3 files changed, 89 insertions, 0 deletions
diff --git a/test/utils/audit.exp b/test/utils/audit.exp
index c68ee387c..684886af7 100755
--- a/test/utils/audit.exp
+++ b/test/utils/audit.exp
@@ -76,4 +76,24 @@ expect {
 }
 after 100
+# run audit executable without a sandbox
+send -- "faudit\r"
+expect {
+        timeout {puts "TESTING ERROR 13\n";exit}
+        "is not running in a PID namespace"
+}
+expect {
+        timeout {puts "TESTING ERROR 14\n";exit}
+        "BAD: seccomp disabled"
+}
+expect {
+        timeout {puts "TESTING ERROR 15\n";exit}
+        "BAD: the capability map is"
+}
+expect {
+        timeout {puts "TESTING ERROR 16\n";exit}
+        "MAYBE: /dev directory seems to be fully populated"
+}
+after 100
 puts "\nall done\n"
diff --git a/test/utils/build.exp b/test/utils/build.exp
new file mode 100755
index 000000000..de2a9b6ae
--- /dev/null
+++ b/test/utils/build.exp
@@ -0,0 +1,58 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --build cat ~/firejail-test-file-7699\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "whitelist ~/firejail-test-file-7699"
+}
+expect {
+        timeout {puts "TESTING ERROR 0.1\n";exit}
+        "include /etc/firejail/whitelist-common.inc"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "private-tmp"
+}
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "private-dev"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "blacklist /var"
+}
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "private-bin cat,"
+}
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "caps.drop all"
+}
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "nonewprivs"
+}
+expect {
+        timeout {puts "TESTING ERROR 7\n";exit}
+        "seccomp"
+}
+expect {
+        timeout {puts "TESTING ERROR 8\n";exit}
+        "net none"
+}
+expect {
+        timeout {puts "TESTING ERROR 9\n";exit}
+        "shell none"
+}
+after 100
+puts "all done\n"
diff --git a/test/utils/utils.sh b/test/utils/utils.sh
index 9dd3b67a3..d72cc2269 100755
--- a/test/utils/utils.sh
+++ b/test/utils/utils.sh
@@ -6,6 +6,17 @@
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
+if [ -f /etc/debian_version ]; then
+        libdir=$(dirname "$(dpkg -L firejail | grep faudit)")
+        export PATH="$PATH:$libdir"
+fi
+export PATH="$PATH:/usr/lib/firejail"
+echo "testing" > ~/firejail-test-file-7699
+echo "TESTING: build (test/utils/build.exp)"
+./build.exp
+rm -f ~/firejail-test-file-7699
 echo "TESTING: audit (test/utils/audit.exp)"
 ./audit.exp

diff --git a/test/utils/audit.exp b/test/utils/audit.exp index c68ee387c..684886af7 100755 --- a/test/utils/audit.exp +++ b/test/utils/audit.exp
@@ -76,4 +76,24 @@ expect {
76	}	76	}
77	after 100	77	after 100
78		78
		79	# run audit executable without a sandbox
		80	send -- "faudit\r"
		81	expect {
		82	timeout {puts "TESTING ERROR 13\n";exit}
		83	"is not running in a PID namespace"
		84	}
		85	expect {
		86	timeout {puts "TESTING ERROR 14\n";exit}
		87	"BAD: seccomp disabled"
		88	}
		89	expect {
		90	timeout {puts "TESTING ERROR 15\n";exit}
		91	"BAD: the capability map is"
		92	}
		93	expect {
		94	timeout {puts "TESTING ERROR 16\n";exit}
		95	"MAYBE: /dev directory seems to be fully populated"
		96	}
		97	after 100
		98
79	puts "\nall done\n"	99	puts "\nall done\n"


diff --git a/test/utils/build.exp b/test/utils/build.exp new file mode 100755 index 000000000..de2a9b6ae --- /dev/null +++ b/test/utils/build.exp
@@ -0,0 +1,58 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2018 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --build cat ~/firejail-test-file-7699\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 0\n";exit}
		13	"whitelist ~/firejail-test-file-7699"
		14	}
		15	expect {
		16	timeout {puts "TESTING ERROR 0.1\n";exit}
		17	"include /etc/firejail/whitelist-common.inc"
		18	}
		19	expect {
		20	timeout {puts "TESTING ERROR 1\n";exit}
		21	"private-tmp"
		22	}
		23	expect {
		24	timeout {puts "TESTING ERROR 2\n";exit}
		25	"private-dev"
		26	}
		27	expect {
		28	timeout {puts "TESTING ERROR 3\n";exit}
		29	"blacklist /var"
		30	}
		31	expect {
		32	timeout {puts "TESTING ERROR 4\n";exit}
		33	"private-bin cat,"
		34	}
		35	expect {
		36	timeout {puts "TESTING ERROR 5\n";exit}
		37	"caps.drop all"
		38	}
		39	expect {
		40	timeout {puts "TESTING ERROR 6\n";exit}
		41	"nonewprivs"
		42	}
		43	expect {
		44	timeout {puts "TESTING ERROR 7\n";exit}
		45	"seccomp"
		46	}
		47	expect {
		48	timeout {puts "TESTING ERROR 8\n";exit}
		49	"net none"
		50	}
		51	expect {
		52	timeout {puts "TESTING ERROR 9\n";exit}
		53	"shell none"
		54	}
		55	after 100
		56
		57
		58	puts "all done\n"


diff --git a/test/utils/utils.sh b/test/utils/utils.sh index 9dd3b67a3..d72cc2269 100755 --- a/test/utils/utils.sh +++ b/test/utils/utils.sh
@@ -6,6 +6,17 @@
6	export MALLOC_CHECK_=3	6	export MALLOC_CHECK_=3
7	export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))	7	export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
8		8
		9	if [ -f /etc/debian_version ]; then
		10	libdir=$(dirname "$(dpkg -L firejail \| grep faudit)")
		11	export PATH="$PATH:$libdir"
		12	fi
		13	export PATH="$PATH:/usr/lib/firejail"
		14
		15	echo "testing" > ~/firejail-test-file-7699
		16	echo "TESTING: build (test/utils/build.exp)"
		17	./build.exp
		18	rm -f ~/firejail-test-file-7699
		19
9	echo "TESTING: audit (test/utils/audit.exp)"	20	echo "TESTING: audit (test/utils/audit.exp)"
10	./audit.exp	21	./audit.exp
11		22