dir clean; \ | 75 | $(MAKE) -C $$dir clean; \ |
76 | done | 76 | done |
77 | $(MAKE) -C test clean | ||
77 | rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm | 78 | rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm |
78 | rm -f $(SECCOMP_FILTERS) | 79 | rm -f $(SECCOMP_FILTERS) |
79 | rm -f test/utils/index.html* | 80 | rm -f test/utils/index.html* |
@@ -181,7 +182,7 @@ uninstall: | |||
181 | @echo "If you want to install a different version of firejail, you might also need to run 'rm -fr $(DESTDIR)$(sysconfdir)/firejail', see #2038." | 182 | @echo "If you want to install a different version of firejail, you might also need to run 'rm -fr $(DESTDIR)$(sysconfdir)/firejail', see #2038." |
182 | 183 | ||
183 | DISTFILES = "src etc m4 platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh.in COPYING README RELNOTES" | 184 | DISTFILES = "src etc m4 platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh.in COPYING README RELNOTES" |
184 | DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot" | 185 | DISTFILES_TEST = "test/Makefile.in test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot" |
185 | 186 | ||
186 | dist: | 187 | dist: |
187 | mv config.status config.status.old | 188 | mv config.status config.status.old |
@@ -227,45 +228,11 @@ scan-build: clean | |||
227 | # make test | 228 | # make test |
228 | # | 229 | # |
229 | 230 | ||
231 | TESTS=profiles private-lib apps apps-x11 apps-x11-xorg sysutils utils environment filters arguments fs fcopy fnetfilter | ||
232 | TEST_TARGETS=$(patsubst %,test-%,$(TESTS)) | ||
230 | 233 | ||
231 | test-profiles: | 234 | $(TEST_TARGETS): |
232 | cd test/profiles; ./profiles.sh | grep TESTING | 235 | $(MAKE) -C test $(subst test-,,$@) |
233 | |||
234 | test-private-lib: | ||
235 | cd test/private-lib; ./private-lib.sh | grep TESTING | ||
236 | |||
237 | test-apps: | ||
238 | cd test/apps; ./apps.sh | grep TESTING | ||
239 | |||
240 | test-apps-x11: | ||
241 | cd test/apps-x11; ./apps-x11.sh | grep TESTING | ||
242 | |||
243 | test-apps-x11-xorg: | ||
244 | cd test/apps-x11-xorg; ./apps-x11-xorg.sh | grep TESTING | ||
245 | |||
246 | test-sysutils: | ||
247 | cd test/sysutils; ./sysutils.sh | grep TESTING | ||
248 | |||
249 | test-utils: | ||
250 | cd test/utils; ./utils.sh | grep TESTING | ||
251 | |||
252 | test-environment: | ||
253 | cd test/environment; ./environment.sh | grep TESTING | ||
254 | |||
255 | test-filters: | ||
256 | cd test/filters; ./filters.sh | grep TESTING | ||
257 | |||
258 | test-arguments: | ||
259 | cd test/arguments; ./arguments.sh | grep TESTING | ||
260 | |||
261 | test-fs: | ||
262 | cd test/fs; ./fs.sh | grep TESTING | ||
263 | |||
264 | test-fcopy: | ||
265 | cd test/fcopy; ./fcopy.sh | grep TESTING | ||
266 | |||
267 | test-fnetfilter: | ||
268 | cd test/fnetfilter; ./fnetfilter.sh | grep TESTING | ||
269 | 236 | ||
270 | test: test-profiles test-private-lib test-fcopy test-fnetfilter test-fs test-utils test-sysutils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments | 237 | test: test-profiles test-private-lib test-fcopy test-fnetfilter test-fs test-utils test-sysutils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments |
271 | echo "TEST COMPLETE" | 238 | echo "TEST COMPLETE" |
@@ -276,6 +243,9 @@ test-noprofiles: test-private-lib test-fcopy test-fnetfilter test-fs test-utils | |||
276 | test-travis: test-profiles test-fcopy test-fnetfilter test-fs test-utils test-sysutils test-environment test-filters test-arguments | 243 | test-travis: test-profiles test-fcopy test-fnetfilter test-fs test-utils test-sysutils test-environment test-filters test-arguments |
277 | echo "TEST COMPLETE" | 244 | echo "TEST COMPLETE" |
278 | 245 | ||
246 | test-github: test-fcopy test-fnetfilter test-utils test-sysutils test-environment test-arguments | ||
247 | echo "TEST COMPLETE" | ||
248 | |||
279 | ########################################## | 249 | ########################################## |
280 | # Individual tests, some of them require root access | 250 | # Individual tests, some of them require root access |
