22 files changed, 171 insertions, 910 deletions

diff --git a/test/filters/apparmor.exp b/test/filters/apparmor.exp
deleted file mode 100755
index a8f73c797..000000000
--- a/test/filters/apparmor.exp
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send --  "firejail --name=test1 --apparmor\r"
-expect {
-        timeout {puts "TESTING ERROR 0\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-
-spawn $env(SHELL)
-send --  "firejail --name=test2 --apparmor\r"
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-
-spawn $env(SHELL)
-send --  "firemon --apparmor\r"
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "test1:firejail --name=test1 --apparmor"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "AppArmor: firejail-default//&unconfined enforce"
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        "test2:firejail --name=test2 --apparmor"
-}
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "AppArmor: firejail-default//&unconfined enforce"
-}
-after 100
-
-send -- "firejail --apparmor.print=test1\r"
-expect {
-        timeout {puts "TESTING ERROR 6\n";exit}
-        "AppArmor: firejail-default//&unconfined enforce"
-}
-after 100
-
-send -- "firejail --apparmor.print=test2\r"
-expect {
-        timeout {puts "TESTING ERROR 7\n";exit}
-        "AppArmor: firejail-default//&unconfined enforce"
-}
-after 100
-
-puts "\nall done\n"
diff --git a/test/filters/block-secondary.profile b/test/filters/block-secondary.profile
deleted file mode 100644
index e32056c3d..000000000
--- a/test/filters/block-secondary.profile
+++ /dev/null
@@ -1 +0,0 @@
-seccomp.block-secondary
diff --git a/test/filters/caps-join.exp b/test/filters/caps-join.exp
deleted file mode 100755
index 1830143fb..000000000
--- a/test/filters/caps-join.exp
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-
-set timeout 10
-match_max 100000
-spawn $env(SHELL)
-set id1 $spawn_id
-spawn $env(SHELL)
-set id2 $spawn_id
-
-send -- "stty -echo\r"
-after 100
-
-#
-# regular run
-#
-set spawn_id $id1
-send --  "firejail --name=jointesting\r"
-expect {
-        timeout {puts "TESTING ERROR 0\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-
-set spawn_id $id2
-
-send --  "firejail --join=jointesting cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        "CapBnd:        0000000000000000"
-}
-sleep 1
-
-set spawn_id $id1
-send -- "exit\r"
-after 100
-
-#
-# no caps
-#
-set spawn_id $id1
-send --  "firejail --name=jointesting --noprofile\r"
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-
-set spawn_id $id2
-
-send --  "firejail --join=jointesting cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "CapBnd:"
-}
-expect {
-        timeout {puts "TESTING ERROR 12\n";exit}
-        "fffffffff"
-}
-expect {
-        timeout {puts "TESTING ERROR 13\n";exit}
-        "CapAmb:"
-}
-sleep 1
-
-set spawn_id $id1
-send -- "exit\r"
-after 100
-
-#
-# no caps
-#
-set spawn_id $id1
-send --  "firejail --name=jointesting --noprofile --caps.keep=chown,fowner\r"
-expect {
-        timeout {puts "TESTING ERROR20\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-
-set spawn_id $id2
-
-send --  "firejail --join=jointesting cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 21\n";exit}
-        "CapBnd:        0000000000000009"
-}
-sleep 1
-
-set spawn_id $id1
-send -- "exit\r"
-after 100
-
-puts "all done\n"
diff --git a/test/filters/caps-print.exp b/test/filters/caps-print.exp
deleted file mode 100755
index b403f9ffe..000000000
--- a/test/filters/caps-print.exp
+++ /dev/null
@@ -1,103 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send -- "firejail --name=test --noprofile --caps --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 0\n";exit}
-        "Drop CAP_SYS_MODULE"
-}
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        "Drop CAP_SYS_RAWIO"
-}
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "Drop CAP_SYS_BOOT"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "Drop CAP_SYS_NICE"
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        "Drop CAP_SYS_TTY_CONFIG"
-}
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "Drop CAP_SYSLOG"
-}
-expect {
-        timeout {puts "TESTING ERROR 6\n";exit}
-        "Drop CAP_MKNOD"
-}
-expect {
-        timeout {puts "TESTING ERROR 7\n";exit}
-        "Drop CAP_SYS_ADMIN"
-}
-expect {
-        timeout {puts "TESTING ERROR 8\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-
-spawn $env(SHELL)
-send -- "firejail --caps.print=test\r"
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "chown               - enabled"
-}
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        "setgid              - enabled"
-}
