From 34110bc5525b2e61e5e1c5dcea3563b4411a72c3 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Thu, 3 Dec 2015 12:42:49 -0500 Subject: testing --- README.md | 6 +- etc/disable-secret.inc | 2 +- test/chromium.exp | 2 +- test/deluge.exp | 2 +- test/evince.exp | 8 +-- test/fbreader.exp | 6 +- test/firefox.exp | 2 +- test/gnome-mplayer.exp | 2 +- test/google-chrome.exp | 2 +- test/hexchat.exp | 2 +- test/icedove.exp | 8 +-- test/midori.exp | 2 +- test/opera.exp | 2 +- test/shell_csh.exp | 2 +- test/shell_dash.exp | 2 +- test/shell_zsh.exp | 2 +- test/test-apps.sh | 155 +++++++++++++++++++++++++++++++++++++++++++++ test/test.sh | 156 +--------------------------------------------- test/transmission-gtk.exp | 8 +-- test/transmission-qt.exp | 8 +-- test/vlc.exp | 6 +- test/weechat.exp | 2 +- test/wine.exp | 2 +- test/xchat.exp | 2 +- 24 files changed, 197 insertions(+), 194 deletions(-) create mode 100755 test/test-apps.sh diff --git a/README.md b/README.md index a6348e457..832fece06 100644 --- a/README.md +++ b/README.md @@ -107,7 +107,9 @@ Syslog example: ````` $ sudo tail -f /var/log/syslog [...] -Dec 3 11:43:25 debian firejail[70]: blacklist violation - sandbox 26370, exe firefox, syscall open64, path /etc/shadow -Dec 3 11:46:17 debian firejail[70]: blacklist violation - sandbox 26370, exe firefox, syscall opendir, path /boot +Dec 3 11:43:25 debian firejail[70]: blacklist violation - sandbox 26370, exe firefox, + syscall open64, path /etc/shadow +Dec 3 11:46:17 debian firejail[70]: blacklist violation - sandbox 26370, exe firefox, + syscall opendir, path /boot [...] ````` \ No newline at end of file diff --git a/etc/disable-secret.inc b/etc/disable-secret.inc index f6cfc0f45..fd0117dcd 100644 --- a/etc/disable-secret.inc +++ b/etc/disable-secret.inc @@ -6,7 +6,7 @@ blacklist ${HOME}/kde4/share/apps/kwallet blacklist ${HOME}/kde/share/apps/kwallet blacklist ${HOME}/.netrc blacklist ${HOME}/.gnupg -blacklist ${HOME}/.local/share/recently-used.xbel +blacklist-nolog ${HOME}/.local/share/recently-used.xbel blacklist ${HOME}/*.kdb blacklist ${HOME}/*.key blacklist /etc/shadow diff --git a/test/chromium.exp b/test/chromium.exp index 77325d070..9f4aa9ea4 100755 --- a/test/chromium.exp +++ b/test/chromium.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail chromium www.gentoo.org\r" +send -- "firejail --tracelog chromium www.gentoo.org\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/chromium.profile" diff --git a/test/deluge.exp b/test/deluge.exp index 49266813e..88982f189 100755 --- a/test/deluge.exp +++ b/test/deluge.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail deluge\r" +send -- "firejail --tracelog deluge\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/deluge.profile" diff --git a/test/evince.exp b/test/evince.exp index ba6ca1b6d..6c94dff9a 100755 --- a/test/evince.exp +++ b/test/evince.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail evince\r" +send -- "firejail --tracelog evince\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/evince.profile" @@ -38,7 +38,7 @@ spawn $env(SHELL) send -- "firemon --seccomp\r" expect { timeout {puts "TESTING ERROR 5\n";exit} - ":firejail evince" + ":firejail --tracelog evince" } expect { timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} @@ -52,7 +52,7 @@ sleep 1 send -- "firemon --caps\r" expect { timeout {puts "TESTING ERROR 6\n";exit} - ":firejail evince" + ":firejail --tracelog evince" } expect { timeout {puts "TESTING ERROR 6.1\n";exit} @@ -68,5 +68,5 @@ expect { } sleep 1 -puts "\n" +puts "\nall done\n" diff --git a/test/fbreader.exp b/test/fbreader.exp index a4df50932..97df8aca8 100755 --- a/test/fbreader.exp +++ b/test/fbreader.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail fbreader\r" +send -- "firejail --tracelog fbreader\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/fbreader.profile" @@ -38,7 +38,7 @@ spawn $env(SHELL) send -- "firemon --seccomp\r" expect { timeout {puts "TESTING ERROR 5\n";exit} - ":firejail fbreader" + ":firejail --tracelog fbreader" } expect { timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} @@ -52,7 +52,7 @@ sleep 1 send -- "firemon --caps\r" expect { timeout {puts "TESTING ERROR 6\n";exit} - ":firejail fbreader" + ":firejail --tracelog fbreader" } expect { timeout {puts "TESTING ERROR 6.1\n";exit} diff --git a/test/firefox.exp b/test/firefox.exp index c2e64e04f..e1b31dd87 100755 --- a/test/firefox.exp +++ b/test/firefox.