281 | # The tests are very intrusive, by the time you are done | 251 | # The tests are very intrusive, by the time you are done |
@@ -284,32 +254,32 @@ test-travis: test-profiles test-fcopy test-fnetfilter test-fs test-utils test-sy | |||
284 | 254 | ||
285 | # a firejail-test account is required, public/private key setup | 255 | # a firejail-test account is required, public/private key setup |
286 | test-ssh: | 256 | test-ssh: |
287 | cd test/ssh; ./ssh.sh | grep TESTING | 257 | $(MAKE) -C test $(subst test-,,$@) |
288 | 258 | ||
289 | # requires root access | 259 | # requires root access |
290 | test-chroot: | 260 | test-chroot: |
291 | cd test/chroot; ./chroot.sh | grep testing | 261 | $(MAKE) -C test $(subst test-,,$@) |
292 | 262 | ||
293 | # Huge appimage files, not included in "make dist" archive | 263 | # Huge appimage files, not included in "make dist" archive |
294 | test-appimage: | 264 | test-appimage: |
295 | cd test/appimage; ./appimage.sh | grep TESTING | 265 | $(MAKE) -C test $(subst test-,,$@) |
296 | 266 | ||
297 | # Root access, network devices are created before the test | 267 | # Root access, network devices are created before the test |
298 | # restart your computer to get rid of these devices | 268 | # restart your computer to get rid of these devices |
299 | test-network: | 269 | test-network: |
300 | cd test/network; ./network.sh | grep TESTING | 270 | $(MAKE) -C test $(subst test-,,$@) |
301 | 271 | ||
302 | # requires the same setup as test-network | 272 | # requires the same setup as test-network |
303 | test-stress: | 273 | test-stress: |
304 | cd test/stress; ./stress.sh | grep TESTING | 274 | $(MAKE) -C test $(subst test-,,$@) |
305 | 275 | ||
306 | # Tests running a root user | 276 | # Tests running a root user |
307 | test-root: | 277 | test-root: |
308 | cd test/root; su -c ./root.sh | grep TESTING | 278 | $(MAKE) -C test $(subst test-,,$@) |
309 | 279 | ||
310 | # OverlayFS is not available on all platforms | 280 | # OverlayFS is not available on all platforms |
311 | test-overlay: | 281 | test-overlay: |
312 | cd test/overlay; ./overlay.sh | grep TESTING | 282 | $(MAKE) -C test $(subst test-,,$@) |
313 | 283 | ||
314 | # For testing hidepid system, the command to set it up is "mount -o remount,rw,hidepid=2 /proc" | 284 | # For testing hidepid system, the command to set it up is "mount -o remount,rw,hidepid=2 /proc" |
315 | 285 | ||
@@ -4257,7 +4257,7 @@ fi | |||
4257 | 4257 | ||
4258 | ac_config_files="$ac_config_files mkdeb.sh" | 4258 | ac_config_files="$ac_config_files mkdeb.sh" |
4259 | 4259 | ||
4260 | ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile src/man/Makefile" | 4260 | ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile src/man/Makefile test/Makefile" |
4261 | 4261 | ||
4262 | cat >confcache <<\_ACEOF | 4262 | cat >confcache <<\_ACEOF |
4263 | # This file is a shell script that caches the results of configure | 4263 | # This file is a shell script that caches the results of configure |
@@ -4988,6 +4988,7 @@ do | |||
4988 | "src/fsec-optimize/Makefile") CONFIG_FILES="$CONFIG_FILES src/fsec-optimize/Makefile" ;; | 4988 | "src/fsec-optimize/Makefile") CONFIG_FILES="$CONFIG_FILES src/fsec-optimize/Makefile" ;; |
4989 | "src/profstats/Makefile") CONFIG_FILES="$CONFIG_FILES src/profstats/Makefile" ;; | 4989 | "src/profstats/Makefile") CONFIG_FILES="$CONFIG_FILES src/profstats/Makefile" ;; |
4990 | "src/man/Makefile") CONFIG_FILES="$CONFIG_FILES src/man/Makefile" ;; | 4990 | "src/man/Makefile") CONFIG_FILES="$CONFIG_FILES src/man/Makefile" ;; |
4991 | "test/Makefile") CONFIG_FILES="$CONFIG_FILES test/Makefile" ;; | ||
4991 | 4992 | ||
4992 | *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; | 4993 | *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; |
4993 | esac | 4994 | esac |
diff --git a/configure.ac b/configure.ac index 670a755b1..cefc302f9 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -223,7 +223,7 @@ AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh]) | |||
