From 0df2fd2efce584ff9430cb2e523136b75df92c20 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Tue, 24 Nov 2015 11:47:38 -0500 Subject: feature testing --- test/configure | 2 ++ test/features/2.3.exp | 10 +++---- test/features/3.2.exp | 2 +- test/features/3.3.exp | 69 ++++++++++++++++++++++++++++++++++++++++++++++ test/features/3.4.exp | 69 ++++++++++++++++++++++++++++++++++++++++++++++ test/features/features.txt | 3 +- test/features/test.sh | 16 +++++++++++ 7 files changed, 164 insertions(+), 7 deletions(-) create mode 100755 test/features/3.3.exp create mode 100755 test/features/3.4.exp diff --git a/test/configure b/test/configure index 67122cfe1..c7fd66cfb 100755 --- a/test/configure +++ b/test/configure @@ -36,6 +36,8 @@ mkdir -p $ROOTDIR/etc/firejail mkdir -p $ROOTDIR/home/netblue/.config/firejail chown netblue:netblue $ROOTDIR/home/netblue chown netblue:netblue $ROOTDIR/home/netblue/.config +cp /home/netblue/.Xauthority $ROOTDIR/home/netblue/. +cp -a /etc/skel $ROOTDIR/etc/. mkdir $ROOTDIR/home/someotheruser mkdir $ROOTDIR/boot mkdir $ROOTDIR/selinux diff --git a/test/features/2.3.exp b/test/features/2.3.exp index a70005781..c519c72ad 100755 --- a/test/features/2.3.exp +++ b/test/features/2.3.exp @@ -56,7 +56,7 @@ expect { after 100 send -- "exit\r" -sleep 1 +sleep 3 send -- "firejail --noprofile --net=eth0 --ip=192.168.1.244\r" expect { @@ -104,7 +104,7 @@ expect { after 100 send -- "exit\r" -sleep 1 +sleep 3 # # O @@ -155,7 +155,7 @@ expect { after 100 send -- "exit\r" -sleep 1 +sleep 3 send -- "firejail --noprofile --net=eth0 --ip=192.168.1.244 --overlay\r" expect { @@ -203,7 +203,7 @@ expect { after 100 send -- "exit\r" -sleep 1 +sleep 3 # @@ -255,7 +255,7 @@ expect { after 100 send -- "exit\r" -sleep 1 +sleep 3 send -- "firejail --noprofile --net=eth0 --ip=192.168.1.244 --chroot=/tmp/chroot\r" expect { diff --git a/test/features/3.2.exp b/test/features/3.2.exp index f6ed01310..44d9b73f3 100755 --- a/test/features/3.2.exp +++ b/test/features/3.2.exp @@ -1,6 +1,6 @@ #!/usr/bin/expect -f # -# disable /boot +# read-only # set timeout 10 diff --git a/test/features/3.3.exp b/test/features/3.3.exp new file mode 100755 index 000000000..432a135d7 --- /dev/null +++ b/test/features/3.3.exp @@ -0,0 +1,69 @@ +#!/usr/bin/expect -f +# +# blacklist +# + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +# +# N +# +send -- "firejail --noprofile --blacklist=/home/netblue/.config\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "cd ~/.config\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "Permission denied" +} +after 100 +send -- "exit\r" +sleep 1 + + +# +# O +# +send -- "firejail --noprofile --overlay --blacklist=/home/netblue/.config\r" +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "cd ~/.config\r" +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "Permission denied" +} +after 100 +send -- "exit\r" +sleep 1 + +# +# C +# +send -- "firejail --noprofile --chroot=/tmp/chroot --blacklist=/home/netblue/.config\r" +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "cd ~/.config\r" +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "Permission denied" +} +after 100 +send -- "exit\r" +sleep 1 + + +puts "\nall done\n" diff --git a/test/features/3.4.exp b/test/features/3.4.exp new file mode 100755 index 000000000..bc6e10733 --- /dev/null +++ b/test/features/3.4.exp @@ -0,0 +1,69 @@ +#!/usr/bin/expect -f +# +# whitelist +# + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +# +# N +# +send -- "firejail --noprofile --whitelist=/home/netblue/.config\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "ls -al ~/. | wc -l\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "6" +} +after 100 +send -- "exit\r" +sleep 1 + + +# +# O +# +send -- "firejail --noprofile --overlay --whitelist=/home/netblue/.config\r" +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "ls -al ~/. | wc -l\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "6" +} +after 100 +send -- "exit\r" +sleep 1 + +# +# C +# +send -- "firejail --noprofile --chroot=/tmp/chroot --whitelist=/home/netblue/.config\r" +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "Child process initialized" +} +sleep 1 + +send -- "ls -al ~/. | wc -l\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "6" +} +after 100 +send -- "exit\r" +sleep 1 + + +puts "\nall done\n" diff --git a/test/features/features.txt b/test/features/features.txt index 492843adc..d372d2f7a 100644 --- a/test/features/features.txt +++ b/test/features/features.txt @@ -71,4 +71,5 @@ C - chroot filesystem 3.1 tmpfs 3.2 read-only - \ No newline at end of file +3.3 blacklist +3.4 whitelist diff --git a/test/features/test.sh b/test/features/test.sh index 8047bbd0c..e49dfc3f0 100755 --- a/test/features/test.sh +++ b/test/features/test.sh @@ -44,3 +44,19 @@ echo "TESTING: 2.4 bridge" echo "TESTING: 2.5 interface" ./2.5.exp + +echo "TESTING: 2.6 Default gateway" +./2.6.exp + +echo "TESTING: 3.1 tmpfs" +./3.1.exp + +echo "TESTING: 3.2 read-only" +./3.2.exp + +echo "TESTING: 3.3 blacklist" +./3.3.exp + +echo "TESTING: 3.4 whitelist" +./3.4.exp + -- cgit v1.2.3-54-g00ecf