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail firefox www.gentoo.org\r" +send -- "firejail --tracelog firefox www.gentoo.org\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/firefox.profile" diff --git a/test/gnome-mplayer.exp b/test/gnome-mplayer.exp index e8acc295c..e0157ffa9 100755 --- a/test/gnome-mplayer.exp +++ b/test/gnome-mplayer.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail gnome-mplayer\r" +send -- "firejail --tracelog gnome-mplayer\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/gnome-mplayer.profile" diff --git a/test/google-chrome.exp b/test/google-chrome.exp index 5c77b53dc..f66608de4 100755 --- a/test/google-chrome.exp +++ b/test/google-chrome.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail google-chrome www.gentoo.org\r" +send -- "firejail --tracelog google-chrome www.gentoo.org\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/chromium.profile" diff --git a/test/hexchat.exp b/test/hexchat.exp index 0653bcb13..90d775574 100755 --- a/test/hexchat.exp +++ b/test/hexchat.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail hexchat\r" +send -- "firejail --tracelog hexchat\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/hexchat.profile" diff --git a/test/icedove.exp b/test/icedove.exp index 79913517b..af2bd1ace 100755 --- a/test/icedove.exp +++ b/test/icedove.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail icedove\r" +send -- "firejail --tracelog icedove\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/icedove.profile" @@ -13,7 +13,7 @@ expect { timeout {puts "TESTING ERROR 1\n";exit} "Child process initialized" } -sleep 10 +sleep 5 spawn $env(SHELL) send -- "firejail --list\r" @@ -38,7 +38,7 @@ spawn $env(SHELL) send -- "firemon --seccomp\r" expect { timeout {puts "TESTING ERROR 5\n";exit} - ":firejail icedove" + ":firejail --tracelog icedove" } expect { timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} @@ -52,7 +52,7 @@ sleep 1 send -- "firemon --caps\r" expect { timeout {puts "TESTING ERROR 6\n";exit} - ":firejail icedove" + ":firejail --tracelog icedove" } expect { timeout {puts "TESTING ERROR 6.1\n";exit} diff --git a/test/midori.exp b/test/midori.exp index ec33816dd..f8f39d579 100755 --- a/test/midori.exp +++ b/test/midori.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail midori www.gentoo.org\r" +send -- "firejail --tracelog midori www.gentoo.org\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/midori.profile" diff --git a/test/opera.exp b/test/opera.exp index f536ae866..62dc22279 100755 --- a/test/opera.exp +++ b/test/opera.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail opera www.gentoo.org\r" +send -- "firejail --tracelog opera www.gentoo.org\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/opera.profile" diff --git a/test/shell_csh.exp b/test/shell_csh.exp index 8fa1ef166..a2634f633 100755 --- a/test/shell_csh.exp +++ b/test/shell_csh.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail --private --csh\r" +send -- "firejail --private --tracelog --csh\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Child process initialized" diff --git a/test/shell_dash.exp b/test/shell_dash.exp index 298b65a0d..f5a60719e 100755 --- a/test/shell_dash.exp +++ b/test/shell_dash.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail --private --shell=/bin/dash\r" +send -- "firejail --private --tracelog --shell=/bin/dash\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Child process initialized" diff --git a/test/shell_zsh.exp b/test/shell_zsh.exp index 79cd78a3e..1d73fd926 100755 --- a/test/shell_zsh.exp +++ b/test/shell_zsh.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail --private --zsh\r" +send -- "firejail --private --tracelog --zsh\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Child process initialized" diff --git a/test/test-apps.sh b/test/test-apps.sh new file mode 100755 index 000000000..5ada20549 --- /dev/null +++ b/test/test-apps.sh @@ -0,0 +1,155 @@ +#!