From 63e16bfcd9f79c63f3801f51df4840f74fa6f41b Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sun, 13 Nov 2016 10:47:20 -0500
Subject: major cleanup and testing

---
 test/apps-x11/apps-x11.sh      | 36 +++++++++++++-----
 test/apps-x11/x11-none.exp     | 48 +++++++++++++++++++++++
 test/apps-x11/x11-xephyr.exp   | 59 +++++++++++++++++++++++++++++
 test/apps-x11/xterm-xephyr.exp | 86 ++++++++++++++++++++++++++++++++++++++++++
 test/apps-x11/xterm-xorg.exp   | 86 ++++++++++++++++++++++++++++++++++++++++++
 test/apps-x11/xterm-xpra.exp   | 86 ++++++++++++++++++++++++++++++++++++++++++
 test/apps-x11/xterm.exp        | 86 ------------------------------------------
 7 files changed, 392 insertions(+), 95 deletions(-)
 create mode 100755 test/apps-x11/x11-none.exp
 create mode 100755 test/apps-x11/x11-xephyr.exp
 create mode 100755 test/apps-x11/xterm-xephyr.exp
 create mode 100755 test/apps-x11/xterm-xorg.exp
 create mode 100755 test/apps-x11/xterm-xpra.exp
 delete mode 100755 test/apps-x11/xterm.exp

(limited to 'test/apps-x11')

diff --git a/test/apps-x11/apps-x11.sh b/test/apps-x11/apps-x11.sh
index 1b3494290..4a8671dbd 100755
--- a/test/apps-x11/apps-x11.sh
+++ b/test/apps-x11/apps-x11.sh
@@ -6,6 +6,33 @@
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 
+echo "TESTING: no x11 (test/apps-x11/x11-none.exp)"
+./x11-none.exp
+
+
+which xterm
+if [ "$?" -eq 0 ];
+then
+	echo "TESTING: xterm x11 xorg"
+	./xterm-xorg.exp
+
+	which xpra
+	if [ "$?" -eq 0 ];
+	then
+	echo "TESTING: xterm x11 xpra"
+	./xterm-xpra.exp
+	fi
+	
+	which Xephyr
+	if [ "$?" -eq 0 ];
+	then
+	echo "TESTING: xterm x11 xephyr"
+	./xterm-xephyr.exp
+	fi
+else
+	echo "TESTING SKIP: xterm not found"
+fi
+
 # check xpra/xephyr
 which xpra
 if [ "$?" -eq 0 ];
@@ -23,15 +50,6 @@ else
 	fi
 fi
 
