diff options
Diffstat (limited to 'test/root')
-rwxr-xr-x | test/root/apache2.exp | 68 | ||||
-rwxr-xr-x | test/root/checkcfg.exp | 164 | ||||
-rwxr-xr-x | test/root/firecfg.exp | 80 | ||||
-rw-r--r-- | test/root/firejail.config | 26 | ||||
-rwxr-xr-x | test/root/firemon-events.exp | 74 | ||||
-rwxr-xr-x | test/root/isc-dhcp.exp | 51 | ||||
-rwxr-xr-x | test/root/join.exp | 56 | ||||
-rwxr-xr-x | test/root/login_nobody.exp | 35 | ||||
-rwxr-xr-x | test/root/nginx.exp | 68 | ||||
-rwxr-xr-x | test/root/option_bind_directory.exp | 24 | ||||
-rwxr-xr-x | test/root/option_bind_file.exp | 24 | ||||
-rwxr-xr-x | test/root/option_tmpfs.exp | 42 | ||||
-rwxr-xr-x | test/root/private.exp | 111 | ||||
-rwxr-xr-x | test/root/profile_tmpfs.exp | 42 | ||||
-rwxr-xr-x | test/root/root.sh | 127 | ||||
-rwxr-xr-x | test/root/seccomp-chmod.exp | 53 | ||||
-rwxr-xr-x | test/root/seccomp-chown.exp | 50 | ||||
-rwxr-xr-x | test/root/seccomp-umount.exp | 25 | ||||
-rwxr-xr-x | test/root/snmpd.exp | 50 | ||||
-rw-r--r-- | test/root/tmpfs-bad.profile | 1 | ||||
-rw-r--r-- | test/root/tmpfs.profile | 1 | ||||
-rwxr-xr-x | test/root/unbound.exp | 51 | ||||
-rwxr-xr-x | test/root/whitelist.exp | 117 |
23 files changed, 0 insertions, 1340 deletions
diff --git a/test/root/apache2.exp b/test/root/apache2.exp deleted file mode 100755 index 369cda40d..000000000 --- a/test/root/apache2.exp +++ /dev/null | |||
@@ -1,68 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 5 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=apache /etc/init.d/apache2 start\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | |||
18 | spawn $env(SHELL) | ||
19 | send -- "firejail --tree\r" | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 1\n";exit} | ||
22 | "root:apache:firejail --name=apache /etc/init.d/apache2" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 2\n";exit} | ||
26 | "www-data::/usr/sbin/apache2" | ||
27 | } | ||
28 | sleep 2 | ||
29 | |||
30 | |||
31 | send -- "rm index.html\r" | ||
32 | sleep 1 | ||
33 | send -- "wget 127.0.0.1\r" | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 3\n";exit} | ||
36 | "saved" | ||
37 | } | ||
38 | send -- "cat index.html\r" | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 4\n";exit} | ||
41 | "DOCTYPE html PUBLIC" | ||
42 | } | ||
43 | |||
44 | sleep 1 | ||
45 | send -- "rm index.html\r" | ||
46 | |||
47 | send -- "firejail --join=apache\r" | ||
48 | sleep 2 | ||
49 | |||
50 | send -- "ls /dev\r" | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 5\n";exit} | ||
53 | "tty0" {puts "TESTING ERROR 6\n";exit} | ||
54 | "ttyS0" {puts "TESTING ERROR 6\n";exit} | ||
55 | "audio" {puts "TESTING ERROR 6\n";exit} | ||
56 | "ppp" {puts "TESTING ERROR 6\n";exit} | ||
57 | "log" | ||
58 | } | ||
59 | sleep 1 | ||
60 | send -- "ls -al /tmp;pwd\r" | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 10\n";exit} | ||
63 | "X11-unix" {puts "TESTING ERROR 11\n";exit} | ||
64 | "/root" | ||
65 | } | ||
66 | sleep 2 | ||
67 | |||
68 | puts "\nall done\n" | ||
diff --git a/test/root/checkcfg.exp b/test/root/checkcfg.exp deleted file mode 100755 index d7aea8084..000000000 --- a/test/root/checkcfg.exp +++ /dev/null | |||
@@ -1,164 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | cd /home | ||
8 | spawn $env(SHELL) | ||
9 | match_max 100000 | ||
10 | |||
11 | send -- "rm /etc/firejail/firejail.config\r" | ||
12 | after 100 | ||
13 | |||
14 | send -- "firejail\r" | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "firejail.config not found" | ||
18 | } | ||
19 | |||
20 | # seccomp | ||
21 | send -- "echo \"seccomp no\" > /etc/firejail/firejail.config\r" | ||
22 | after 100 | ||
23 | send -- "firejail --noprofile --seccomp\r" | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 2\n";exit} | ||
26 | "seccomp feature is disabled in Firejail configuration file\r" | ||
27 | } | ||
28 | |||
29 | # whitelist | ||
30 | send -- "echo \"whitelist no\" > /etc/firejail/firejail.config\r" | ||
31 | after 100 | ||
32 | send -- "firejail --noprofile --whitelist=~/.config\r" | ||
33 | expect { | ||
34 | timeout {puts "TESTING ERROR 3\n";exit} | ||
35 | "whitelist feature is disabled in Firejail configuration file\r" | ||
36 | } | ||
37 | |||
38 | # network | ||
39 | send -- "echo \"network no\" > /etc/firejail/firejail.config\r" | ||
40 | after 100 | ||
41 | send -- "firejail --noprofile --net=eth0\r" | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 4\n";exit} | ||
44 | "networking feature is disabled in Firejail configuration file\r" | ||
45 | } | ||
46 | |||
47 | # bind | ||
48 | send -- "echo \"bind no\" > /etc/firejail/firejail.config\r" | ||
49 | after 100 | ||
50 | send -- "firejail --noprofile --bind=/tmp,/var/tmp\r" | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 5\n";exit} | ||
53 | "bind feature is disabled in Firejail configuration file\r" | ||
54 | } | ||
55 | |||
56 | # overlay | ||
57 | send -- "echo \"overlayfs no\" > /etc/firejail/firejail.config\r" | ||
