diff options
Diffstat (limited to 'test')
| -rwxr-xr-x | test/features/1.2.exp | 24 | ||||
| -rwxr-xr-x | test/features/test.sh | 33 | ||||
| -rwxr-xr-x | test/private-etc.exp | 12 | ||||
| -rwxr-xr-x | test/profile_syntax.exp | 11 | ||||
| -rw-r--r-- | test/test.profile | 3 |
5 files changed, 39 insertions, 44 deletions
diff --git a/test/features/1.2.exp b/test/features/1.2.exp index 0b92247f1..623957f5f 100755 --- a/test/features/1.2.exp +++ b/test/features/1.2.exp | |||
| @@ -36,10 +36,10 @@ expect { | |||
| 36 | timeout {puts "TESTING ERROR 1.4\n";exit} | 36 | timeout {puts "TESTING ERROR 1.4\n";exit} |
| 37 | "proc /proc/sysrq-trigger proc" | 37 | "proc /proc/sysrq-trigger proc" |
| 38 | } | 38 | } |
| 39 | expect { | 39 | #expect { |
| 40 | timeout {puts "TESTING ERROR 1.5\n";exit} | 40 | # timeout {puts "TESTING ERROR 1.5\n";exit} |
| 41 | "proc /proc/sys/kernel/hotplug" | 41 | # "proc /proc/sys/kernel/hotplug" |
| 42 | } | 42 | #} |
| 43 | expect { | 43 | expect { |
| 44 | timeout {puts "TESTING ERROR 1.6\n";exit} | 44 | timeout {puts "TESTING ERROR 1.6\n";exit} |
| 45 | "proc /proc/irq proc" | 45 | "proc /proc/irq proc" |
| @@ -69,10 +69,10 @@ if { $overlay == "overlay" } { | |||
| 69 | timeout {puts "TESTING ERROR 3.1\n";exit} | 69 | timeout {puts "TESTING ERROR 3.1\n";exit} |
| 70 | "proc /proc proc" | 70 | "proc /proc proc" |
| 71 | } | 71 | } |
| 72 | expect { | 72 | # expect { |
| 73 | timeout {puts "TESTING ERROR 3.2\n";exit} | 73 | # timeout {puts "TESTING ERROR 3.2\n";exit} |
| 74 | "proc /proc proc" | 74 | # "proc /proc proc" |
| 75 | } | 75 | # } |
| 76 | expect { | 76 | expect { |
| 77 | timeout {puts "TESTING ERROR 3.3\n";exit} | 77 | timeout {puts "TESTING ERROR 3.3\n";exit} |
| 78 | "proc /proc/sys proc" | 78 | "proc /proc/sys proc" |
| @@ -81,10 +81,10 @@ if { $overlay == "overlay" } { | |||
| 81 | timeout {puts "TESTING ERROR 3.4\n";exit} | 81 | timeout {puts "TESTING ERROR 3.4\n";exit} |
| 82 | "proc /proc/sysrq-trigger proc" | 82 | "proc /proc/sysrq-trigger proc" |
| 83 | } | 83 | } |
| 84 | expect { | 84 | # expect { |
| 85 | timeout {puts "TESTING ERROR 3.5\n";exit} | 85 | # timeout {puts "TESTING ERROR 3.5\n";exit} |
| 86 | "proc /proc/sys/kernel/hotplug" | 86 | # "proc /proc/sys/kernel/hotplug" |
| 87 | } | 87 | # } |
| 88 | expect { | 88 | expect { |
| 89 | timeout {puts "TESTING ERROR 3.6\n";exit} | 89 | timeout {puts "TESTING ERROR 3.6\n";exit} |
| 90 | "proc /proc/irq proc" | 90 | "proc /proc/irq proc" |
diff --git a/test/features/test.sh b/test/features/test.sh index c3a4f21ae..d4bcead0b 100755 --- a/test/features/test.sh +++ b/test/features/test.sh | |||
