diff options
-rw-r--r-- | src/firejail/main.c | 6 | ||||
-rwxr-xr-x | test/ignore.exp | 38 | ||||
-rw-r--r-- | test/ignore.profile | 3 | ||||
-rwxr-xr-x | test/test.sh | 3 |
4 files changed, 49 insertions, 1 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 0def00fa8..8d11caef3 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -712,7 +712,11 @@ int main(int argc, char **argv) { | |||
712 | arg_noprofile = 1; | 712 | arg_noprofile = 1; |
713 | } | 713 | } |
714 | else if (strncmp(argv[i], "--ignore=", 9) == 0) { | 714 | else if (strncmp(argv[i], "--ignore=", 9) == 0) { |
715 | char *ptr = argv[i] + 9; | 715 | if (custom_profile) { |
716 | fprintf(stderr, "Error: please use --profile after --include\n"); | ||
717 | exit(1); | ||
718 | } | ||
719 | |||
716 | if (*(argv[i] + 9) == '\0') { | 720 | if (*(argv[i] + 9) == '\0') { |
717 | fprintf(stderr, "Error: invalid ignore option\n"); | 721 | fprintf(stderr, "Error: invalid ignore option\n"); |
718 | exit(1); | 722 | exit(1); |
diff --git a/test/ignore.exp b/test/ignore.exp new file mode 100755 index 000000000..bdbd9d28c --- /dev/null +++ b/test/ignore.exp | |||
@@ -0,0 +1,38 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | send -- "firejail --profile=ignore.profile --ignore=seccomp \r" | ||
8 | expect { | ||
9 | timeout {puts "TESTING ERROR 0\n";exit} | ||
10 | "Error: please use --profile after --include" | ||
11 | } | ||
12 | |||
13 | send -- "firejail --debug --ignore=seccomp\r" | ||
14 | expect { | ||
15 | timeout {puts "TESTING ERROR 1\n";exit} | ||
16 | BLACKLIST {puts "TESTING ERROR 2\n";exit} | ||
17 | "Child process initialized" | ||
18 | } | ||
19 | sleep 1 | ||
20 | send -- "exit\r" | ||
21 | sleep 1 | ||
22 | |||
23 | send -- "firejail --ignore=seccomp --ignore=shell --profile=ignore.profile \r" | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | "Child process initialized" | ||
27 | } | ||
28 | sleep 1 | ||
29 | |||
30 | send -- "ps aux | wc -l\r" | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 4\n";exit} | ||
33 | "4" | ||
34 | } | ||
35 | sleep 1 | ||
36 | |||
37 | |||
38 | puts "\nall done\n" | ||
diff --git a/test/ignore.profile b/test/ignore.profile new file mode 100644 index 000000000..aec231ad2 --- /dev/null +++ b/test/ignore.profile | |||
@@ -0,0 +1,3 @@ | |||
1 | private | ||
2 | seccomp | ||
3 | shell none | ||
diff --git a/test/test.sh b/test/test.sh index c986b5f29..406ef92a3 100755 --- a/test/test.sh +++ b/test/test.sh | |||
@@ -18,6 +18,9 @@ echo "TESTING: invalid filename" | |||
18 | echo "TESTING: environment variables" | 18 | echo "TESTING: environment variables" |
19 | ./env.exp | 19 | ./env.exp |
20 | 20 | ||
21 | echo "TESTING: ignore command" | ||
22 | ./ignore.exp | ||
23 | |||
21 | echo "TESTING: private-etc" | 24 | echo "TESTING: private-etc" |
22 | ./private-etc.exp | 25 | ./private-etc.exp |
23 | 26 | ||