58 | after 100 | ||
59 | send -- "firejail --noprofile --overlay\r" | ||
60 | expect { | ||
61 | timeout {puts "TESTING ERROR 6\n";exit} | ||
62 | "overlayfs feature is disabled in Firejail configuration file\r" | ||
63 | } | ||
64 | |||
65 | # private-home | ||
66 | send -- "echo \"private-home no\" > /etc/firejail/firejail.config\r" | ||
67 | after 100 | ||
68 | send -- "firejail --noprofile --private-home=/tmp\r" | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 7\n";exit} | ||
71 | "private-home feature is disabled in Firejail configuration file\r" | ||
72 | } | ||
73 | |||
74 | # chroot | ||
75 | send -- "echo \"chroot no\" > /etc/firejail/firejail.config\r" | ||
76 | after 100 | ||
77 | send -- "firejail --noprofile --chroot=/tmp\r" | ||
78 | expect { | ||
79 | timeout {puts "TESTING ERROR 8\n";exit} | ||
80 | "chroot feature is disabled in Firejail configuration file\r" | ||
81 | } | ||
82 | |||
83 | # userns | ||
84 | send -- "echo \"userns no\" > /etc/firejail/firejail.config\r" | ||
85 | after 100 | ||
86 | send -- "firejail --noprofile --noroot\r" | ||
87 | expect { | ||
88 | timeout {puts "TESTING ERROR 9\n";exit} | ||
89 | "noroot feature is disabled in Firejail configuration file\r" | ||
90 | } | ||
91 | sleep 1 | ||
92 | |||
93 | # netfilter-default | ||
94 | send -- "echo \"netfilter-default blablabla\" > /etc/firejail/firejail.config\r" | ||
95 | after 100 | ||
96 | send -- "firejail --noprofile\r" | ||
97 | expect { | ||
98 | timeout {puts "TESTING ERROR 10\n";exit} | ||
99 | "netfilter-default file blablabla not available\r" | ||
100 | } | ||
101 | after 100 | ||
102 | |||
103 | # strings | ||
104 | send -- "echo \"xephyr-screen 800x600\" > /etc/firejail/firejail.config\r" | ||
105 | after 100 | ||
106 | send -- "echo \"xvfb-screen 800x600x24\" >> /etc/firejail/firejail.config\r" | ||
107 | after 100 | ||
108 | send -- "echo \"xvfb-extra-params blablabla\" >> /etc/firejail/firejail.config\r" | ||
109 | sleep 1 | ||
110 | send -- "stty -echo\r" | ||
111 | after 100 | ||
112 | send -- "firejail --noprofile echo done\r" | ||
113 | expect { | ||
114 | timeout {puts "TESTING ERROR 11\n";exit} | ||
115 | "done\r" | ||
116 | } | ||
117 | sleep 1 | ||
118 | |||
119 | after 100 | ||
120 | send -- "echo \"join no\" > /etc/firejail/firejail.config\r" | ||
121 | after 100 | ||
122 | send -- "echo \"cache-tmpfs no\" >> /etc/firejail/firejail.config\r" | ||
123 | after 100 | ||
124 | send -- "echo \"file-transfer no\" >> /etc/firejail/firejail.config\r" | ||
125 | after 100 | ||
126 | send -- "echo \"x11 no\" >> /etc/firejail/firejail.config\r" | ||
127 | after 100 | ||
128 | send -- "echo \"firejail-prompt yes\" >> /etc/firejail/firejail.config\r" | ||
129 | after 100 | ||
130 | send -- "echo \"follow-symlink-as-user yes\" >> /etc/firejail/firejail.config\r" | ||
131 | after 100 | ||
132 | send -- "echo \"follow-symlink-private-bin yes\" >> /etc/firejail/firejail.config\r" | ||
133 | after 100 | ||
134 | send -- "echo \"force-nonewprivs yes\" >> /etc/firejail/firejail.config\r" | ||
135 | after 100 | ||
136 | send -- "echo \"seccomp no\" >> /etc/firejail/firejail.config\r" | ||
137 | after 100 | ||
138 | send -- "echo \"restricted-network yes\" >> /etc/firejail/firejail.config\r" | ||
139 | after 100 | ||
140 | send -- "echo \"xephyr-window-title yes\" >> /etc/firejail/firejail.config\r" | ||
141 | after 100 | ||
142 | send -- "echo \"quiet-by-default yes\" >> /etc/firejail/firejail.config\r" | ||
143 | after 100 | ||
144 | send -- "echo \"chroot-desktop no\" >> /etc/firejail/firejail.config\r" | ||
145 | after 100 | ||
146 | send -- "echo \"private-bin-no-local yes\" >> /etc/firejail/firejail.config\r" | ||
147 | after 100 | ||
148 | send -- "echo \"disable-mnt yes\" >> /etc/firejail/firejail.config\r" | ||
149 | after 100 | ||
150 | send -- "echo \"xephyr-window-title no\" >> /etc/firejail/firejail.config\r" | ||
151 | after 100 | ||
152 | send -- "echo \"remount-proc-sys no\" >> /etc/firejail/firejail.config\r" | ||
153 | after 100 | ||
154 | send -- "echo \"disable-mnt no\" >> /etc/firejail/firejail.config\r" | ||
155 | after 100 | ||
156 | send -- "echo \"blablabla\" >> /etc/firejail/firejail.config\r" | ||
157 | after 100 | ||
158 | send -- "firejail --noprofile\r" | ||
159 | expect { | ||
160 | timeout {puts "TESTING ERROR 12\n";exit} | ||
161 | "" | ||
162 | } | ||
163 | after 100 | ||
164 | puts "\nall done\n" | ||
diff --git a/test/root/firecfg.exp b/test/root/firecfg.exp deleted file mode 100755 index d78631c76..000000000 --- a/test/root/firecfg.exp +++ /dev/null | |||
@@ -1,80 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firecfg --debug\r" | ||
11 | sleep 1 | ||
12 | |||
13 | send -- "firecfg --debug --clean\r" | ||
14 | expect { | ||
15 | timeout {puts "TESTING ERROR 0\n";exit} | ||
16 | "less removed" | ||
17 | } | ||
18 | sleep 1 | ||
19 | |||
20 | send -- "stty -echo\r" | ||
21 | after 100 | ||
