From 30cb221e5ad2ec98355f5f0829f39f6c46a680e2 Mon Sep 17 00:00:00 2001 From: startx2017 Date: Fri, 27 Jul 2018 13:29:00 -0400 Subject: phase1 --- test/fs/fs.sh | 9 ----- test/fs/private-bin.exp | 92 ------------------------------------------ test/fs/private-home.exp | 102 ----------------------------------------------- test/fs/private-lib.exp | 48 ---------------------- 4 files changed, 251 deletions(-) delete mode 100755 test/fs/private-bin.exp delete mode 100755 test/fs/private-home.exp delete mode 100755 test/fs/private-lib.exp diff --git a/test/fs/fs.sh b/test/fs/fs.sh index 774c61750..186dca1c0 100755 --- a/test/fs/fs.sh +++ b/test/fs/fs.sh @@ -28,9 +28,6 @@ echo "TESTING: kmsg access (test/fs/kmsg.exp)" echo "TESTING: read/write /var/tmp (test/fs/fs_var_tmp.exp)" ./fs_var_tmp.exp -echo "TESTING: private-lib (test/fs/private-lib.exp)" -./private-lib.exp - echo "TESTING: read/write /var/lock (test/fs/fs_var_lock.exp)" ./fs_var_lock.exp @@ -40,9 +37,6 @@ echo "TESTING: read/write /dev/shm (test/fs/fs_dev_shm.exp)" echo "TESTING: private (test/fs/private.exp)" ./private.exp -echo "TESTING: private home (test/fs/private-home.exp)" -./private-home.exp - echo "TESTING: private home dir (test/fs/private-home-dir.exp)" ./private-home-dir.exp @@ -55,9 +49,6 @@ echo "TESTING: private-etc (test/fs/private-etc.exp)" echo "TESTING: empty private-etc (test/fs/private-etc-empty.exp)" ./private-etc-empty.exp -echo "TESTING: private-bin (test/fs/private-bin.exp)" -./private-bin.exp - echo "TESTING: whitelist empty (test/fs/whitelist-empty.exp)" ./whitelist-empty.exp diff --git a/test/fs/private-bin.exp b/test/fs/private-bin.exp deleted file mode 100755 index 7eca6e106..000000000 --- a/test/fs/private-bin.exp +++ /dev/null @@ -1,92 +0,0 @@ -#!/usr/bin/expect -f -# This file is part of Firejail project -# Copyright (C) 2014-2018 Firejail Authors -# License GPL v2 - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --private-bin=bash,ls,sh\r" -expect { - timeout {puts "TESTING ERROR 1\n";exit} - "Child process initialized" -} -sleep 1 - -send -- "ls /bin\r" -expect { - timeout {puts "TESTING ERROR 2\n";exit} - "bash" -} -expect { - timeout {puts "TESTING ERROR 3\n";exit} - "ls" -} -expect { - timeout {puts "TESTING ERROR 4\n";exit} - "sh" -} - -send -- "ls /bin\r" -expect { - timeout {puts "TESTING ERROR 5\n";exit} - "ping" {puts "TESTING ERROR 6\n";exit} - "sh" -} -send -- "exit\r" -sleep 1 - -send -- "firejail --profile=private-bin.profile\r" -expect { - timeout {puts "TESTING ERROR 7\n";exit} - "Child process initialized" -} -sleep 1 - -send -- "ls /bin\r" -expect { - timeout {puts "TESTING ERROR 8\n";exit} - "bash" -} -expect { - timeout {puts "TESTING ERROR 9\n";exit} - "ls" -} -expect { - timeout {puts "TESTING ERROR 10\n";exit} - "sh" -} - -send -- "ls /bin\r" -expect { - timeout {puts "TESTING ERROR 11\n";exit} - "ping" {puts "TESTING ERROR 12\n";exit} - "sh" -} -send -- "exit\r" -after 100 - - -send -- "firejail --private-bin=/etc/shadow\r" -expect { - timeout {puts "TESTING ERROR 13\n";exit} - "Warning: invalid private-bin path /etc/shadow" -} -after 100 - -send -- "firejail --private-bin=\"bla;bla\"\r" -expect { - timeout {puts "TESTING ERROR 14\n";exit} - "is an invalid filename" -} -after 100 - -send -- "firejail --private-etc=../bin/ls\r" -expect { - timeout {puts "TESTING ERROR 15\n";exit} - "is an invalid filename" -} - -after 100 -puts "\nall done\n" diff --git a/test/fs/private-home.exp b/test/fs/private-home.exp deleted file mode 100755 index 4d35e31e9..000000000 --- a/test/fs/private-home.exp +++ /dev/null @@ -1,102 +0,0 @@ -#!