223 | AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ | 223 | AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ |
224 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ | 224 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ |
225 | src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ | 225 | src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ |
226 | src/profstats/Makefile src/man/Makefile) | 226 | src/profstats/Makefile src/man/Makefile test/Makefile) |
227 | 227 | ||
228 | echo | 228 | echo |
229 | echo "Configuration options:" | 229 | echo "Configuration options:" |
diff --git a/platform/rpm/mkrpm.sh b/platform/rpm/mkrpm.sh index 2bdead7a8..c9b90dbe3 100755 --- a/platform/rpm/mkrpm.sh +++ b/platform/rpm/mkrpm.sh | |||
@@ -44,7 +44,7 @@ sed -e "s/__NAME__/${name}/g" \ | |||
44 | # FIXME: We could parse RELNOTES and create a %changelog section here | 44 | # FIXME: We could parse RELNOTES and create a %changelog section here |
45 | 45 | ||
46 | # Copy the source to build into a tarball | 46 | # Copy the source to build into a tarball |
47 | tar --exclude='./.git*' --exclude='./test' --transform "s/^./${name}-${version}/" -czf ${tmpdir}/SOURCES/${name}-${version}.tar.gz . | 47 | tar --exclude='./.git*' --transform "s/^./${name}-${version}/" -czf ${tmpdir}/SOURCES/${name}-${version}.tar.gz . |
48 | 48 | ||
49 | # Build the files (rpm, debug rpm and source rpm) | 49 | # Build the files (rpm, debug rpm and source rpm) |
50 | rpmbuild --quiet --define "_topdir ${tmpdir}" -ba ${tmp_spec_file} | 50 | rpmbuild --quiet --define "_topdir ${tmpdir}" -ba ${tmp_spec_file} |
diff --git a/test/Makefile.in b/test/Makefile.in new file mode 100644 index 000000000..ef1ca73bc --- /dev/null +++ b/test/Makefile.in | |||
@@ -0,0 +1,10 @@ | |||
1 | TESTS=$(patsubst %/,%,$(wildcard */)) | ||
2 | |||
3 | .PHONY: $(TESTS) | ||
4 | |||
5 | $(TESTS): | ||
6 | cd $@ && ./$@.sh 2>&1 | tee $@.log | ||
7 | cd $@ && grep -a TESTING $@.log && grep -a -L "TESTING ERROR" $@.log | ||
8 | |||
9 | clean: | ||
10 | for test in $(TESTS); do rm -f "$$test/$$test.log"; done | ||
diff --git a/test/sysutils/less.exp b/test/sysutils/less.exp index 2bfb60302..daa666c18 100755 --- a/test/sysutils/less.exp +++ b/test/sysutils/less.exp | |||
@@ -10,6 +10,7 @@ match_max 100000 | |||
10 | send -- "firejail less sysutils.sh\r" | 10 | send -- "firejail less sysutils.sh\r" |
11 | expect { | 11 | expect { |
12 | timeout {puts "TESTING ERROR 1\n";exit} | 12 | timeout {puts "TESTING ERROR 1\n";exit} |
13 | "(press RETURN)" {puts "TESTING SKIP 1.1\n";exit} | ||
13 | "MALLOC_CHECK" | 14 | "MALLOC_CHECK" |
14 | } | 15 | } |
15 | expect { | 16 | expect { |
diff --git a/test/sysutils/xz.exp b/test/sysutils/xz.exp index 63b1ad3c7..074b90076 100755 --- a/test/sysutils/xz.exp +++ b/test/sysutils/xz.exp | |||
@@ -3,7 +3,7 @@ | |||
3 | # Copyright (C) 2014-2020 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 60 |
7 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
@@ -13,6 +13,9 @@ sleep 1 | |||
13 | send -- "firejail /usr/bin/xz -c /usr/bin/firejail > firejail_t2\r" | 13 | send -- "firejail /usr/bin/xz -c /usr/bin/firejail > firejail_t2\r" |
14 | sleep 1 | 14 | sleep 1 |
15 | 15 | ||
16 | send -- "md5sum firejail_t1 firejail_t2; ls -l firejail_t1 firejail_t2\r" | ||
17 | sleep 1 | ||
18 | |||
16 | send -- "diff -s firejail_t1 firejail_t2\r" | 19 | send -- "diff -s firejail_t1 firejail_t2\r" |
17 | expect { | 20 | expect { |
18 | timeout {puts "TESTING ERROR 1\n";exit} | 21 | timeout {puts "TESTING ERROR 1\n";exit} |
diff --git a/test/utils/man.exp b/test/utils/man.exp index 3cde9f2c8..102701a6a 100755 --- a/test/utils/man.exp +++ b/test/utils/man.exp | |||
@@ -10,6 +10,7 @@ match_max 100000 | |||
10 | send -- "man firejail\r" | 10 | send -- "man firejail\r" |
11 | expect { | 11 | expect { |
12 | timeout {puts "TESTING ERROR 0\n";exit} | 12 | timeout {puts "TESTING ERROR 0\n";exit} |
13 | "(press RETURN)" {puts "TESTING SKIP 1.1\n";exit} | ||
13 | "Linux namespaces sandbox program" | 14 | "Linux namespaces sandbox program" |
14 | } | 15 | } |
15 | after 100 | 16 | after 100 |