22 | send -- "file /usr/local/bin/firefox; echo done\r" | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 1\n";exit} | ||
25 | "symbolic link to /usr/bin/firejail" {puts "TESTING ERROR 2\n";exit} | ||
26 | "done" | ||
27 | } | ||
28 | sleep 1 | ||
29 | |||
30 | send -- "firecfg --debug\r" | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 3\n";exit} | ||
33 | "less created" | ||
34 | } | ||
35 | sleep 1 | ||
36 | |||
37 | send -- "file /usr/local/bin/less\r" | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 4\n";exit} | ||
40 | "symbolic link to /usr/bin/firejail" | ||
41 | } | ||
42 | sleep 1 | ||
43 | |||
44 | send -- "firecfg --list\r" | ||
45 | expect { | ||
46 | timeout {puts "TESTING ERROR 5\n";exit} | ||
47 | "/usr/local/bin/less" | ||
48 | } | ||
49 | sleep 1 | ||
50 | |||
51 | send -- "firecfg --fix\r" | ||
52 | expect { | ||
53 | timeout {puts "TESTING ERROR 6\n";exit} | ||
54 | "this option is not supported for root user" | ||
55 | } | ||
56 | sleep 1 | ||
57 | |||
58 | send -- "firecfg --fix-sound\r" | ||
59 | expect { | ||
60 | timeout {puts "TESTING ERROR 7\n";exit} | ||
61 | "PulseAudio configured, please logout and login back again" | ||
62 | } | ||
63 | sleep 1 | ||
64 | |||
65 | send -- "firecfg --version\r" | ||
66 | expect { | ||
67 | timeout {puts "TESTING ERROR 8\n";exit} | ||
68 | "firecfg version" | ||
69 | } | ||
70 | sleep 1 | ||
71 | |||
72 | send -- "firecfg --blablabla\r" | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 9\n";exit} | ||
75 | "invalid command line option" | ||
76 | } | ||
77 | sleep 1 | ||
78 | |||
79 | |||
80 | puts "\nall done\n" | ||
diff --git a/test/root/firejail.config b/test/root/firejail.config deleted file mode 100644 index 4ad5edd4d..000000000 --- a/test/root/firejail.config +++ /dev/null | |||
@@ -1,26 +0,0 @@ | |||
1 | |||
2 | bind yes | ||
3 | chroot yes | ||
4 | chroot-desktop yes | ||
5 | cache-tmpfs yes | ||
6 | file-transfer yes | ||
7 | firejail-prompt no | ||
8 | follow-symlink-as-user no | ||
9 | follow-symlink-private-bin no | ||
10 | force-nonewprivs no | ||
11 | join yes | ||
12 | network yes | ||
13 | overlayfs yes | ||
14 | private-bin-no-local no | ||
15 | private-home yes | ||
16 | quiet-by-default no | ||
17 | remount-proc-sys yes | ||
18 | restricted-network no | ||
19 | # netfilter-default /etc/iptables.iptables.rules | ||
20 | seccomp yes | ||
21 | userns yes | ||
22 | whitelist yes | ||
23 | x11 yes | ||
24 | xephyr-screen 800x600 | ||
25 | xephyr-window-title yes | ||
26 | xephyr-extra-params -grayscale | ||
diff --git a/test/root/firemon-events.exp b/test/root/firemon-events.exp deleted file mode 100755 index 8ca222733..000000000 --- a/test/root/firemon-events.exp +++ /dev/null | |||
@@ -1,74 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # start firemon | ||
11 | set firemon_id $spawn_id | ||
12 | send -- "firemon\r" | ||
13 | sleep 1 | ||
14 | |||
15 | # start firejail | ||
16 | spawn $env(SHELL) | ||
17 | set firejail_id $spawn_id | ||
18 | send -- "firejail\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 0\n";exit} | ||
21 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
22 | } | ||
23 | |||
24 | # get messages on firemon | ||
25 | set spawn_id $firemon_id | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 1\n";exit} | ||
28 | "exec" | ||
29 | } | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 2\n";exit} | ||
32 | "/bin/bash -c /bin/bash" | ||
33 | } | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 3\n";exit} | ||
36 | "exec" | ||
37 | } | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 4\n";exit} | ||
40 | "/bin/bash" | ||
41 | } | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 5\n";exit} | ||
44 | "fork" | ||
45 | } | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 6\n";exit} | ||
48 | "child" | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 7\n";exit} | ||
52 | "/bin/bash" | ||
53 | } | ||
54 | after 100 | ||
55 | |||
56 | # exit firejail | ||
57 | set spawn_id $firejail_id | ||
58 | send -- "exit\r" | ||
59 | sleep 1 | ||
60 | |||
61 | # get messages on firemon | ||
62 | set spawn_id $firemon_id | ||
63 | expect { | ||
64 | timeout {puts "TESTING ERROR 8\n";exit} | ||
65 | "exit" | ||
66 | } | ||
67 | |||
68 | expect { | ||
69 | timeout {puts "TESTING ERROR 9\n";exit} | ||
70 | "EXIT SANDBOX" | ||
71 | } | ||
72 | |||
73 | |||
74 | puts "\nall done\n" | ||
diff --git a/test/root/isc-dhcp.exp b/test/root/isc-dhcp.exp deleted file mode 100755 index dbafdb9d0..000000000 --- a/test/root/isc-dhcp.exp +++ /dev/null | |||
@@ -1,51 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 5 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=dhcpd /etc/init.d/isc-dhcp-server start\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --tree\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 2\n";exit} | ||
21 | "root:/usr/sbin/dhcpd" | ||
22 | } | ||
23 | sleep 2 | ||
24 | |||
25 | send -- "tail -n 200 /var/log/syslog\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 3\n";exit} | ||