| @@ -1,6 +1,7 @@ | |||
| 1 | #!/bin/bash | 1 | #!/bin/bash |
| 2 | OVERLAY="overlay" | 2 | OVERLAY="overlay" |
| 3 | CHROOT="chroot" | 3 | CHROOT="chroot" |
| 4 | NETWORK="network" | ||
| 4 | 5 | ||
| 5 | while [ $# -gt 0 ]; do # Until you run out of parameters . . . | 6 | while [ $# -gt 0 ]; do # Until you run out of parameters . . . |
| 6 | case "$1" in | 7 | case "$1" in |
| @@ -10,8 +11,11 @@ while [ $# -gt 0 ]; do # Until you run out of parameters . . . | |||
| 10 | --nochroot) | 11 | --nochroot) |
| 11 | CHROOT="none" | 12 | CHROOT="none" |
| 12 | ;; | 13 | ;; |
| 14 | --nonetwork) | ||
| 15 | NETWORK="none" | ||
| 16 | ;; | ||
| 13 | --help) | 17 | --help) |
| 14 | echo "./test.sh [--nooverlay|--nochroot|--help] | grep TESTING" | 18 | echo "./test.sh [--nooverlay|--nochroot|--nonetwork|--help] | grep TESTING" |
| 15 | exit | 19 | exit |
| 16 | ;; | 20 | ;; |
| 17 | esac | 21 | esac |
| @@ -55,23 +59,26 @@ echo "TESTING: 1.10 disable /selinux" | |||
| 55 | #################### | 59 | #################### |
| 56 | # networking features | 60 | # networking features |
| 57 | #################### | 61 | #################### |
| 58 | echo "TESTING: 2.1 hostname" | 62 | if [ $NETWORK == "network" ] |
| 59 | ./2.1.exp $OVERLAY $CHROOT | 63 | then |
| 64 | echo "TESTING: 2.1 hostname" | ||
| 65 | ./2.1.exp $OVERLAY $CHROOT | ||
| 60 | 66 | ||
| 61 | echo "TESTING: 2.2 DNS" | 67 | echo "TESTING: 2.2 DNS" |
| 62 | ./2.2.exp $OVERLAY $CHROOT | 68 | ./2.2.exp $OVERLAY $CHROOT |
| 63 | 69 | ||
| 64 | echo "TESTING: 2.3 mac-vlan" | 70 | echo "TESTING: 2.3 mac-vlan" |
| 65 | ./2.3.exp $OVERLAY $CHROOT | 71 | ./2.3.exp $OVERLAY $CHROOT |
| 66 | 72 | ||
| 67 | echo "TESTING: 2.4 bridge" | 73 | echo "TESTING: 2.4 bridge" |
| 68 | ./2.4.exp $OVERLAY $CHROOT | 74 | ./2.4.exp $OVERLAY $CHROOT |
| 69 | 75 | ||
| 70 | echo "TESTING: 2.5 interface" | 76 | echo "TESTING: 2.5 interface" |
| 71 | ./2.5.exp $OVERLAY $CHROOT | 77 | ./2.5.exp $OVERLAY $CHROOT |
| 72 | 78 | ||
| 73 | echo "TESTING: 2.6 Default gateway" | 79 | echo "TESTING: 2.6 Default gateway" |
| 74 | ./2.6.exp $OVERLAY $CHROOT | 80 | ./2.6.exp $OVERLAY $CHROOT |
| 81 | fi | ||
| 75 | 82 | ||
| 76 | #################### | 83 | #################### |
| 77 | # filesystem features | 84 | # filesystem features |
diff --git a/test/private-etc.exp b/test/private-etc.exp index 9df798e22..db1d1df3a 100755 --- a/test/private-etc.exp +++ b/test/private-etc.exp | |||
| @@ -5,7 +5,7 @@ spawn $env(SHELL) | |||
| 5 | match_max 100000 | 5 | match_max 100000 |
| 6 | 6 | ||
| 7 | # directory with ~ | 7 | # directory with ~ |