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "setuid              - enabled"
-}
-expect {
-        timeout {puts "TESTING ERROR 12\n";exit}
-        "mknod               - disabled"
-}
-expect {
-        timeout {puts "TESTING ERROR 13\n";exit}
-        "syslog              - disabled"
-}
-after 100
-
-send -- "firejail --debug-caps\r"
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "21     - sys_admin"
-}
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "22     - sys_boot"
-}
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "23     - sys_nice"
-}
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "24     - sys_resource"
-}
-after 100
-
-send -- "firejail --caps.keep=\"bla bla bla\"\r"
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        "capability"
-}
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "not found"
-}
-
-after 100
-puts "\nall done\n"
diff --git a/test/filters/caps.exp b/test/filters/caps.exp
deleted file mode 100755
index dbd63efda..000000000
--- a/test/filters/caps.exp
+++ /dev/null
@@ -1,139 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send -- "firejail --caps.keep=chown,fowner --noprofile\r"
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-after 100
-
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "CapBnd:        0000000000000009"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "Seccomp:"
-}
-send -- "exit\r"
-sleep 1
-
-send -- "firejail --caps.drop=all --noprofile\r"
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-after 100
-
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "CapBnd:        0000000000000000"
-}
-expect {
-        timeout {puts "TESTING ERROR 6\n";exit}
-        "Seccomp:"
-}
-send -- "exit\r"
-sleep 1
-
-send -- "firejail --caps.drop=chown,dac_override,dac_read_search,fowner --noprofile\r"
-expect {
-        timeout {puts "TESTING ERROR 7\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-after 100
-
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 8\n";exit}
-        "CapBnd:"
-}
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "fffffff0"
-}
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        "Seccomp:"
-}
-send -- "exit\r"
-sleep 1
-
-
-send -- "firejail --profile=caps1.profile --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "Drop CAP_SYS_MODULE"
-}
-expect {
-        timeout {puts "TESTING ERROR 12\n";exit}
-        "Drop CAP_SYS_ADMIN"
-}
-expect {
-        timeout {puts "TESTING ERROR 13\n";exit}
-        "Drop CAP_" {puts "TESTING ERROR 14\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-after 100
-send -- "exit\r"
-sleep 1
-
-
-## tofix: possible problem with caps.keep in profile files
-##send -- "firejail --caps.keep=chown,fowner --noprofile\r"
-#send -- "firejail --profile=caps2.profile\r"
-#expect {
-#       timeout {puts "TESTING ERROR 15\n";exit}
-#       -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-#}
-#after 100
-#
-#send -- "cat /proc/self/status\r"
-#expect {
-#       timeout {puts "TESTING ERROR 16\n";exit}
-#       "CapBnd:        0000000000000009"
-#}
-#expect {
-#       timeout {puts "TESTING ERROR 17\n";exit}
-#       "Seccomp:"
-#}
-#send -- "exit\r"
-#sleep 1
-
-#send -- "firejail --caps.drop=chown,dac_override,dac_read_search,fowner --noprofile\r"
-send -- "firejail --profile=caps3.profile\r"
-expect {
-        timeout {puts "TESTING ERROR 18\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-after 100
-
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 19\n";exit}
-        "CapBnd:"
-}
-expect {
-        timeout {puts "TESTING ERROR 20\n";exit}
-        "fffffff0"
-}
-expect {
-        timeout {puts "TESTING ERROR 21\n";exit}
-        "Seccomp:"
-}
-send -- "exit\r"
-sleep 1
-
-
-
-after 100
-puts "\nall done\n"
diff --git a/test/filters/caps1.profile b/test/filters/caps1.profile
deleted file mode 100644
index 8b0c3b340..000000000
--- a/test/filters/caps1.profile
+++ /dev/null
@@ -1 +0,0 @@
-caps
diff --git a/test/filters/caps2.profile b/test/filters/caps2.profile
deleted file mode 100644
index ad49719f1..000000000
--- a/test/filters/caps2.profile
+++ /dev/null
@@ -1 +0,0 @@
-caps.drop chown,dac_override,dac_read_search,fowner
diff --git a/test/filters/caps3.profile b/test/filters/caps3.profile
deleted file mode 100644
index ad49719f1..000000000
--- a/test/filters/caps3.profile
+++ /dev/null
@@ -1 +0,0 @@
-caps.drop chown,dac_override,dac_read_search,fowner
diff --git a/test/filters/filters.sh b/test/filters/filters.sh
index 1d145ac4b..56c97482e 100755
--- a/test/filters/filters.sh
+++ b/test/filters/filters.sh
@@ -13,12 +13,12 @@ if [[ -f /etc/debian_version ]]; then
 fi
 export PATH="$PATH:/usr/lib/firejail:/usr/lib64/firejail"
 
