1 files changed, 15 insertions, 156 deletions
diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp
index 071460e4c..09c742378 100755
--- a/test/filters/protocol.exp
+++ b/test/filters/protocol.exp
@@ -7,179 +7,38 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
-send -- "firejail --noprofile --protocol=unix ./syscall_test socket\r"
+send -- "firejail --noprofile --protocol=unix --debug\r"
 expect {
        timeout {puts "TESTING ERROR 1\n";exit}
-        "Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}
+        "0009: 20 00 00 00000000   ld  data.syscall-number"
-        "Child process initialized"
 }
 expect {
-        timeout {puts "TESTING ERROR 1.1\n";exit}
-        "Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}
-        "socket AF_INET"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.2\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.3\n";exit}
-        "socket AF_INET6"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.4\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.5\n";exit}
-        "socket AF_NETLINK"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.6\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.7\n";exit}
-        "socket AF_UNIX"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.8\n";exit}
-        "socket AF_PACKETX"
-}
-expect {
-        timeout {puts "TESTING ERROR 1.9\n";exit}
-        "Operation not supported"
-}
-sleep 1
-send -- "firejail --noprofile --protocol=inet6,packet ./syscall_test socket\r"
-expect {
        timeout {puts "TESTING ERROR 2\n";exit}
-        "Child process initialized"
+        "000a: 15 01 00 00000029   jeq socket 000c (false 000b)"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.1\n";exit}
-        "socket AF_INET"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.2\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.3\n";exit}
-        "socket AF_INET6"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.4\n";exit}
-        "socket AF_NETLINK"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.5\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.6\n";exit}
-        "socket AF_UNIX"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.7\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.8\n";exit}
-        "socket AF_PACKETX"
-}
-expect {
-        timeout {puts "TESTING ERROR 2.9\n";exit}
-        "after socket"
 }
-sleep 1
-# profile testing
-send -- "firejail --profile=protocol1.profile ./syscall_test socket\r"
 expect {
        timeout {puts "TESTING ERROR 3\n";exit}
-        "Child process initialized"
+        "000b: 06 00 00 7fff0000   ret ALLOW"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.1\n";exit}
-        "socket AF_INET"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.2\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.3\n";exit}
-        "socket AF_INET6"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.4\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.5\n";exit}
-        "socket AF_NETLINK"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.6\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.7\n";exit}
-        "socket AF_UNIX"
-}
-expect {
-        timeout {puts "TESTING ERROR 3.8\n";exit}
-        "socket AF_PACKETX"
 }
 expect {
-        timeout {puts "TESTING ERROR 3.9\n";exit}
-        "Operation not supported"