28 | "Internet Systems Consortium DHCP Server" | ||
29 | } | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 4\n";exit} | ||
32 | "Wrote 0 leases to leases file" | ||
33 | } | ||
34 | sleep 2 | ||
35 | |||
36 | send -- "firejail --join=dhcpd\r" | ||
37 | sleep 2 | ||
38 | |||
39 | send -- "ls /dev\r" | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR 5\n";exit} | ||
42 | "tty0" {puts "TESTING ERROR 6\n";exit} | ||
43 | "ttyS0" {puts "TESTING ERROR 6\n";exit} | ||
44 | "ppp" {puts "TESTING ERROR 6\n";exit} | ||
45 | "audio" {puts "TESTING ERROR 6\n";exit} | ||
46 | "log" | ||
47 | } | ||
48 | sleep 2 | ||
49 | |||
50 | |||
51 | puts "\nall done\n" | ||
diff --git a/test/root/join.exp b/test/root/join.exp deleted file mode 100755 index c488a488a..000000000 --- a/test/root/join.exp +++ /dev/null | |||
@@ -1,56 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | cd /home | ||
8 | spawn $env(SHELL) | ||
9 | match_max 100000 | ||
10 | |||
11 | send -- "firejail --name=jointesting --cpu=0 --nice=2\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
15 | } | ||
16 | sleep 2 | ||
17 | |||
18 | spawn $env(SHELL) | ||
19 | send -- "firejail --join=jointesting\r" | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 1\n";exit} | ||
22 | "Switching to pid" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 2\n";exit} | ||
26 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
27 | } | ||
28 | sleep 1 | ||
29 | send -- "ps aux\r" | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 3\n";exit} | ||
32 | "/bin/bash" | ||
33 | } | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 4\n";exit} | ||
36 | "/bin/bash" | ||
37 | } | ||
38 | |||
39 | send -- "exit\r" | ||
40 | sleep 1 | ||
41 | send -- "firejail --join-network=jointesting\r" | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 5\n";exit} | ||
44 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
45 | } | ||
46 | send -- "exit\r" | ||
47 | sleep 1 | ||
48 | send -- "firejail --join-filesystem=jointesting\r" | ||
49 | expect { | ||
50 | timeout {puts "TESTING ERROR 6\n";exit} | ||
51 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
52 | } | ||
53 | |||
54 | after 100 | ||
55 | |||
56 | puts "\nall done\n" | ||
diff --git a/test/root/login_nobody.exp b/test/root/login_nobody.exp deleted file mode 100755 index 0c54488bd..000000000 --- a/test/root/login_nobody.exp +++ /dev/null | |||
@@ -1,35 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | cd /home | ||
8 | spawn $env(SHELL) | ||
9 | match_max 100000 | ||
10 | |||
11 | send -- "su - nobody -s /usr/bin/firejail\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
15 | } | ||
16 | after 100 | ||
17 | |||
18 | send -- "cat /proc/self/status | grep Seccomp\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 3\n";exit} | ||
21 | "2" | ||
22 | } | ||
23 | after 100 | ||
24 | |||
25 | send -- "cat /proc/self/status | grep CapBnd\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 4\n";exit} | ||
28 | "0000000000000000" | ||
29 | } | ||
30 | after 100 | ||
31 | |||
32 | send -- "exit\r" | ||
33 | sleep 1 | ||
34 | |||
35 | puts "\nall done\n" | ||
diff --git a/test/root/nginx.exp b/test/root/nginx.exp deleted file mode 100755 index cb7367729..000000000 --- a/test/root/nginx.exp +++ /dev/null | |||
@@ -1,68 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 5 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=nginx /etc/init.d/nginx start\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | |||
18 | spawn $env(SHELL) | ||
19 | send -- "firejail --tree\r" | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 1\n";exit} | ||
22 | "root::nginx: master process /usr/sbin/nginx" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 2\n";exit} | ||
26 | "www-data::nginx: worker process" | ||
27 | } | ||
28 | sleep 2 | ||
29 | |||
30 | |||
31 | send -- "rm index.html\r" | ||
32 | sleep 1 | ||
33 | send -- "wget 127.0.0.1\r" | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 3\n";exit} | ||
36 | "saved" | ||
37 | } | ||
38 | send -- "cat index.html\r" | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 4\n";exit} | ||
41 | "DOCTYPE html PUBLIC" | ||
42 | } | ||
43 | |||
44 | sleep 1 | ||
45 | send -- "rm index.html\r" | ||
46 | |||
47 | send -- "firejail --join=nginx\r" | ||
48 | sleep 2 | ||
49 | |||
50 | send -- "ls /dev\r" | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 5\n";exit} | ||
53 | "tty0" {puts "TESTING ERROR 6\n";exit} | ||
54 | "ttyS0" {puts "TESTING ERROR 6\n";exit} | ||
55 | "audio" {puts "TESTING ERROR 6\n";exit} | ||
56 | "ppp" {puts "TESTING ERROR 6\n";exit} | ||
57 | "log" | ||
58 | } | ||
59 | sleep 1 | ||
60 | send -- "ls -al /tmp;pwd\r" | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 10\n";exit} | ||
63 | "X11-unix" {puts "TESTING ERROR 11\n";exit} | ||
64 | "/root" | ||
65 | } | ||
66 | sleep 2 | ||
67 | |||
68 | puts "\nall done\n" | ||