-if [[ -f /sys/kernel/security/apparmor/profiles ]]; then
-        echo "TESTING: apparmor (test/filters/apparmor.exp)"
-        ./apparmor.exp
-else
-        echo "TESTING SKIP: no apparmor support in Linux kernel (test/filters/apparmor.exp)"
-fi
+#if [[ -f /sys/kernel/security/apparmor/profiles ]]; then
+#       echo "TESTING: apparmor (test/filters/apparmor.exp)"
+#       ./apparmor.exp
+#else
+#       echo "TESTING SKIP: no apparmor support in Linux kernel (test/filters/apparmor.exp)"
+#fi
 
 if [[ $(uname -m) == "x86_64" ]]; then
         echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)"
@@ -53,22 +53,19 @@ fi
 echo "TESTING: seccomp postexec (test/filters/seccomp-postexec.exp)"
 ./seccomp-postexec.exp
 
-echo "TESTING: noroot (test/filters/noroot.exp)"
-./noroot.exp
-
-
-if grep -q "^CapBnd:\\s0000003fffffffff" /proc/self/status; then
-        echo "TESTING: capabilities (test/filters/caps.exp)"
-        ./caps.exp
-else
-        echo "TESTING SKIP: other capabilities than expected (test/filters/caps.exp)"
-fi
-
-echo "TESTING: capabilities print (test/filters/caps-print.exp)"
-./caps-print.exp
 
-echo "TESTING: capabilities join (test/filters/caps-join.exp)"
-./caps-join.exp
+#if grep -q "^CapBnd:\\s0000003fffffffff" /proc/self/status; then
+#       echo "TESTING: capabilities (test/filters/caps.exp)"
+#       ./caps.exp
+#else
+#       echo "TESTING SKIP: other capabilities than expected (test/filters/caps.exp)"
+#fi
+#
+#echo "TESTING: capabilities print (test/filters/caps-print.exp)"
+#./caps-print.exp
+#
+#echo "TESTING: capabilities join (test/filters/caps-join.exp)"
+#./caps-join.exp
 