| 8 | send -- "firejail --private-etc=passwd,group,resolv.conf,bash_completion.d,timezone\r" | 8 | send -- "firejail --private-etc=passwd,group,resolv.conf,X11\r" |
| 9 | expect { | 9 | expect { |
| 10 | timeout {puts "TESTING ERROR 1\n";exit} | 10 | timeout {puts "TESTING ERROR 1\n";exit} |
| 11 | "Child process initialized" | 11 | "Child process initialized" |
| @@ -14,10 +14,6 @@ sleep 1 | |||
| 14 | 14 | ||
| 15 | send -- "ls -al /etc\r" | 15 | send -- "ls -al /etc\r" |
| 16 | expect { | 16 | expect { |
| 17 | timeout {puts "TESTING ERROR 2\n";exit} | ||
| 18 | "bash_completion.d" | ||
| 19 | } | ||
| 20 | expect { | ||
| 21 | timeout {puts "TESTING ERROR 3\n";exit} | 17 | timeout {puts "TESTING ERROR 3\n";exit} |
| 22 | "group" | 18 | "group" |
| 23 | } | 19 | } |
| @@ -31,16 +27,16 @@ expect { | |||
| 31 | } | 27 | } |
| 32 | expect { | 28 | expect { |
| 33 | timeout {puts "TESTING ERROR 6\n";exit} | 29 | timeout {puts "TESTING ERROR 6\n";exit} |
| 34 | "timezone" | 30 | "X11" |
| 35 | } | 31 | } |
| 36 | 32 | ||
| 37 | send -- "ls -al /etc\r" | 33 | send -- "ls -al /etc\r" |
| 38 | expect { | 34 | expect { |
| 39 | timeout {puts "TESTING ERROR 7\n";exit} | 35 | timeout {puts "TESTING ERROR 7\n";exit} |
| 40 | "shadow" {puts "TESTING ERROR 8\n";exit} | 36 | "shadow" {puts "TESTING ERROR 8\n";exit} |
| 41 | "timezone" | 37 | "X11" |
| 42 | } | 38 | } |
| 43 | 39 | ||
| 44 | sleep 1 | 40 | sleep 1 |
| 45 | puts "\n" | 41 | puts "\nall done\n" |
| 46 | 42 | ||
diff --git a/test/profile_syntax.exp b/test/profile_syntax.exp index 3218177c3..5815bd619 100755 --- a/test/profile_syntax.exp +++ b/test/profile_syntax.exp | |||
| @@ -11,17 +11,10 @@ expect { | |||
| 11 | } | 11 | } |
| 12 | 12 | ||
| 13 | sleep 2 | 13 | sleep 2 |
| 14 | send -- "ls /sbin\r" | 14 | send -- "cat /sbin/iptables\r" |
| 15 | expect { | ||
| 16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
| 17 | "cannot open" | ||
| 18 | } | ||
| 19 | |||
| 20 | sleep 1 | ||
| 21 | send -- "ls /usr/sbin\r" | ||
| 22 | expect { | 15 | expect { |
| 23 | timeout {puts "TESTING ERROR 2\n";exit} | 16 | timeout {puts "TESTING ERROR 2\n";exit} |
| 24 | "cannot open" | 17 | "Permission denied" |
| 25 | } | 18 | } |
| 26 | 19 | ||
| 27 | sleep 1 | 20 | sleep 1 |
diff --git a/test/test.profile b/test/test.profile index 716419fd0..1d69cc960 100644 --- a/test/test.profile +++ b/test/test.profile | |||
| @@ -1,5 +1,4 @@ | |||
| 1 | blacklist /sbin | 1 | blacklist /sbin/iptables |
| 2 | blacklist /usr/sbin | ||
| 3 | blacklist /etc/shadow | 2 | blacklist /etc/shadow |
| 4 | blacklist /bin/rmdir | 3 | blacklist /bin/rmdir |
| 5 | blacklist ${PATH}/umount | 4 | blacklist ${PATH}/umount |