/bin/bash + +which firefox +if [ "$?" -eq 0 ]; +then + echo "TESTING: firefox" + ./firefox.exp +else + echo "TESTING: firefox not found" +fi + +which midori +if [ "$?" -eq 0 ]; +then + echo "TESTING: midori" + ./midori.exp +else + echo "TESTING: midori not found" +fi + +which chromium +if [ "$?" -eq 0 ]; +then + echo "TESTING: chromium" + ./chromium.exp +else + echo "TESTING: chromium not found" +fi + +which google-chrome +if [ "$?" -eq 0 ]; +then + echo "TESTING: google-chrome" + ./chromium.exp +else + echo "TESTING: google-chrome not found" +fi + +which opera +if [ "$?" -eq 0 ]; +then + echo "TESTING: opera" + ./opera.exp +else + echo "TESTING: opera not found" +fi + +which transmission-gtk +if [ "$?" -eq 0 ]; +then + echo "TESTING: transmission-gtk" + ./transmission-gtk.exp +else + echo "TESTING: transmission-gtk not found" +fi + +which transmission-qt +if [ "$?" -eq 0 ]; +then + echo "TESTING: transmission-qt" + ./transmission-qt.exp +else + echo "TESTING: transmission-qt not found" +fi + +which evince +if [ "$?" -eq 0 ]; +then + echo "TESTING: evince" + ./evince.exp +else + echo "TESTING: evince not found" +fi + +which icedove +if [ "$?" -eq 0 ]; +then + echo "TESTING: icedove" + ./icedove.exp +else + echo "TESTING: icedove not found" +fi + +which vlc +if [ "$?" -eq 0 ]; +then + echo "TESTING: vlc" + ./vlc.exp +else + echo "TESTING: vlc not found" +fi + +which fbreader +if [ "$?" -eq 0 ]; +then + echo "TESTING: fbreader" + ./fbreader.exp +else + echo "TESTING: fbreader not found" +fi + +which deluge +if [ "$?" -eq 0 ]; +then + echo "TESTING: deluge" + ./deluge.exp +else + echo "TESTING: deluge not found" +fi + +which gnome-mplayer +if [ "$?" -eq 0 ]; +then + echo "TESTING: gnome-mplayer" + ./gnome-mplayer.exp +else + echo "TESTING: gnome-mplayer not found" +fi + +which xchat +if [ "$?" -eq 0 ]; +then + echo "TESTING: xchat" + ./xchat.exp +else + echo "TESTING: xchat not found" +fi + +which hexchat +if [ "$?" -eq 0 ]; +then + echo "TESTING: hexchat" + ./hexchat.exp +else + echo "TESTING: hexchat not found" +fi + +which weechat-curses +if [ "$?" -eq 0 ]; +then + echo "TESTING: weechat" + ./weechat.exp +else + echo "TESTING: weechat not found" +fi + +which wine +if [ "$?" -eq 0 ]; +then + echo "TESTING: wine" + ./wine.exp +else + echo "TESTING: wine not found" +fi + diff --git a/test/test.sh b/test/test.sh index 6b9b458e9..8668d068f 100755 --- a/test/test.sh +++ b/test/test.sh @@ -152,161 +152,7 @@ else echo "TESTING: dash not found" fi -which firefox -if [ "$?" -eq 0 ]; -then - echo "TESTING: firefox" - ./firefox.exp -else - echo "TESTING: firefox not found" -fi - -which midori -if [ "$?" -eq 0 ]; -then - echo "TESTING: midori" - ./midori.exp -else - echo "TESTING: midori not found" -fi - -which chromium -if [ "$?" -eq 0 ]; -then - echo "TESTING: chromium" - ./chromium.exp -else - echo "TESTING: chromium not found" -fi - -which google-chrome -if [ "$?" -eq 0 ]; -then - echo "TESTING: google-chrome" - ./chromium.exp -else - echo "TESTING: google-chrome not found" -fi - -which opera -if [ "$?" -eq 0 ]; -then - echo "TESTING: opera" - ./opera.exp -else - echo "TESTING: opera not found" -fi - -which transmission-gtk -if [ "$?" -eq 0 ]; -then - echo "TESTING: transmission-gtk" - ./transmission-gtk.exp -else - echo "TESTING: transmission-gtk not found" -fi - -which transmission-qt -if [ "$?" -eq 0 ]; -then - echo "TESTING: transmission-qt" - ./transmission-qt.exp -else - echo "TESTING: transmission-qt not found" -fi - -which evince -if [ "$?" -eq 0 ]; -then - echo "TESTING: evince" - ./evince.exp -else - echo "TESTING: evince not found" -fi - -which icedove -if [ "$?" -eq 0 ]; -then - echo "TESTING: icedove" - ./icedove.exp -else - echo "TESTING: icedove not found" -fi - -which vlc -if [ "$?" -eq 0 ]; -then - echo "TESTING: vlc" - ./vlc.exp -else - echo "TESTING: vlc not found" -fi - -which fbreader -if [ "$?" -eq 0 ]; -then - echo "TESTING: fbreader" - ./fbreader.exp -else - echo "TESTING: fbreader not found" -fi - -which deluge -if [ "$?" -eq 0 ]; -then - echo "TESTING: deluge" - ./deluge.exp -else - echo "TESTING: deluge not found" -fi - -which gnome-mplayer -if [ "$?" -eq 0 ]; -then - echo "TESTING: gnome-mplayer" - ./gnome-mplayer.exp -else - echo "TESTING: gnome-mplayer not found" -fi - -which xchat -if [ "$?" -eq 0 ]; -then - echo "TESTING: xchat" - ./xchat.exp -else - echo "TESTING: xchat not found" -fi - -which hexchat -if [ "$?" -eq 0 ]; -then - echo "TESTING: hexchat" - ./hexchat.exp -else - echo "TESTING: hexchat not found" -fi - -which weechat-curses -if [ "$?" -eq 0 ]; -then - echo "TESTING: weechat" - ./weechat.exp -else - echo "TESTING: weechat not found" -fi - -which wine -if [ "$?" -eq 0 ]; -then - echo "TESTING: wine" - ./wine.exp -else - echo "TESTING: wine not found" -fi - - - +./test-apps.sh echo "TESTING: PID" ./pid.exp diff --git a/test/transmission-gtk.exp b/test/transmission-gtk.exp index 7760ae3ad..01e220573 100755 --- a/test/transmission-gtk.exp +++ b/test/transmission-gtk.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail transmission-gtk\r" +send -- "firejail --tracelog transmission-gtk\r" expect { timeout {puts "TESTING ERROR 1\n";exit} "Child process initialized" @@ -34,7 +34,7 @@ spawn $env(SHELL) send -- "firemon --seccomp\r" expect { timeout {puts "TESTING ERROR 5\n";exit} - ":firejail transmission-gtk" + ":firejail --tracelog transmission-gtk" } expect { timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} @@ -48,7 +48,7 @@ sleep 1 send -- "firemon --caps\r" expect { timeout {puts "TESTING ERROR 6\n";exit} - ":firejail transmission-gtk" + ":firejail --tracelog transmission-gtk" } expect { timeout {puts "TESTING ERROR 6.1\n";exit} @@ -64,5 +64,5 @@ expect { } sleep 1 -puts "\n" +puts "\nall done\n" diff --git a/test/transmission-qt.exp b/test/transmission-qt.exp index 85457aeb8..785e35649 100755 --- a/test/transmission-qt.exp +++ b/test/transmission-qt.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail transmission-qt\r" +send -- "firejail --tracelog transmission-qt\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/transmission-qt.profile" @@ -38,7 +38,7 @@ spawn $env(SHELL) send -- "firemon --seccomp\r" expect { timeout {puts "TESTING ERROR 5\n";exit} - ":firejail transmission-qt" + ":firejail --tracelog transmission-qt" } expect { timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} @@ -52,7 +52,7 @@ sleep 1 send -- "firemon --caps\r" expect { timeout {puts "TESTING ERROR 6\n";exit} - ":firejail transmission-qt" + ":firejail --tracelog transmission-qt" } expect { timeout {puts "TESTING ERROR 6.1\n";exit} @@ -68,5 +68,5 @@ expect { } sleep 1 -puts "\n" +puts "\nall done\n" diff --git a/test/vlc.exp b/test/vlc.exp index 53d25c9dd..a9a0a3fb1 100755 --- a/test/vlc.exp +++ b/test/vlc.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail vlc\r" +send -- "firejail --tracelog vlc\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/vlc.profile" @@ -38,7 +38,7 @@ spawn $env(SHELL) send -- "firemon --seccomp\r" expect { timeout {puts "TESTING ERROR 5\n";exit} - ":firejail vlc" + ":firejail --tracelog vlc" } expect { timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit} @@ -52,7 +52,7 @@ sleep 1 send -- "firemon --caps\r" expect { timeout {puts "TESTING ERROR 6\n";exit} - ":firejail vlc" + ":firejail --tracelog vlc" } expect { timeout {puts "TESTING ERROR 6.1\n";exit} diff --git a/test/weechat.exp b/test/weechat.exp index ac2430280..8a928b0e9 100755 --- a/test/weechat.exp +++ b/test/weechat.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail weechat-curses\r" +send -- "firejail --tracelog weechat-curses\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/weechat.profile" diff --git a/test/wine.exp b/test/wine.exp index d87c1f205..1e7df434c 100755 --- a/test/wine.exp +++ b/test/wine.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail wine --help\r" +send -- "firejail --tracelog wine --help\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/wine.profile" diff --git a/test/xchat.exp b/test/xchat.exp index babbcf87d..d1b06b2c0 100755 --- a/test/xchat.exp +++ b/test/xchat.exp @@ -4,7 +4,7 @@ set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail xchat\r" +send -- "firejail --tracelog xchat\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Reading profile /etc/firejail/xchat.profile" -- cgit v1.2.3-54-g00ecf