 rm -f seccomp-test-file
 if [[ $(uname -m) == "x86_64" ]]; then
diff --git a/test/filters/memwrexe b/test/filters/memwrexe
deleted file mode 100755
index 1173cdc07..000000000
--- a/test/filters/memwrexe
+++ /dev/null
diff --git a/test/filters/memwrexe.c b/test/filters/memwrexe.c
deleted file mode 100644
index 548320df9..000000000
--- a/test/filters/memwrexe.c
+++ /dev/null
@@ -1,105 +0,0 @@
-// This file is part of Firejail project
-// Copyright (C) 2014-2023 Firejail Authors
-// License GPL v2
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <sys/mman.h>
-#include <sys/syscall.h>
-
-static void usage(void) {
-        printf("memwrexe options\n");
-        printf("where options is:\n");
-        printf("\tmmap - mmap test\n");
-        printf("\tmprotect - mprotect test\n");
-        printf("\tmemfd_create - memfd_create test\n");
-}
-
-int main(int argc, char **argv) {
-        if (argc != 2) {
-                fprintf(stderr, "TESTING ERROR: memwrexe insufficient params\n");
-                usage();
-                return 1;
-        }
-
-        if (strcmp(argv[1], "mmap") == 0) {
-                // open some file
-                int fd = open("memwrexe.c", O_RDONLY);
-                if (fd == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-
-                int size = lseek(fd, 0, SEEK_END);
-                if (size == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-
-                void *p = mmap (0, size, PROT_WRITE|PROT_READ|PROT_EXEC, MAP_SHARED, fd, 0);
-                if (p == MAP_FAILED) {
-                        printf("mmap failed\n");
-                        return 0;
-                }
-
-                printf("mmap successful\n");
-
-                // wait for expect to timeout
-                sleep(100);
-
-                return 0;
-        }
-
-        else if (strcmp(argv[1], "mprotect") == 0) {
-                // open some file
-                int fd = open("memwrexe.c", O_RDWR);
-                if (fd == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-
-                int size = lseek(fd, 0, SEEK_END);
-                if (size == -1) {
-                        fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
-                        return 1;
-                }
-
-                void *p = mmap (0, size, PROT_READ, MAP_SHARED, fd, 0);
-                if (p == MAP_FAILED) {
-                        fprintf(stderr, "TESTING ERROR: cannot map file for mprotect test\n");
-                        return 1;
-                }
-
-                int rv = mprotect(p, size, PROT_READ|PROT_WRITE|PROT_EXEC);
-                if (rv) {
-                        printf("mprotect failed\n");
-                        return 1;
-                }
-
-                printf("mprotect successful\n");
-
-                // wait for expect to timeout
-                sleep(100);
-
-                return 0;
-        }
-
-        else if (strcmp(argv[1], "memfd_create") == 0) {
-                int fd = syscall(SYS_memfd_create, "memfd_create", 0);
-                if (fd == -1) {
-                        printf("memfd_create failed\n");
-                        return 1;
-                }
-                printf("memfd_create successful\n");
-
-                // wait for expect to timeout
-                sleep(100);
-
-                return 0;
-        }
-}
diff --git a/test/filters/memwrexe.exp b/test/filters/memwrexe.exp
deleted file mode 100755
index e51b3372e..000000000
--- a/test/filters/memwrexe.exp
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send --  "firejail --memory-deny-write-execute ./memwrexe mmap\r"
-expect {
-        timeout {puts "TESTING ERROR 0\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        "mmap successful" {puts "TESTING ERROR 2\n";exit}
-        "Parent is shutting down"
-}
-after 100
-
-send --  "firejail --memory-deny-write-execute ./memwrexe mprotect\r"
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "mprotect successful" {puts "TESTING ERROR 12\n";exit}
-        "Parent is shutting down"
-}
-after 100
-
-send --  "firejail --memory-deny-write-execute ./memwrexe memfd_create\r"
-expect {
-        timeout {puts "TESTING ERROR 20\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 21\n";exit}
-        "memfd_create successful" {puts "TESTING ERROR 22\n";exit}
-        "Parent is shutting down"
-}
-
-after 100
-puts "\nall done\n"
diff --git a/test/filters/namespaces b/test/filters/namespaces
index 721ba092e..6d36ae8e9 100755
--- a/test/filters/namespaces
+++ b/test/filters/namespaces
diff --git a/test/filters/namespaces-32 b/test/filters/namespaces-32
index 4df674d1b..a5ba488a4 100755
--- a/test/filters/namespaces-32
+++ b/test/filters/namespaces-32
diff --git a/test/filters/namespaces-32.exp b/test/filters/namespaces-32.exp
index 3b618bd01..f2310db3b 100755
--- a/test/filters/namespaces-32.exp
+++ b/test/filters/namespaces-32.exp
@@ -20,7 +20,7 @@ expect {
         timeout {puts "TESTING ERROR 1\n";exit}
         "clone successful"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces ./namespaces-32 clone user\r"
 expect {
@@ -31,7 +31,7 @@ expect {
         timeout {puts "TESTING ERROR 3\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces-32 clone user\r"
 expect {
@@ -42,7 +42,7 @@ expect {
         timeout {puts "TESTING ERROR 5\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces-32 clone cgroup,ipc,mnt,net,pid,user,uts\r"
 expect {
@@ -53,9 +53,9 @@ expect {
         timeout {puts "TESTING ERROR 7\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 clone cgroup\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 clone cgroup,user\r"
 expect {
         timeout {puts "TESTING ERROR 8\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -64,9 +64,9 @@ expect {
         timeout {puts "TESTING ERROR 9\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 clone ipc\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 clone ipc,user\r"
 expect {
         timeout {puts "TESTING ERROR 10\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -75,9 +75,9 @@ expect {
         timeout {puts "TESTING ERROR 11\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 clone mnt,net,pid,uts\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 clone mnt,net,pid,user,uts\r"
 expect {
         timeout {puts "TESTING ERROR 12\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -86,7 +86,7 @@ expect {
         timeout {puts "TESTING ERROR 13\n";exit}
         "clone successful"
 }
-after 100
+after 200
 