diff --git a/test/root/option_bind_directory.exp b/test/root/option_bind_directory.exp deleted file mode 100755 index 83ed6b84d..000000000 --- a/test/root/option_bind_directory.exp +++ /dev/null | |||
@@ -1,24 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --bind=/tmp/chroot,mntpoint\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | send -- "ls mntpoint;pwd\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 1\n";exit} | ||
20 | "root" | ||
21 | } | ||
22 | sleep 1 | ||
23 | |||
24 | puts "\n" | ||
diff --git a/test/root/option_bind_file.exp b/test/root/option_bind_file.exp deleted file mode 100755 index 0807f951a..000000000 --- a/test/root/option_bind_file.exp +++ /dev/null | |||
@@ -1,24 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --bind=tmpfile,/etc/passwd\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | send -- "cat /etc/passwd;pwd\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 1\n";exit} | ||
20 | "hello" | ||
21 | } | ||
22 | sleep 1 | ||
23 | |||
24 | puts "\n" | ||
diff --git a/test/root/option_tmpfs.exp b/test/root/option_tmpfs.exp deleted file mode 100755 index 2d9eea8f5..000000000 --- a/test/root/option_tmpfs.exp +++ /dev/null | |||
@@ -1,42 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --tmpfs=/var\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | send -- "ls -l /var;pwd\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 1\n";exit} | ||
20 | "total 0" | ||
21 | } | ||
22 | after 100 | ||
23 | send -- "exit\r" | ||
24 | sleep 1 | ||
25 | |||
26 | send -- "firejail --debug-check-filename --tmpfs=\"bla&&bla\"\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 13.1\n";exit} | ||
29 | "Checking filename bla&&bla" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 13.2\n";exit} | ||
33 | "Error:" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 13.3\n";exit} | ||
37 | "is an invalid filename" | ||
38 | } | ||
39 | after 100 | ||
40 | |||
41 | |||
42 | puts "\nall done\n" | ||
diff --git a/test/root/private.exp b/test/root/private.exp deleted file mode 100755 index 8c89e1f31..000000000 --- a/test/root/private.exp +++ /dev/null | |||
@@ -1,111 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --private\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | send -- "ls -l /home\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 1\n";exit} | ||
20 | "total 0" | ||
21 | } | ||
22 | after 100 | ||
23 | |||
24 | send -- "ls -l /root\r" | ||
25 | expect { | ||
26 | timeout {puts "TESTING ERROR 2\n";exit} | ||
27 | "total 0" | ||
28 | } | ||
29 | after 100 | ||
30 | |||
31 | send -- "exit\r" | ||
32 | sleep 1 | ||
33 | |||
34 | |||
35 | |||
36 | send -- "touch /opt/firejail-test-file\r" | ||
37 | after 100 | ||
38 | send -- "mkdir /opt/firejail-test-dir\r" | ||
39 | after 100 | ||
40 | send -- "touch /opt/firejail-test-dir/firejail-test-file\r" | ||
41 | after 100 | ||
42 | send -- "firejail --private-opt=firejail-test-file,firejail-test-dir --debug\r" | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 3\n";exit} | ||
45 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
46 | } | ||
47 | sleep 1 | ||
48 | |||
49 | send -- "find /opt | wc -l\r" | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 4\n";exit} | ||
52 | "4" | ||
53 | } | ||
54 | after 100 | ||
55 | send -- "exit\r" | ||
56 | sleep 1 | ||
57 | send -- "firejail --whitelist=/opt/firejail-test-file --whitelist=/opt/firejail-test-dir --debug\r" | ||
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
60 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
61 | } | ||
62 | sleep 1 | ||
63 | |||
64 | send -- "find /opt | wc -l\r" | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 4.1\n";exit} | ||
67 | "4" | ||
68 | } | ||
69 | after 100 | ||
70 | send -- "exit\r" | ||
71 | sleep 1 | ||
72 | |||
73 | |||
74 | send -- "touch /srv/firejail-test-file\r" | ||
75 | after 100 | ||
76 | send -- "mkdir /srv/firejail-test-dir\r" | ||
77 | after 100 | ||
78 | send -- "touch /srv/firejail-test-dir/firejail-test-file\r" | ||
79 | after 100 | ||
80 | send -- "firejail --private-srv=firejail-test-file,firejail-test-dir --debug\r" | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 5\n";exit} | ||
83 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
84 | } | ||
85 | sleep 1 | ||
86 | |||
87 | send -- "find /srv | wc -l\r" | ||
88 | expect { | ||
89 | timeout {puts "TESTING ERROR 6\n";exit} | ||
90 | "4" | ||
91 | } | ||
92 | after 100 | ||
93 | send -- "exit\r" | ||
94 | sleep 1 | ||
95 | send -- "firejail --whitelist=/srv/firejail-test-file --whitelist=/srv/firejail-test-dir --debug\r" | ||
96 | expect { | ||
97 | timeout {puts "TESTING ERROR 5.1\n";exit} | ||
98 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
99 | } | ||
100 | sleep 1 | ||
101 | |||
102 | send -- "find /srv | wc -l\r" | ||
103 | expect { | ||
104 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
105 | "4" | ||
106 | } | ||
107 | after 100 | ||
108 | send -- "exit\r" | ||