/usr/bin/expect -f -# This file is part of Firejail project -# Copyright (C) 2014-2018 Firejail Authors -# License GPL v2 - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -# create some test files in user home directory -send -- "touch ~/_firejail_test_file1\r" -after 100 -send -- "touch ~/_firejail_test_file2\r" -after 100 -send -- "mkdir ~/_firejail_test_dir1\r" -after 100 -send -- "mkdir ~/_firejail_test_dir1/_firejail_test_dir2\r" -after 100 -send -- "touch ~/_firejail_test_dir1/_firejail_test_dir2/_firejail_test_file3\r" -after 100 -send -- "ln -s /etc ~/_firejail_test_link1\r" -after 100 -send -- "ln -s ~/_firejail_test_dir1 ~/_firejail_test_link2\r" -after 100 - -send -- "firejail --private-home=_firejail_test_file1,_firejail_test_file2,_firejail_test_dir1\r" -expect { - timeout {puts "TESTING ERROR 1\n";exit} - "Child process initialized" -} -after 100 - -send -- "find ~\r" -expect { - timeout {puts "TESTING ERROR 2\n";exit} - "_firejail_test_file3" -} -expect { - timeout {puts "TESTING ERROR 3\n";exit} - "_firejail_test_file2" -} -expect { - timeout {puts "TESTING ERROR 4\n";exit} - "_firejail_test_file1" -} -after 100 - -send -- "exit\r" -sleep 1 - -send -- "firejail --private-home=\"bla;bla\"\r" -expect { - timeout {puts "TESTING ERROR 5\n";exit} - "is an invalid filename" -} -after 100 - -send -- "firejail --private-home=/etc/shadow\r" -expect { - timeout {puts "TESTING ERROR 6\n";exit} - "invalid file" -} -after 100 - -send -- "firejail --private-home=/etc/passwd\r" -expect { - timeout {puts "TESTING ERROR 7\n";exit} - "invalid file" -} -after 100 - -send -- "firejail --private-home=../../etc/passwd\r" -expect { - timeout {puts "TESTING ERROR 8\n";exit} - "invalid file" -} -after 100 - -send -- "firejail --private-home=_firejail_test_link1\r" -expect { - timeout {puts "TESTING ERROR 9\n";exit} - "to file or directory not owned by the user" -} -after 100 - -send -- "firejail --private-home=_firejail_test_link2\r" -expect { - timeout {puts "TESTING ERROR 10\n";exit} - "Child process initialized" -} -after 100 -send -- "file ~/_firejail_test_link2\r" -expect { - timeout {puts "TESTING ERROR 11\n";exit} - "broken symbolic link" -} -send -- "exit\r" - -send -- "rm -f ~/_firejail_test*\r" -after 100 - -puts "\nall done\n" diff --git a/test/fs/private-lib.exp b/test/fs/private-lib.exp deleted file mode 100755 index 79e0341a3..000000000 --- a/test/fs/private-lib.exp +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/expect -f -# This file is part of Firejail project -# Copyright (C) 2014-2018 Firejail Authors -# License GPL v2 - - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --private-lib --private-bin=sh,bash,dash,ps,grep,ls,find,echo,stty \r" -expect { - timeout {puts "TESTING ERROR 1\n";exit} - "Child process initialized" -} -after 100 -send -- "stty -echo\r" -after 100 - -send -- "cd /bin; find .\; echo done\r" -expect { - timeout {puts "TESTING ERROR 2\n";exit} -# "grep" {puts "TESTING ERROR 3\n";exit} - "rm" {puts "TESTING ERROR 3\n";exit} - "cp" {puts "TESTING ERROR 4\n";exit} - "done" -} -after 100 - -send -- "cd /lib; find .\r" -expect { - timeout {puts "TESTING ERROR 5\n";exit} - "modules" {puts "TESTING ERROR 6\n";exit} - "firmware" {puts "TESTING ERROR 7\n";exit} - "libc.so" -} -after 100 - -send -- "cd /usr/lib; find .\r" -expect { - timeout {puts "TESTING ERROR 8\n";exit} - "grub" {puts "TESTING ERROR 9\n";exit} - "mozilla" {puts "TESTING ERROR 10\n";exit} - "libdl.so" -} -after 100 - -puts "\nall done\n" -- cgit v1.2.3-54-g00ecf