 #
 # unshare
@@ -101,7 +101,7 @@ expect {
         timeout {puts "TESTING ERROR 15\n";exit}
         "unshare successful"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces ./namespaces-32 unshare user\r"
 expect {
@@ -112,7 +112,7 @@ expect {
         timeout {puts "TESTING ERROR 17\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces-32 unshare user\r"
 expect {
@@ -123,7 +123,7 @@ expect {
         timeout {puts "TESTING ERROR 19\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces-32 unshare cgroup,ipc,mnt,net,pid,user,uts\r"
 expect {
@@ -134,9 +134,9 @@ expect {
         timeout {puts "TESTING ERROR 21\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 unshare cgroup\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 unshare cgroup,user\r"
 expect {
         timeout {puts "TESTING ERROR 22\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -145,9 +145,9 @@ expect {
         timeout {puts "TESTING ERROR 23\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 unshare ipc\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 unshare ipc,user\r"
 expect {
         timeout {puts "TESTING ERROR 24\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -156,9 +156,9 @@ expect {
         timeout {puts "TESTING ERROR 25\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 unshare mnt,net,pid,uts\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces-32 unshare mnt,net,pid,user,uts\r"
 expect {
         timeout {puts "TESTING ERROR 26\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -167,7 +167,47 @@ expect {
         timeout {puts "TESTING ERROR 27\n";exit}
         "unshare successful"
 }
+after 200
 
 
-after 100
+#
+# clone3
+#
+
+send --  "firejail --noprofile ./namespaces-32 clone3 cgroup,ipc,mnt,net,pid,user,uts\r"
+expect {
+        timeout {puts "TESTING ERROR 28\n";exit}
+        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+expect {
+        timeout {puts "TESTING ERROR 29\n";exit}
+        "Error: clone3: Function not implemented" {puts "OK, clone3 not available on this system\n"}
+        "clone3 successful" {
+                after 200
+
+                send --  "firejail --noprofile --restrict-namespaces ./namespaces-32 clone3 user\r"
+                expect {
+                        timeout {puts "TESTING ERROR 30\n";exit}
+                        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+                }
+                expect {
+                        timeout {puts "TESTING ERROR 31\n";exit}
+                        "Error: clone3: Function not implemented"
+                }
+                after 200
+
+                # clone3 arguments are not checked
+                send --  "firejail --noprofile --restrict-namespaces=mnt ./namespaces-32 clone3 cgroup,ipc,net,pid,user,uts\r"
+                expect {
+                        timeout {puts "TESTING ERROR 32\n";exit}
+                        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+                }
+                expect {
+                        timeout {puts "TESTING ERROR 33\n";exit}
+                        "Error: clone3: Function not implemented"
+                }
+        }
+}
+
+after 200
 puts "\nall done\n"
diff --git a/test/filters/namespaces.c b/test/filters/namespaces.c
index ecf0fdcd1..18ebc8faa 100644
--- a/test/filters/namespaces.c
+++ b/test/filters/namespaces.c
@@ -1,21 +1,29 @@
 #define _GNU_SOURCE
 #include <errno.h>
-#include <sched.h>
+#include <linux/sched.h>
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/mman.h>
+#include <sys/wait.h>
 #include <unistd.h>
 
+#include <sched.h>
 #ifndef CLONE_NEWTIME
 #define CLONE_NEWTIME 0x00000080
 #endif
 
+#include <sys/syscall.h>
+#ifndef __NR_clone3
+#define __NR_clone3 435
+#endif
+
 #define STACK_SIZE 1024 * 1024
 
+
 static int usage() {
-        fprintf(stderr, "Usage: namespaces <system call>[clone,unshare] <list of namespaces>[cgroup,ipc,mnt,net,pid,time,user,uts]\n");
+        fprintf(stderr, "Usage: namespaces <system call>[clone,clone3,unshare] <list of namespaces>[cgroup,ipc,mnt,net,pid,time,user,uts]\n");
         exit(1);
 }
 
@@ -71,8 +79,11 @@ int main (int argc, char **argv) {
                 usage();
 
         int flags = ns_flags(argv[2]);
-        if (getuid() != 0)
-                flags |= CLONE_NEWUSER;
+
+        if (getuid() != 0 && (flags & CLONE_NEWUSER) != CLONE_NEWUSER) {
+                fprintf(stderr, "Error: add \"user\" to namespaces list\n");
+                exit(1);
+        }
 
         if (strcmp(argv[1], "clone") == 0) {
                 void *stack = mmap(NULL, STACK_SIZE, PROT_READ | PROT_WRITE,
@@ -80,8 +91,25 @@ int main (int argc, char **argv) {
                 if (stack == MAP_FAILED)
                         die("mmap");
 