-}
-sleep 1
-send -- "firejail --profile=protocol2.profile ./syscall_test socket\r"
-expect {
        timeout {puts "TESTING ERROR 4\n";exit}
-        "Child process initialized"
+        "000c: 20 00 00 00000010   ld  data.args"
-}
-expect {
-        timeout {puts "TESTING ERROR 4.1\n";exit}
-        "socket AF_INET"
-}
-expect {
-        timeout {puts "TESTING ERROR 4.2\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 4.3\n";exit}
-        "socket AF_INET6"
 }
 expect {
-        timeout {puts "TESTING ERROR 4.4\n";exit}
+        timeout {puts "TESTING ERROR 5\n";exit}
-        "socket AF_NETLINK"
+        "000d: 15 00 01 00000001   jeq 1 000e (false 000f)"
 }
 expect {
-        timeout {puts "TESTING ERROR 4.5\n";exit}
+        timeout {puts "TESTING ERROR 6\n";exit}
-        "Operation not supported"
+        "000e: 06 00 00 7fff0000   ret ALLOW"
+        ""
 }
 expect {
-        timeout {puts "TESTING ERROR 4.6\n";exit}
+        timeout {puts "TESTING ERROR 7\n";exit}
-        "socket AF_UNIX"
+        "000f: 06 00 00 0005005f   ret ERRNO(95)"
 }
-expect {
-        timeout {puts "TESTING ERROR 4.7\n";exit}
-        "Operation not supported"
-}
-expect {
-        timeout {puts "TESTING ERROR 4.8\n";exit}
-        "socket AF_PACKETX"
-}
-expect {
-        timeout {puts "TESTING ERROR 4.9\n";exit}
-        "after socket"
-}
-after 100
+after 100
+send -- "exit\r"
+after 100
 puts "\nall done\n"

diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp index 071460e4c..09c742378 100755 --- a/test/filters/protocol.exp +++ b/test/filters/protocol.exp
@@ -7,179 +7,38 @@ set timeout 10
7	spawn $env(SHELL)	7	spawn $env(SHELL)
8	match_max 100000	8	match_max 100000
9		9
10	send -- "firejail --noprofile --protocol=unix ./syscall_test socket\r"	10	send -- "firejail --noprofile --protocol=unix --debug\r"
11	expect {	11	expect {
12	timeout {puts "TESTING ERROR 1\n";exit}	12	timeout {puts "TESTING ERROR 1\n";exit}
13	"Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}	13	"0009: 20 00 00 00000000 ld data.syscall-number"
14	"Child process initialized"
15	}	14	}
16	expect {	15	expect {
17	timeout {puts "TESTING ERROR 1.1\n";exit}
18	"Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}
19	"socket AF_INET"
20	}
21	expect {
22	timeout {puts "TESTING ERROR 1.2\n";exit}
23	"Operation not supported"
24	}
25	expect {
26	timeout {puts "TESTING ERROR 1.3\n";exit}
27	"socket AF_INET6"
28	}
29	expect {
30	timeout {puts "TESTING ERROR 1.4\n";exit}
31	"Operation not supported"
32	}
33	expect {
34	timeout {puts "TESTING ERROR 1.5\n";exit}
35	"socket AF_NETLINK"
36	}
37	expect {
38	timeout {puts "TESTING ERROR 1.6\n";exit}
39	"Operation not supported"
40	}
41	expect {
42	timeout {puts "TESTING ERROR 1.7\n";exit}
43	"socket AF_UNIX"
44	}
45	expect {
46	timeout {puts "TESTING ERROR 1.8\n";exit}
47	"socket AF_PACKETX"
48	}
49	expect {
50	timeout {puts "TESTING ERROR 1.9\n";exit}
51	"Operation not supported"
52	}
53	sleep 1
54
55	send -- "firejail --noprofile --protocol=inet6,packet ./syscall_test socket\r"
56	expect {
57	timeout {puts "TESTING ERROR 2\n";exit}	16	timeout {puts "TESTING ERROR 2\n";exit}
58	"Child process initialized"	17	"000a: 15 01 00 00000029 jeq socket 000c (false 000b)"
59	}
60	expect {
61	timeout {puts "TESTING ERROR 2.1\n";exit}
62	"socket AF_INET"
63	}
64	expect {