109 | sleep 1 | ||
110 | |||
111 | puts "\nall done\n" | ||
diff --git a/test/root/profile_tmpfs.exp b/test/root/profile_tmpfs.exp deleted file mode 100755 index 7331225b3..000000000 --- a/test/root/profile_tmpfs.exp +++ /dev/null | |||
@@ -1,42 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --profile=tmpfs.profile\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | send -- "ls -l /var;pwd\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 1\n";exit} | ||
20 | "total 0" | ||
21 | } | ||
22 | after 100 | ||
23 | send -- "exit\r" | ||
24 | sleep 1 | ||
25 | |||
26 | send -- "firejail --debug-check-filename --profile=tmpfs-bad.profile\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 13.1\n";exit} | ||
29 | "Checking filename bla&&bla" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 13.2\n";exit} | ||
33 | "Error:" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 13.3\n";exit} | ||
37 | "is an invalid filename" | ||
38 | } | ||
39 | after 100 | ||
40 | |||
41 | |||
42 | puts "\nall done\n" | ||
diff --git a/test/root/root.sh b/test/root/root.sh deleted file mode 100755 index 84e430c7f..000000000 --- a/test/root/root.sh +++ /dev/null | |||
@@ -1,127 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | # set a new firejail config file | ||
7 | #cp firejail.config /etc/firejail/firejail.config | ||
8 | |||
9 | export LC_ALL=C | ||
10 | |||
11 | #******************************** | ||
12 | # firecfg | ||
13 | #******************************** | ||
14 | if command -v less | ||
15 | then | ||
16 | echo "TESTING: firecfg (test/root/firecfg.exp)" | ||
17 | mv /home/netblue/.local/share/applications /home/netblue/.local/share/applications-store | ||
18 | ./firecfg.exp | ||
19 | mv /home/netblue/.local/share/applications-store /home/netblue/.local/share/applications | ||
20 | else | ||
21 | echo "TESTING SKIP: firecfg, less not found" | ||
22 | fi | ||
23 | |||
24 | #******************************** | ||
25 | # servers | ||
26 | #******************************** | ||
27 | if [[ -f /etc/init.d/snmpd ]] | ||
28 | then | ||
29 | echo "TESTING: snmpd (test/root/snmpd.exp)" | ||
30 | ./snmpd.exp | ||
31 | else | ||
32 | echo "TESTING SKIP: snmpd not found" | ||
33 | fi | ||
34 | |||
35 | |||
36 | if [[ -f /etc/init.d/apache2 ]] | ||
37 | then | ||
38 | echo "TESTING: apache2 (test/root/apache2.exp)" | ||
39 | ./apache2.exp | ||
40 | else | ||
41 | echo "TESTING SKIP: apache2 not found" | ||
42 | fi | ||
43 | |||
44 | if [[ -f /etc/init.d/isc-dhcp-server ]] | ||
45 | then | ||
46 | echo "TESTING: isc dhcp server (test/root/isc-dhscp.exp)" | ||
47 | ./isc-dhcp.exp | ||
48 | else | ||
49 | echo "TESTING SKIP: isc dhcp server not found" | ||
50 | fi | ||
51 | |||
52 | if [[ -f /etc/init.d/unbound ]] | ||
53 | then | ||
54 | echo "TESTING: unbound (test/root/unbound.exp)" | ||
55 | ./unbound.exp | ||
56 | else | ||
57 | echo "TESTING SKIP: unbound not found" | ||
58 | fi | ||
59 | |||
60 | if [[ -f /etc/init.d/nginx ]] | ||
61 | then | ||
62 | echo "TESTING: nginx (test/root/nginx.exp)" | ||
63 | ./nginx.exp | ||
64 | else | ||
65 | echo "TESTING SKIP: nginx not found" | ||
66 | fi | ||
67 | |||
68 | #******************************** | ||
69 | # filesystem | ||
70 | #******************************** | ||
71 | echo "TESTING: fs private (test/root/private.exp)" | ||
72 | ./private.exp | ||
73 | |||
74 | echo "TESTING: fs whitelist mnt, opt, media (test/root/whitelist-mnt.exp)" | ||
75 | ./whitelist.exp | ||
76 | |||
77 | #******************************** | ||
78 | # utils | ||
79 | #******************************** | ||
80 | echo "TESTING: join (test/root/join.exp)" | ||
81 | ./join.exp | ||
82 | |||
83 | echo "TESTING: login-nobody (test/root/login_nobody.exp)" | ||
84 | ./login_nobody.exp | ||
85 | |||
86 | #******************************** | ||
87 | # seccomp | ||
88 | #******************************** | ||
89 | echo "TESTING: seccomp umount (test/root/seccomp-umount.exp)" | ||
90 | ./seccomp-umount.exp | ||
91 | |||
92 | echo "TESTING: seccomp chmod (test/root/seccomp-chmod.exp)" | ||
93 | ./seccomp-chmod.exp | ||
94 | |||
95 | echo "TESTING: seccomp chown (test/root/seccomp-chown.exp)" | ||
96 | ./seccomp-chown.exp | ||
97 | |||
98 | #******************************** | ||
99 | # command line options | ||
100 | #******************************** | ||
101 | echo "TESTING: firejail configuration (test/root/checkcfg.exp)" | ||
102 | ./checkcfg.exp | ||
103 | cp ../../etc/firejail.config /etc/firejail/. | ||
104 | |||
105 | echo "TESTING: tmpfs (test/root/option_tmpfs.exp)" | ||
106 | ./option_tmpfs.exp | ||
107 | |||
108 | echo "TESTING: profile tmpfs (test/root/profile_tmpfs)" | ||
109 | ./profile_tmpfs.exp | ||
110 | |||
111 | echo "TESTING: bind directory (test/root/option_bind_directory.exp)" | ||
112 | ./option_bind_directory.exp | ||
113 | |||
114 | echo "TESTING: bind file (test/root/option_bind_file.exp)" | ||
115 | echo hello > tmpfile | ||
116 | ./option_bind_file.exp | ||