-                if (clone(child, stack + STACK_SIZE, flags | SIGCHLD, NULL) < 0)
+                pid_t pid = clone(child, stack + STACK_SIZE, flags | SIGCHLD, NULL);
+                if (pid < 0)
                         die("clone");
+                waitpid(pid, NULL, 0);
+        }
+        else if (strcmp(argv[1], "clone3") == 0) {
+                struct clone_args args = {
+                        .flags = flags,
+                        .exit_signal = SIGCHLD,
+                };
+
+                pid_t pid = syscall(__NR_clone3, &args, sizeof(struct clone_args));
+                if (pid < 0)
+                        die("clone3");
+                if (pid == 0) {
+                        fprintf(stderr, "clone3 successful\n");
+                        exit(0);
+                }
+                waitpid(pid, NULL, 0);
         }
         else if (strcmp(argv[1], "unshare") == 0) {
                 if (unshare(flags))
diff --git a/test/filters/namespaces.exp b/test/filters/namespaces.exp
index 96e4a774a..394826de7 100755
--- a/test/filters/namespaces.exp
+++ b/test/filters/namespaces.exp
@@ -20,7 +20,7 @@ expect {
         timeout {puts "TESTING ERROR 1\n";exit}
         "clone successful"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces ./namespaces clone user\r"
 expect {
@@ -31,7 +31,7 @@ expect {
         timeout {puts "TESTING ERROR 3\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces clone user\r"
 expect {
@@ -42,7 +42,7 @@ expect {
         timeout {puts "TESTING ERROR 5\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces clone cgroup,ipc,mnt,net,pid,user,uts\r"
 expect {
@@ -53,9 +53,9 @@ expect {
         timeout {puts "TESTING ERROR 7\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces clone cgroup\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces clone cgroup,user\r"
 expect {
         timeout {puts "TESTING ERROR 8\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -64,9 +64,9 @@ expect {
         timeout {puts "TESTING ERROR 9\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces clone ipc\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces clone ipc,user\r"
 expect {
         timeout {puts "TESTING ERROR 10\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -75,9 +75,9 @@ expect {
         timeout {puts "TESTING ERROR 11\n";exit}
         "Error: clone: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces clone mnt,net,pid,uts\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces clone mnt,net,pid,user,uts\r"
 expect {
         timeout {puts "TESTING ERROR 12\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -86,7 +86,7 @@ expect {
         timeout {puts "TESTING ERROR 13\n";exit}
         "clone successful"
 }
-after 100
+after 200
 
 #
 # unshare
@@ -101,7 +101,7 @@ expect {
         timeout {puts "TESTING ERROR 15\n";exit}
         "unshare successful"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces ./namespaces unshare user\r"
 expect {
@@ -112,7 +112,7 @@ expect {
         timeout {puts "TESTING ERROR 17\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces unshare user\r"
 expect {
@@ -123,7 +123,7 @@ expect {
         timeout {puts "TESTING ERROR 19\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
 send --  "firejail --noprofile --restrict-namespaces=user ./namespaces unshare cgroup,ipc,mnt,net,pid,user,uts\r"
 expect {
@@ -134,9 +134,9 @@ expect {
         timeout {puts "TESTING ERROR 21\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces unshare cgroup\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces unshare cgroup,user\r"
 expect {
         timeout {puts "TESTING ERROR 22\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -145,9 +145,9 @@ expect {
         timeout {puts "TESTING ERROR 23\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces unshare ipc\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces unshare ipc,user\r"
 expect {
         timeout {puts "TESTING ERROR 24\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -156,9 +156,9 @@ expect {
         timeout {puts "TESTING ERROR 25\n";exit}
         "Error: unshare: Operation not permitted"
 }
-after 100
+after 200
 
-send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces unshare mnt,net,pid,uts\r"
+send --  "firejail --noprofile --restrict-namespaces=cgroup,ipc ./namespaces unshare mnt,net,pid,user,uts\r"
 expect {
         timeout {puts "TESTING ERROR 26\n";exit}
         -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
@@ -167,7 +167,47 @@ expect {
         timeout {puts "TESTING ERROR 27\n";exit}
         "unshare successful"
 }
+after 200
 
