From 7176e6324d444b681b822f2a29c15d61c7f92677 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Wed, 8 Feb 2023 17:50:44 -0500 Subject: private-etc: libreoffice, audacity, forzen-bubble, transmission, md5sum/sha512sum, more sysutils testing, fix electron-hardened.inc.profile --- etc/profile-a-l/audacity.profile | 1 + etc/profile-a-l/electron-hardened.inc.profile | 2 +- etc/profile-a-l/frozen-bubble.profile | 2 ++ etc/profile-a-l/gnome-calculator.profile | 1 + etc/profile-a-l/hasher-common.profile | 1 + etc/profile-a-l/libreoffice.profile | 1 + etc/profile-m-z/transmission-common.profile | 1 + src/firecfg/firecfg.config | 7 +++++++ test/sysutils/md5sum.exp | 21 +++++++++++++++++++++ test/sysutils/sha512sum.exp | 21 +++++++++++++++++++++ test/sysutils/sysutils.sh | 16 ++++++++++++++++ 11 files changed, 73 insertions(+), 1 deletion(-) create mode 100755 test/sysutils/md5sum.exp create mode 100755 test/sysutils/sha512sum.exp diff --git a/etc/profile-a-l/audacity.profile b/etc/profile-a-l/audacity.profile index 371054728..fcac0137e 100644 --- a/etc/profile-a-l/audacity.profile +++ b/etc/profile-a-l/audacity.profile @@ -50,6 +50,7 @@ tracelog private-bin audacity private-dev +private-etc @x11,gcrypt private-tmp # problems on Fedora 27 diff --git a/etc/profile-a-l/electron-hardened.inc.profile b/etc/profile-a-l/electron-hardened.inc.profile index eacf5cebe..a9e1756d9 100644 --- a/etc/profile-a-l/electron-hardened.inc.profile +++ b/etc/profile-a-l/electron-hardened.inc.profile @@ -7,4 +7,4 @@ include electron-hardened.inc.local #include globals.local # Redirect -include chrome-common-hardened.inc.profile +include chromium-common-hardened.inc.profile diff --git a/etc/profile-a-l/frozen-bubble.profile b/etc/profile-a-l/frozen-bubble.profile index 86a8a8fc6..f162a4a31 100644 --- a/etc/profile-a-l/frozen-bubble.profile +++ b/etc/profile-a-l/frozen-bubble.profile @@ -22,6 +22,7 @@ mkdir ${HOME}/.frozen-bubble whitelist ${HOME}/.frozen-bubble include whitelist-common.inc include whitelist-runuser-common.inc +whitelist /usr/share/games include whitelist-usr-share-common.inc include whitelist-var-common.inc @@ -42,6 +43,7 @@ tracelog disable-mnt # private-bin frozen-bubble private-dev +private-etc @games,@x11 private-tmp dbus-user none diff --git a/etc/profile-a-l/gnome-calculator.profile b/etc/profile-a-l/gnome-calculator.profile index 3926146ff..e5c6022e8 100644 --- a/etc/profile-a-l/gnome-calculator.profile +++ b/etc/profile-a-l/gnome-calculator.profile @@ -45,6 +45,7 @@ disable-mnt private-bin gnome-calculator private-cache private-dev +private-etc @x11 #private-lib gdk-pixbuf-2.*,gio,girepository-1.*,gvfs,libgconf-2.so.*,libgnutls.so.*,libproxy.so.*,librsvg-2.so.*,libxml2.so.* private-tmp diff --git a/etc/profile-a-l/hasher-common.profile b/etc/profile-a-l/hasher-common.profile index fd8246aae..96e69d6cf 100644 --- a/etc/profile-a-l/hasher-common.profile +++ b/etc/profile-a-l/hasher-common.profile @@ -48,6 +48,7 @@ x11 none # Add the next line to your hasher-common.local if you don't need to hash files in ~/.cache. #private-cache private-dev +private-etc # Add the next line to your hasher-common.local if you don't need to hash files in /tmp. #private-tmp diff --git a/etc/profile-a-l/libreoffice.profile b/etc/profile-a-l/libreoffice.profile index 518928876..d7144d8c3 100644 --- a/etc/profile-a-l/libreoffice.profile +++ b/etc/profile-a-l/libreoffice.profile @@ -50,6 +50,7 @@ tracelog #private-bin libreoffice,sh,uname,dirname,grep,sed,basename,ls private-cache private-dev +private-etc @tls-ca,@x11,cups,gnupg,libreoffice,papersize,ssh private-tmp dbus-system none diff --git a/etc/profile-m-z/transmission-common.profile b/etc/profile-m-z/transmission-common.profile index 0a9029c97..d80eb708b 100644 --- a/etc/profile-m-z/transmission-common.profile +++ b/etc/profile-m-z/transmission-common.profile @@ -44,6 +44,7 @@ tracelog private-cache private-dev +private-etc @tls-ca,@x11 private-tmp dbus-user none diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 793ec9a52..db73dd1f6 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -519,6 +519,7 @@ matrix-mirage mattermost-desktop mcabber mcomix +md5sum mediainfo mediathekview megaglest @@ -736,6 +737,11 @@ seahorse-tool seamonkey seamonkey-bin secret-tool +sha1sum +sha224sum +sha256sum +sha348sum +sha512sum shellcheck shortwave shotcut @@ -775,6 +781,7 @@ straw-viewer strings studio.sh subdownloader +sum supertux2 supertuxkart surf diff --git a/test/sysutils/md5sum.exp b/test/sysutils/md5sum.exp new file mode 100755 index 000000000..ab2482808 --- /dev/null +++ b/test/sysutils/md5sum.exp @@ -0,0 +1,21 @@ +#!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2022 Firejail Authors +# License GPL v2 + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail md5sum ../../COPYING\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "b234ee" +} +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "COPYING" +} + +after 500 +puts "\nall done\n" diff --git a/test/sysutils/sha512sum.exp b/test/sysutils/sha512sum.exp new file mode 100755 index 000000000..2a88fef83 --- /dev/null +++ b/test/sysutils/sha512sum.exp @@ -0,0 +1,21 @@ +#!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2022 Firejail Authors +# License GPL v2 + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail sha512sum ../../COPYING\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "aee80b1f" +} +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "COPYING" +} + +after 500 +puts "\nall done\n" diff --git a/test/sysutils/sysutils.sh b/test/sysutils/sysutils.sh index a1aaa80a7..3c035c69c 100755 --- a/test/sysutils/sysutils.sh +++ b/test/sysutils/sysutils.sh @@ -7,6 +7,22 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) export LC_ALL=C +if command -v md5sum +then + echo "TESTING: md5sum" + ./md5sum.exp +else + echo "TESTING SKIP: md5sum not found" +fi + +if command -v sha512sum +then + echo "TESTING: sha512sum" + ./sha512sum.exp +else + echo "TESTING SKIP: sha512sum not found" +fi + if command -v cpio then echo "TESTING: cpio" -- cgit v1.2.3-70-g09d2