117 | rm -f tmpfile | ||
118 | |||
119 | #******************************** | ||
120 | # firemon | ||
121 | #******************************** | ||
122 | echo "TESTING: firemon events (test/root/firemon-events.exp)" | ||
123 | ./firemon-events.exp | ||
124 | |||
125 | |||
126 | # restore the default config file | ||
127 | #cp ../../etc/firejail.config /etc/firejail/firejail.config | ||
diff --git a/test/root/seccomp-chmod.exp b/test/root/seccomp-chmod.exp deleted file mode 100755 index d26098524..000000000 --- a/test/root/seccomp-chmod.exp +++ /dev/null | |||
@@ -1,53 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --seccomp=chmod,fchmod,fchmodat --private\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | send -- "stty -echo\r" | ||
18 | after 100 | ||
19 | send -- "cd ~; echo done\r" | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 1\n";exit} | ||
22 | "done" | ||
23 | } | ||
24 | |||
25 | send -- "touch testfile; echo done\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 2\n";exit} | ||
28 | "done" | ||
29 | } | ||
30 | |||
31 | send -- "ls -l testfile; echo done\r" | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 3\n";exit} | ||
34 | "testfile" | ||
35 | } | ||
36 | expect { | ||
37 | timeout {puts "TESTING ERROR 4\n";exit} | ||
38 | "done" | ||
39 | } | ||
40 | |||
41 | send -- "chmod +x testfile; echo done\r" | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 5\n";exit} | ||
44 | "Bad system call" | ||
45 | } | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 6\n";exit} | ||
48 | "done" | ||
49 | } | ||
50 | |||
51 | send -- "exit\r" | ||
52 | after 100 | ||
53 | puts "\nall done\n" | ||
diff --git a/test/root/seccomp-chown.exp b/test/root/seccomp-chown.exp deleted file mode 100755 index e17bbc4bb..000000000 --- a/test/root/seccomp-chown.exp +++ /dev/null | |||
@@ -1,50 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --seccomp=chown,fchown,fchownat,lchown --private\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | send -- "stty -echo\r" | ||
18 | after 100 | ||
19 | send -- "touch testfile; echo done\r" | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 1\n";exit} | ||
22 | "done" | ||
23 | } | ||
24 | after 100 | ||
25 | |||
26 | send -- "ls -l testfile; echo done\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 2\n";exit} | ||
29 | "testfile" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 3\n";exit} | ||
33 | "done" | ||
34 | } | ||
35 | after 100 | ||
36 | |||
37 | send -- "chown netblue:netblue testfile; echo done\r" | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 2\n";exit} | ||
40 | "Bad system call" | ||
41 | } | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 3\n";exit} | ||
44 | "done" | ||
45 | } | ||
46 | |||
47 | |||
48 | send -- "exit\r" | ||
49 | after 100 | ||
50 | puts "\nall done\n" | ||
diff --git a/test/root/seccomp-umount.exp b/test/root/seccomp-umount.exp deleted file mode 100755 index 70a39925d..000000000 --- a/test/root/seccomp-umount.exp +++ /dev/null | |||
@@ -1,25 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --seccomp --noprofile\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | send -- "umount /proc\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 1\n";exit} | ||
20 | "Bad system call" | ||
21 | } | ||
22 | |||
23 | send -- "exit\r" | ||
24 | after 100 | ||
25 | puts "\n" | ||
diff --git a/test/root/snmpd.exp b/test/root/snmpd.exp deleted file mode 100755 index 63f488342..000000000 --- a/test/root/snmpd.exp +++ /dev/null | |||
@@ -1,50 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 5 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=snmpd /etc/init.d/snmpd start\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --tree\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 2\n";exit} | ||
21 | "snmp:/usr/sbin/snmpd" | ||
22 | } | ||
23 | sleep 2 | ||
24 | |||
25 | send -- "tail /var/log/syslog\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 3\n";exit} | ||
28 | "snmpd" | ||
29 | } | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 4\n";exit} | ||
32 | "NET-SNMP version" | ||
33 | } | ||
34 | |||
35 | send -- "firejail --join=snmpd\r" | ||
36 | sleep 2 | ||
37 | |||
38 | send -- "ls /dev\r" | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 5\n";exit} | ||
41 | "tty0" {puts "TESTING ERROR 6\n";exit} | ||
42 | "ttyS0" {puts "TESTING ERROR 6\n";exit} | ||
43 | "audio" {puts "TESTING ERROR 6\n";exit} | ||
44 | "ppp" {puts "TESTING ERROR 6\n";exit} | ||
45 | "log" | ||
46 | } | ||
47 | sleep 2 | ||
48 | |||
49 | sleep 2 | ||
50 | puts "\nall done\n" | ||
diff --git a/test/root/tmpfs-bad.profile b/test/root/tmpfs-bad.profile deleted file mode 100644 index 7264e18ff..000000000 --- a/test/root/tmpfs-bad.profile +++ /dev/null | |||
@@ -1 +0,0 @@ | |||
1 | tmpfs bla&&bla | ||
diff --git a/test/root/tmpfs.profile b/test/root/tmpfs.profile deleted file mode 100644 index 55a6f7ebc..000000000 --- a/test/root/tmpfs.profile +++ /dev/null | |||