 
-after 100
+#
+# clone3
+#
+
+send --  "firejail --noprofile ./namespaces clone3 cgroup,ipc,mnt,net,pid,user,uts\r"
+expect {
+        timeout {puts "TESTING ERROR 28\n";exit}
+        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+expect {
+        timeout {puts "TESTING ERROR 29\n";exit}
+        "Error: clone3: Function not implemented" {puts "OK, clone3 not available on this system\n"}
+        "clone3 successful" {
+                after 200
+
+                send --  "firejail --noprofile --restrict-namespaces ./namespaces clone3 user\r"
+                expect {
+                        timeout {puts "TESTING ERROR 30\n";exit}
+                        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+                }
+                expect {
+                        timeout {puts "TESTING ERROR 31\n";exit}
+                        "Error: clone3: Function not implemented"
+                }
+                after 200
+
+                # clone3 arguments are not checked
+                send --  "firejail --noprofile --restrict-namespaces=mnt ./namespaces clone3 cgroup,ipc,net,pid,user,uts\r"
+                expect {
+                        timeout {puts "TESTING ERROR 32\n";exit}
+                        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+                }
+                expect {
+                        timeout {puts "TESTING ERROR 33\n";exit}
+                        "Error: clone3: Function not implemented"
+                }
+        }
+}
+
+after 200
 puts "\nall done\n"
diff --git a/test/filters/noroot.exp b/test/filters/noroot.exp
deleted file mode 100755
index 8a8842cd9..000000000
--- a/test/filters/noroot.exp
+++ /dev/null
@@ -1,136 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send -- "firejail --name=test --noroot --noprofile\r"
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-
-# check seccomp disabled and all caps enabled
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "CapBnd:"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "ffffffff"
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        "Seccomp:"
-}
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "0"
-}
-expect {
-        timeout {puts "TESTING ERROR 6\n";exit}
-        "Cpus_allowed:"
-}
-puts "\n"
-
-send -- "whoami\r"
-expect {
-        timeout {puts "TESTING ERROR 7\n";exit}
-        $env(USER)
-}
-send -- "sudo -s\r"
-expect {
-        timeout {puts "TESTING ERROR 8\n";exit}
-        "effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-}
-
-send -- "sudo su -\r"
-expect {
-        timeout {puts "TESTING ERROR 9\n";exit}
-        "effective uid is not 0" {puts "OK\n"}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-}
-
-send -- "sudo ls\r"
-expect {
-        timeout {puts "TESTING ERROR 10\n";exit}
-        "effective uid is not 0" {puts "OK\n"}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-}
-
-send -- "cat /proc/self/uid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "1"
-}
-send -- "cat /proc/self/gid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 12\n";exit}
-        "9"
-}
-
-
-
-spawn $env(SHELL)
-send -- "firejail --debug --join=test\r"
-expect {
-        timeout {puts "TESTING ERROR 13\n";exit}
-        "Joining user namespace"
-}
-expect {
-        timeout {puts "TESTING ERROR 14\n";exit}
-        "Child process initialized"
-}
-sleep 1
-
-send -- "sudo -s\r"
-expect {
-        timeout {puts "TESTING ERROR 15\n";exit}
-        "effective uid is not 0, is sudo installed setuid root?" { puts "OK\n";}
-        "sudo must be owned by uid 0 and have the setuid bit set" { puts "OK\n";}
-        "Permission denied" { puts "OK\n";}
-}
-send -- "cat /proc/self/uid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 16\n";exit}
-        "1"
-}
-send -- "cat /proc/self/gid_map | wc -l\r"
-expect {
-        timeout {puts "TESTING ERROR 17\n";exit}
-        "9"
-}
-
-# check seccomp disabled and all caps enabled
-send -- "cat /proc/self/status\r"
-expect {
-        timeout {puts "TESTING ERROR 18\n";exit}
-        "CapBnd:"
-}
-expect {
-        timeout {puts "TESTING ERROR 19\n";exit}
-        "ffffffff"
-}
-expect {
-        timeout {puts "TESTING ERROR 20\n";exit}
-        "Seccomp:"
-}
-expect {
-        timeout {puts "TESTING ERROR 21\n";exit}
-        "0"
-}
-expect {
-        timeout {puts "TESTING ERROR 22\n";exit}
-        "Cpus_allowed:"
-}
-puts "\n"
-
-
-after 100
-puts "\nall done\n"
diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp
deleted file mode 100755
index 5320dde6f..000000000
--- a/test/filters/protocol.exp
+++ /dev/null
@@ -1,97 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2023 Firejail Authors
-# License GPL v2
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send -- "firejail --noprofile --protocol=unix --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        "0009: 20 00 00 00000000"
-}
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "000f: 20 00 00 00000010"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "0010: 15 00 01 00000001"
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
-        "0011: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "0012: 06 00 00 0005005f"
-}
-
-after 100
-send -- "exit\r"
-sleep 1
-
-send -- "firejail --noprofile --protocol=bluetooth --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 11\n";exit}
-        "0009: 20 00 00 00000000"
-}
-expect {
-        timeout {puts "TESTING ERROR 12\n";exit}
-        "000f: 20 00 00 00000010"
-}
-expect {
-        timeout {puts "TESTING ERROR 13\n";exit}
-        "0010: 15 00 01 0000001f"
-}
-expect {
-        timeout {puts "TESTING ERROR 14\n";exit}
-        "0011: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR1 5\n";exit}
-        "0012: 06 00 00 0005005f"
-}
-
-after 100
-send -- "exit\r"
-sleep 1
-
-send -- "firejail --noprofile --protocol=inet,inet6 --debug\r"
-expect {
-        timeout {puts "TESTING ERROR 31\n";exit}
-        "0009: 20 00 00 00000000"
-}
-expect {
-        timeout {puts "TESTING ERROR 32\n";exit}
-        "000f: 20 00 00 00000010"
-}
-expect {
-        timeout {puts "TESTING ERROR 33\n";exit}
-        "0010: 15 00 01 00000002"
-}
-expect {
-        timeout {puts "TESTING ERROR 34\n";exit}
-        "0011: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR1 35\n";exit}
-        "0012: 15 00 01 0000000a"
-}
-expect {
-        timeout {puts "TESTING ERROR 36\n";exit}
-        "0013: 06 00 00 7fff0000"
-}
-expect {
-        timeout {puts "TESTING ERROR 37\n";exit}
-        "0014: 06 00 00 0005005f"
-}
-
-after 100
-send -- "exit\r"
-
-
-after 100
-puts "\nall done\n"
diff --git a/test/filters/protocol1.profile b/test/filters/protocol1.profile
deleted file mode 100644
index 3e1ea2a29..000000000
--- a/test/filters/protocol1.profile
+++ /dev/null
@@ -1 +0,0 @@
-protocol unix
diff --git a/test/filters/protocol2.profile b/test/filters/protocol2.profile
deleted file mode 100644
index b7eb4ab91..000000000
--- a/test/filters/protocol2.profile
+++ /dev/null
@@ -1 +0,0 @@
-protocol inet6,packet
diff --git a/test/filters/seccomp-debug.exp b/test/filters/seccomp-debug.exp
index dc6befcfe..33a992a93 100755
--- a/test/filters/seccomp-debug.exp
+++ b/test/filters/seccomp-debug.exp
@@ -97,61 +97,4 @@ expect {
 }
 after 100
 
-# memory-deny-write-execute
-send --  "firejail --debug --memory-deny-write-execute sleep 1; echo done\r"
-expect {
-        timeout {puts "TESTING ERROR 24\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 25\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.mdwx seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 26\n";exit}
-        "done"
-}
-
-
-# 64 bit architecture - seccomp.block-secondary
-send --  "firejail --debug --seccomp.block-secondary sleep 1; echo done\r"
-expect {
-        timeout {puts "TESTING ERROR 27\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 28\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 29\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 30\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 31\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 32\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.protocol seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 33\n";exit}
-        "done"
-}
-after 100
-
-# 64 bit architecture - seccomp.block-secondary, profile
-send --  "firejail --debug --profile=block-secondary.profile sleep 1; echo done\r"
-expect {
-        timeout {puts "TESTING ERROR 33\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 34\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-expect {
-        timeout {puts "TESTING ERROR 35\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp.32 seccomp filter" {puts "TESTING ERROR 35\n";exit}
-        "Installing /run/firejail/mnt/seccomp/seccomp seccomp filter"
-}
-expect {
-        timeout {puts "TESTING ERROR 37\n";exit}
-        "done"
-}
-after 100
-
 puts "all done\n"