65	timeout {puts "TESTING ERROR 2.2\n";exit}
66	"Operation not supported"
67	}
68	expect {
69	timeout {puts "TESTING ERROR 2.3\n";exit}
70	"socket AF_INET6"
71	}
72	expect {
73	timeout {puts "TESTING ERROR 2.4\n";exit}
74	"socket AF_NETLINK"
75	}
76	expect {
77	timeout {puts "TESTING ERROR 2.5\n";exit}
78	"Operation not supported"
79	}
80	expect {
81	timeout {puts "TESTING ERROR 2.6\n";exit}
82	"socket AF_UNIX"
83	}
84	expect {
85	timeout {puts "TESTING ERROR 2.7\n";exit}
86	"Operation not supported"
87	}
88	expect {
89	timeout {puts "TESTING ERROR 2.8\n";exit}
90	"socket AF_PACKETX"
91	}
92	expect {
93	timeout {puts "TESTING ERROR 2.9\n";exit}
94	"after socket"
95	}	18	}
96	sleep 1
97
98	# profile testing
99	send -- "firejail --profile=protocol1.profile ./syscall_test socket\r"
100	expect {	19	expect {
101	timeout {puts "TESTING ERROR 3\n";exit}	20	timeout {puts "TESTING ERROR 3\n";exit}
102	"Child process initialized"	21	"000b: 06 00 00 7fff0000 ret ALLOW"
103	}
104	expect {
105	timeout {puts "TESTING ERROR 3.1\n";exit}
106	"socket AF_INET"
107	}
108	expect {
109	timeout {puts "TESTING ERROR 3.2\n";exit}
110	"Operation not supported"
111	}
112	expect {
113	timeout {puts "TESTING ERROR 3.3\n";exit}
114	"socket AF_INET6"
115	}
116	expect {
117	timeout {puts "TESTING ERROR 3.4\n";exit}
118	"Operation not supported"
119	}
120	expect {
121	timeout {puts "TESTING ERROR 3.5\n";exit}
122	"socket AF_NETLINK"
123	}
124	expect {
125	timeout {puts "TESTING ERROR 3.6\n";exit}
126	"Operation not supported"
127	}
128	expect {
129	timeout {puts "TESTING ERROR 3.7\n";exit}
130	"socket AF_UNIX"
131	}
132	expect {
133	timeout {puts "TESTING ERROR 3.8\n";exit}
134	"socket AF_PACKETX"
135	}	22	}
136	expect {	23	expect {
137	timeout {puts "TESTING ERROR 3.9\n";exit}
138	"Operation not supported"
139	}
140	sleep 1
141
142	send -- "firejail --profile=protocol2.profile ./syscall_test socket\r"
143	expect {
144	timeout {puts "TESTING ERROR 4\n";exit}	24	timeout {puts "TESTING ERROR 4\n";exit}
145	"Child process initialized"	25	"000c: 20 00 00 00000010 ld data.args"
146	}
147	expect {
148	timeout {puts "TESTING ERROR 4.1\n";exit}
149	"socket AF_INET"
150	}
151	expect {
152	timeout {puts "TESTING ERROR 4.2\n";exit}
153	"Operation not supported"
154	}
155	expect {
156	timeout {puts "TESTING ERROR 4.3\n";exit}
157	"socket AF_INET6"
158	}	26	}
159	expect {	27	expect {
160	timeout {puts "TESTING ERROR 4.4\n";exit}	28	timeout {puts "TESTING ERROR 5\n";exit}
161	"socket AF_NETLINK"	29	"000d: 15 00 01 00000001 jeq 1 000e (false 000f)"
162	}	30	}
163	expect {	31	expect {
164	timeout {puts "TESTING ERROR 4.5\n";exit}	32	timeout {puts "TESTING ERROR 6\n";exit}
165	"Operation not supported"	33	"000e: 06 00 00 7fff0000 ret ALLOW"
		34	""
166	}	35	}
167	expect {	36	expect {
168	timeout {puts "TESTING ERROR 4.6\n";exit}	37	timeout {puts "TESTING ERROR 7\n";exit}
169	"socket AF_UNIX"	38	"000f: 06 00 00 0005005f ret ERRNO(95)"
170	}	39	}
171	expect {
172	timeout {puts "TESTING ERROR 4.7\n";exit}
173	"Operation not supported"
174	}
175	expect {
176	timeout {puts "TESTING ERROR 4.8\n";exit}
177	"socket AF_PACKETX"
178	}
179	expect {
180	timeout {puts "TESTING ERROR 4.9\n";exit}
181	"after socket"
182	}
183	after 100
184		40
		41	after 100
		42	send -- "exit\r"
		43	after 100
185	puts "\nall done\n"	44	puts "\nall done\n"