@@ -1 +0,0 @@ | |||
1 | tmpfs /var | ||
diff --git a/test/root/unbound.exp b/test/root/unbound.exp deleted file mode 100755 index d84c07452..000000000 --- a/test/root/unbound.exp +++ /dev/null | |||
@@ -1,51 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 5 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=unbound unbound\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 2 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --tree\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 2\n";exit} | ||
21 | "unbound:unbound" | ||
22 | } | ||
23 | sleep 2 | ||
24 | |||
25 | send -- "tail /var/log/syslog\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 3\n";exit} | ||
28 | "unbound" | ||
29 | } | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 4\n";exit} | ||
32 | "info: start of service" | ||
33 | } | ||
34 | sleep 2 | ||
35 | |||
36 | send -- "firejail --join=unbound\r" | ||
37 | sleep 2 | ||
38 | |||
39 | send -- "ls /dev\r" | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR 5\n";exit} | ||
42 | "tty0" {puts "TESTING ERROR 6\n";exit} | ||
43 | "ttyS0" {puts "TESTING ERROR 6\n";exit} | ||
44 | "audio" {puts "TESTING ERROR 6\n";exit} | ||
45 | "ppp" {puts "TESTING ERROR 6\n";exit} | ||
46 | "log" | ||
47 | } | ||
48 | sleep 2 | ||
49 | |||
50 | |||
51 | puts "\nall done\n" | ||
diff --git a/test/root/whitelist.exp b/test/root/whitelist.exp deleted file mode 100755 index 063864e13..000000000 --- a/test/root/whitelist.exp +++ /dev/null | |||
@@ -1,117 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "touch /mnt/firejail-test-file\r" | ||
11 | after 100 | ||
12 | send -- "mkdir /mnt/firejail-test-dir\r" | ||
13 | after 100 | ||
14 | send -- "touch /mnt/firejail-test-dir/firejail-test-file\r" | ||
15 | after 100 | ||
16 | send -- "firejail --whitelist=/mnt/firejail-test-file --whitelist=/mnt/firejail-test-dir --debug\r" | ||
17 | expect { | ||
18 | timeout {puts "TESTING ERROR 0\n";exit} | ||
19 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
20 | } | ||
21 | sleep 1 | ||
22 | |||
23 | send -- "find /mnt | wc -l\r" | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 1\n";exit} | ||
26 | "4" | ||
27 | } | ||
28 | after 100 | ||
29 | send -- "exit\r" | ||
30 | sleep 1 | ||
31 | |||
32 | |||
33 | send -- "touch /opt/firejail-test-file\r" | ||
34 | after 100 | ||
35 | send -- "mkdir /opt/firejail-test-dir\r" | ||
36 | after 100 | ||
37 | send -- "touch /opt/firejail-test-dir/firejail-test-file\r" | ||
38 | after 100 | ||
39 | send -- "firejail --whitelist=/opt/firejail-test-file --whitelist=/opt/firejail-test-dir --debug\r" | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR 2\n";exit} | ||
42 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
43 | } | ||
44 | sleep 1 | ||
45 | |||
46 | send -- "find /opt | wc -l\r" | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 3\n";exit} | ||
49 | "4" | ||
50 | } | ||
51 | after 100 | ||
52 | send -- "exit\r" | ||
53 | sleep 1 | ||
54 | |||
55 | send -- "touch /media/firejail-test-file\r" | ||
56 | after 100 | ||
57 | send -- "mkdir /media/firejail-test-dir\r" | ||
58 | after 100 | ||
59 | send -- "touch /media/firejail-test-dir/firejail-test-file\r" | ||
60 | after 100 | ||
61 | send -- "firejail --whitelist=/media/firejail-test-file --whitelist=/media/firejail-test-dir --debug\r" | ||
62 | expect { | ||
63 | timeout {puts "TESTING ERROR 4\n";exit} | ||
64 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
65 | } | ||
66 | sleep 1 | ||
67 | |||
68 | send -- "find /media | wc -l\r" | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 5\n";exit} | ||
71 | "4" | ||
72 | } | ||
73 | after 100 | ||
74 | send -- "exit\r" | ||
75 | sleep 1 | ||
76 | |||
77 | |||
78 | send -- "firejail --whitelist=/var/run --whitelist=/var/lock --debug\r" | ||
79 | expect { | ||
80 | timeout {puts "TESTING ERROR 6\n";exit} | ||
81 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
82 | } | ||
83 | sleep 1 | ||
84 | |||
85 | send -- "find /var | wc -l\r" | ||
86 | expect { | ||
87 | timeout {puts "TESTING ERROR 7\n";exit} | ||
88 | "" | ||
89 | } | ||
90 | after 100 | ||
91 | send -- "exit\r" | ||
92 | sleep 1 | ||
93 | |||
94 | send -- "touch /srv/firejail-test-file\r" | ||
95 | after 100 | ||
96 | send -- "mkdir /srv/firejail-test-dir\r" | ||
97 | after 100 | ||
98 | send -- "touch /srv/firejail-test-dir/firejail-test-file\r" | ||
99 | after 100 | ||
100 | send -- "firejail --whitelist=/srv/firejail-test-file --whitelist=/srv/firejail-test-dir --debug\r" | ||
101 | expect { | ||
102 | timeout {puts "TESTING ERROR 8\n";exit} | ||
103 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
104 | } | ||
105 | sleep 1 | ||
106 | |||
107 | send -- "find /srv | wc -l\r" | ||
108 | expect { | ||
109 | timeout {puts "TESTING ERROR 9\n";exit} | ||
110 | "4" | ||
111 | } | ||
112 | after 100 | ||
113 | send -- "exit\r" | ||
114 | |||
115 | |||
116 | after 100 | ||
117 | puts "\nall done\n" | ||