diff options
Diffstat (limited to 'test')
-rwxr-xr-x | test/configure | 4 | ||||
-rwxr-xr-x | test/fs_chroot.exp | 17 | ||||
-rwxr-xr-x | test/fs_chroot_asroot.exp | 91 | ||||
-rwxr-xr-x | test/test-root.sh | 6 | ||||
-rwxr-xr-x | test/trace.exp | 2 |
5 files changed, 113 insertions, 7 deletions
diff --git a/test/configure b/test/configure index 17bb22e1b..01f0c6ff0 100755 --- a/test/configure +++ b/test/configure | |||
@@ -22,7 +22,7 @@ ROOTDIR="/tmp/chroot" # default chroot directory | |||
22 | DEFAULT_FILES="/bin/bash /bin/sh " # basic chroot files | 22 | DEFAULT_FILES="/bin/bash /bin/sh " # basic chroot files |
23 | DEFAULT_FILES+="/etc/passwd /etc/nsswitch.conf /etc/group " | 23 | DEFAULT_FILES+="/etc/passwd /etc/nsswitch.conf /etc/group " |
24 | DEFAULT_FILES+=`find /lib -name libnss*` # files required by glibc | 24 | DEFAULT_FILES+=`find /lib -name libnss*` # files required by glibc |
25 | DEFAULT_FILES+=" /bin/ls /bin/cat /bin/ps /usr/bin/id /usr/bin/whoami /usr/bin/wc /usr/bin/wget" | 25 | DEFAULT_FILES+=" /bin/ls /bin/cat /bin/ps /usr/bin/id /usr/bin/whoami /usr/bin/wc /usr/bin/wget /bin/umount" |
26 | 26 | ||
27 | rm -fr $ROOTDIR | 27 | rm -fr $ROOTDIR |
28 | mkdir -p $ROOTDIR/{root,bin,lib,lib64,usr,home,etc,dev/shm,tmp,var/run,var/tmp,var/lock,proc} | 28 | mkdir -p $ROOTDIR/{root,bin,lib,lib64,usr,home,etc,dev/shm,tmp,var/run,var/tmp,var/lock,proc} |
@@ -33,6 +33,8 @@ do | |||
33 | done | 33 | done |
34 | cp --parents /lib64/ld-linux-x86-64.so.2 $ROOTDIR | 34 | cp --parents /lib64/ld-linux-x86-64.so.2 $ROOTDIR |
35 | cp --parents /lib/ld-linux.so.2 $ROOTDIR | 35 | cp --parents /lib/ld-linux.so.2 $ROOTDIR |
36 | cp ../src/tools/unchroot $ROOTDIR/. | ||
37 | touch $ROOTDIR/this-is-my-chroot | ||
36 | 38 | ||
37 | cd $ROOTDIR; find . | 39 | cd $ROOTDIR; find . |
38 | mkdir -p usr/lib/firejail/ | 40 | mkdir -p usr/lib/firejail/ |
diff --git a/test/fs_chroot.exp b/test/fs_chroot.exp index 448a00a7a..4ddf8d32a 100755 --- a/test/fs_chroot.exp +++ b/test/fs_chroot.exp | |||
@@ -4,7 +4,7 @@ set timeout 10 | |||
4 | spawn $env(SHELL) | 4 | spawn $env(SHELL) |
5 | match_max 100000 | 5 | match_max 100000 |
6 | 6 | ||
7 | send -- "firejail --noprofile --chroot=/tmp/chroot\r" | 7 | send -- "firejail --chroot=/tmp/chroot\r" |
8 | expect { | 8 | expect { |
9 | timeout {puts "TESTING ERROR 0\n";exit} | 9 | timeout {puts "TESTING ERROR 0\n";exit} |
10 | "Child process initialized" | 10 | "Child process initialized" |
@@ -13,12 +13,24 @@ sleep 1 | |||
13 | 13 | ||
14 | send -- "cd /home;pwd\r" | 14 | send -- "cd /home;pwd\r" |
15 | expect { | 15 | expect { |
16 | timeout {puts "TESTING ERROR 3\n";exit} | 16 | timeout {puts "TESTING ERROR 0.1\n";exit} |
17 | "home" | 17 | "home" |
18 | } | 18 | } |
19 | sleep 1 | 19 | sleep 1 |
20 | send -- "bash\r" | 20 | send -- "bash\r" |
21 | sleep 1 | 21 | sleep 1 |
22 | send -- "ls /; pwd\r" | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 0.2\n";exit} | ||
25 | "this-is-my-chroot" | ||
26 | } | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 0.3\n";exit} | ||
29 | "home" | ||
30 | } | ||
31 | |||
32 | |||
33 | |||
22 | send -- "ps aux; pwd\r" | 34 | send -- "ps aux; pwd\r" |
23 | expect { | 35 | expect { |
24 | timeout {puts "TESTING ERROR 1\n";exit} | 36 | timeout {puts "TESTING ERROR 1\n";exit} |
@@ -50,5 +62,6 @@ expect { | |||
50 | } | 62 | } |
51 | sleep 1 | 63 | sleep 1 |
52 | 64 | ||
65 | |||