-which xterm
-if [ "$?" -eq 0 ];
-then
-	echo "TESTING: xterm x11"
-	./xterm.exp
-else
-	echo "TESTING SKIP: xterm not found"
-fi
-
 which firefox
 if [ "$?" -eq 0 ];
 then
diff --git a/test/apps-x11/x11-none.exp b/test/apps-x11/x11-none.exp
new file mode 100755
index 000000000..e9908839b
--- /dev/null
+++ b/test/apps-x11/x11-none.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --name=test --x11=none\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"use network namespace in firejail"
+}
+sleep 1
+
+send -- "firejail --name=test --net=none --x11=none\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls -al /tmp/.X11-unix\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"cannot open directory"
+}
+after 100
+
+send -- "xterm\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"DISPLAY is not set"
+}
+after 100
+
+send -- "export DISPLAY=:0.0\r"
+after 100
+send -- "xterm\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Xt error"
+}
+after 100
+
+puts "\nall done\n"
+
diff --git a/test/apps-x11/x11-xephyr.exp b/test/apps-x11/x11-xephyr.exp
new file mode 100755
index 000000000..41a413890
--- /dev/null
+++ b/test/apps-x11/x11-xephyr.exp
@@ -0,0 +1,59 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --name=test --x11=xephyr xterm\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+
+exit
+
+
+sleep 5
+
+
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"use network namespace in firejail"
+}
+sleep 1
+
+send -- "firejail --name=test --net=none --x11=none\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls -al /tmp/.X11-unix\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"cannot open directory"
+}
+after 100
+
+send -- "xterm\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"DISPLAY is not set"
+}
+after 100
+
+send -- "export DISPLAY=:0.0\r"
+after 100
+send -- "xterm\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Xt error"
+}
+after 100
+
+puts "\nall done\n"
+
diff --git a/test/apps-x11/xterm-xephyr.exp b/test/apps-x11/xterm-xephyr.exp
new file mode 100755
index 000000000..5b4299478
--- /dev/null
+++ b/test/apps-x11/xterm-xephyr.exp
@@ -0,0 +1,86 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --name=test --x11=xephyr xterm\r"
+sleep 10
+
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 3.1\n";exit}
+	"xterm"
+}
+sleep 1
+
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+	"cannot open" {puts "grsecurity not present\n"}
+}
+
+send -- "firejail --name=blablabla\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Child process initialized"
+}
+sleep 2
+
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.0\n";exit}
+	"xterm"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+	"Seccomp:	2"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.0\n";exit}
+	"xterm"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.1\n";exit}
+	"CapBnd"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.2\n";exit}
+	"0000000000000000"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.3\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+
+puts "\nall done\n"
+
diff --git a/test/apps-x11/xterm-xorg.exp b/test/apps-x11/xterm-xorg.exp
new file mode 100755
index 000000000..fbc88f196
--- /dev/null
+++ b/test/apps-x11/xterm-xorg.exp
@@ -0,0 +1,86 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --name=test --x11=xorg xterm\r"
+sleep 10
+
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 3.1\n";exit}
+	"xterm"
+}
+sleep 1
+
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+	"cannot open" {puts "grsecurity not present\n"}
+}
+
+send -- "firejail --name=blablabla\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Child process initialized"
+}
+sleep 2
+
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.0\n";exit}
+	"xterm"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+	"Seccomp:	2"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.0\n";exit}
+	"xterm"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.1\n";exit}
+	"CapBnd"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.2\n";exit}
+	"0000000000000000"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.3\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+
+puts "\nall done\n"
+
diff --git a/test/apps-x11/xterm-xpra.exp b/test/apps-x11/xterm-xpra.exp
new file mode 100755
index 000000000..379de131a
--- /dev/null
+++ b/test/apps-x11/xterm-xpra.exp
@@ -0,0 +1,86 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --name=test --x11=xpra xterm\r"
+sleep 10
+
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 3.1\n";exit}
+	"xterm"
+}
+sleep 1
+
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+	"cannot open" {puts "grsecurity not present\n"}
+}
+
+send -- "firejail --name=blablabla\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"Child process initialized"
+}
+sleep 2
+
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.0\n";exit}
+	"xterm"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+	"Seccomp:	2"
+}
+expect {
+	timeout {puts "TESTING ERROR 5.1\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	":firejail"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.0\n";exit}
+	"xterm"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.1\n";exit}
+	"CapBnd"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.2\n";exit}
+	"0000000000000000"
+}
+expect {
+	timeout {puts "TESTING ERROR 6.3\n";exit}
+	"name=blablabla"
+}
+sleep 1
+send -- "firejail --shutdown=test\r"
+sleep 3
+
+puts "\nall done\n"
+
diff --git a/test/apps-x11/xterm.exp b/test/apps-x11/xterm.exp
deleted file mode 100755
index 4fa5ddf0c..000000000
--- a/test/apps-x11/xterm.exp
+++ /dev/null
@@ -1,86 +0,0 @@
-#!/usr/bin/expect -f
-# This file is part of Firejail project
-# Copyright (C) 2014-2016 Firejail Authors
-# License GPL v2
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send -- "firejail --name=test --x11 xterm\r"
-sleep 10
-
-spawn $env(SHELL)
-send -- "firejail --list\r"
-expect {
-	timeout {puts "TESTING ERROR 3\n";exit}
-	":firejail"
-}
-expect {
-	timeout {puts "TESTING ERROR 3.1\n";exit}
-	"xterm"
-}
-sleep 1
-
-# grsecurity exit
-send -- "file /proc/sys/kernel/grsecurity\r"
-expect {
-	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
-	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
-	"cannot open" {puts "grsecurity not present\n"}
-}
-
-send -- "firejail --name=blablabla\r"
-expect {
-	timeout {puts "TESTING ERROR 4\n";exit}
-	"Child process initialized"
-}
-sleep 2
-
-spawn $env(SHELL)
-send -- "firemon --seccomp\r"
-expect {
-	timeout {puts "TESTING ERROR 5\n";exit}
-	"need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
-	":firejail"
-}
-expect {
-	timeout {puts "TESTING ERROR 5.0\n";exit}
-	"xterm"
-}
-expect {
-	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
-	"Seccomp:	2"
-}
-expect {
-	timeout {puts "TESTING ERROR 5.1\n";exit}
-	"name=blablabla"
-}
-sleep 1
-send -- "firemon --caps\r"
-expect {
-	timeout {puts "TESTING ERROR 6\n";exit}
-	":firejail"
-}
-expect {
-	timeout {puts "TESTING ERROR 6.0\n";exit}
-	"xterm"
-}
-expect {
-	timeout {puts "TESTING ERROR 6.1\n";exit}
-	"CapBnd"
-}
-expect {
-	timeout {puts "TESTING ERROR 6.2\n";exit}
-	"0000000000000000"
-}
-expect {
-	timeout {puts "TESTING ERROR 6.3\n";exit}
-	"name=blablabla"
-}
-sleep 1
-send -- "firejail --shutdown=test\r"
-sleep 3
-
-puts "\nall done\n"
-
-- 
cgit v1.2.3-54-g00ecf