53 | puts "all done\n" | 66 | puts "all done\n" |
54 | 67 | ||
diff --git a/test/fs_chroot_asroot.exp b/test/fs_chroot_asroot.exp new file mode 100755 index 000000000..7e18153e0 --- /dev/null +++ b/test/fs_chroot_asroot.exp | |||
@@ -0,0 +1,91 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | send -- "firejail --chroot=/tmp/chroot\r" | ||
8 | expect { | ||
9 | timeout {puts "TESTING ERROR 0\n";exit} | ||
10 | "Child process initialized" | ||
11 | } | ||
12 | sleep 1 | ||
13 | |||
14 | send -- "cd /home;pwd\r" | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
17 | "home" | ||
18 | } | ||
19 | sleep 1 | ||
20 | send -- "bash\r" | ||
21 | sleep 1 | ||
22 | send -- "ls /; pwd\r" | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 0.2\n";exit} | ||
25 | "this-is-my-chroot" | ||
26 | } | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 0.3\n";exit} | ||
29 | "home" | ||
30 | } | ||
31 | |||
32 | send -- "umount /boot; pwd\r" | ||
33 | expect { | ||
34 | timeout {puts "TESTING ERROR 0.4\n";exit} | ||
35 | "Bad system call" | ||
36 | } | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 0.5\n";exit} | ||
39 | "home" | ||
40 | } | ||
41 | |||
42 | send -- "/unchroot; pwd\r" | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 0.6\n";exit} | ||
45 | "Bad system call" | ||
46 | } | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 0.7\n";exit} | ||
49 | "home" | ||
50 | } | ||
51 | |||
52 | |||
53 | |||
54 | |||
55 | |||
56 | send -- "ps aux; pwd\r" | ||
57 | expect { | ||
58 | timeout {puts "TESTING ERROR 1\n";exit} | ||
59 | "/bin/bash" | ||
60 | } | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 2\n";exit} | ||
63 | "bash" | ||
64 | } | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 3\n";exit} | ||
67 | "ps aux" | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 4\n";exit} | ||
71 | "home" | ||
72 | } | ||
73 | sleep 1 | ||
74 | |||
75 | |||
76 | send -- "ps aux |wc -l; pwd\r" | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 5\n";exit} | ||
79 | "5" | ||
80 | } | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 6\n";exit} | ||
83 | "home" | ||
84 | } | ||
85 | sleep 1 | ||
86 | |||
87 | |||
88 | |||
89 | |||
90 | puts "all done\n" | ||
91 | |||
diff --git a/test/test-root.sh b/test/test-root.sh index fcfe32a58..94ac3447d 100755 --- a/test/test-root.sh +++ b/test/test-root.sh | |||
@@ -5,6 +5,9 @@ | |||
5 | echo "TESTING: network interfaces" | 5 | echo "TESTING: network interfaces" |
6 | ./net_interface.exp | 6 | ./net_interface.exp |
7 | 7 | ||
8 | echo "TESTING: chroot" | ||
9 | ./fs_chroot_asroot.exp | ||
10 | |||
8 | echo "TESTING: servers rsyslogd, sshd, nginx" | 11 | echo "TESTING: servers rsyslogd, sshd, nginx" |
9 | ./servers.exp | 12 | ./servers.exp |
10 | 13 | ||
@@ -46,9 +49,6 @@ echo hello > tmpfile | |||
46 | ./option_bind_file.exp | 49 | ./option_bind_file.exp |
47 | rm -f tmpfile | 50 | rm -f tmpfile |
48 | 51 | ||
49 | echo "TESTING: chroot" | ||
50 | ./fs_chroot.exp | ||
51 | |||
52 | echo "TESTING: firemon --interface" | 52 | echo "TESTING: firemon --interface" |
53 | ./firemon-interface.exp | 53 | ./firemon-interface.exp |
54 | 54 | ||
diff --git a/test/trace.exp b/test/trace.exp index bca3ac3b3..2b5003d83 100755 --- a/test/trace.exp +++ b/test/trace.exp | |||
@@ -91,5 +91,5 @@ expect { | |||
91 | sleep 1 | 91 | sleep 1 |
92 | 92 | ||
93 | 93 | ||
94 | puts "\n" | 94 | puts "\nall done\n" |
95 | 95 | ||