From 9672e30b24242ca67c11b8af9e78a0a8e7f99a3b Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sun, 23 Jan 2022 12:42:58 +0100
Subject: testing

---
 test/environment/deterministic-shutdown.exp |   5 +-
 test/environment/environment.sh             |   6 +
 test/environment/keep-fd-bad.exp            |  40 +++++
 test/environment/keep-fd.exp                | 223 ++++++++++++++++++++++++++++
 4 files changed, 272 insertions(+), 2 deletions(-)
 create mode 100755 test/environment/keep-fd-bad.exp
 create mode 100755 test/environment/keep-fd.exp

(limited to 'test/environment')

diff --git a/test/environment/deterministic-shutdown.exp b/test/environment/deterministic-shutdown.exp
index dbbe226bb..be4e9c42e 100755
--- a/test/environment/deterministic-shutdown.exp
+++ b/test/environment/deterministic-shutdown.exp
@@ -3,14 +3,15 @@
 # Copyright (C) 2014-2022 Firejail Authors
 # License GPL v2
 
-set timeout 5
+set timeout 10
 spawn $env(SHELL)
 match_max 100000
 
-send -- "firejail --deterministic-shutdown bash -c \"sleep 10 & exec sleep 1\"\r"
+send -- "firejail --deterministic-shutdown bash -c \"sleep 100 & exec sleep 1\"\r"
 expect {
 	timeout {puts "TESTING ERROR 0\n";exit}
 	"Parent is shutting down, bye..."
 }
+after 100
 
 puts "\nall done\n"
diff --git a/test/environment/environment.sh b/test/environment/environment.sh
index ce0bb306c..2b77973ac 100755
--- a/test/environment/environment.sh
+++ b/test/environment/environment.sh
@@ -127,5 +127,11 @@ echo "TESTING: deterministic exit code (test/environment/deterministic-exit-code
 echo "TESTING: deterministic shutdown (test/environment/deterministic-shutdown.exp)"
 ./deterministic-shutdown.exp
 
+echo "TESTING: keep fd (test/environment/keep-fd.exp)"
+./keep-fd.exp
+
+echo "TESTING: keep fd errors (test/environment/keep-fd-bad.exp)"
+./keep-fd-bad.exp
+
 echo "TESTING: retain umask (test/environment/umask.exp)"
 (umask 123 && ./umask.exp)
diff --git a/test/environment/keep-fd-bad.exp b/test/environment/keep-fd-bad.exp
new file mode 100755
index 000000000..e8b411ea0
--- /dev/null
+++ b/test/environment/keep-fd-bad.exp
@@ -0,0 +1,40 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2022 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+
+send -- "firejail --noprofile --keep-fd=\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Error: invalid keep-fd option"
+}
+after 100
+
+send -- "firejail --noprofile --keep-fd=,,,\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Error: invalid keep-fd option"
+}
+after 100
+
+send -- "firejail --noprofile --keep-fd=dall\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"Error: invalid keep-fd option"
+}
+after 100
+
+send -- "firejail --noprofile --keep-fd=6,7,8,10b,11\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"Error: invalid keep-fd option"
+}
+after 100
+
+
+puts "\nall done\n"
diff --git a/test/environment/keep-fd.exp b/test/environment/keep-fd.exp
new file mode 100755
index 000000000..222234ceb
--- /dev/null
+++ b/test/environment/keep-fd.exp
@@ -0,0 +1,223 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2022 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+
+#
+# obtain some open file descriptors
+#
+send -- "exec {WRITE_FD}> blabla\r"
+after 100
+
+send -- "readlink -v /proc/self/fd/\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"/blabla"
+}
+after 100
+
+send -- "exec {READ_FD}< blabla\r"
+after 100
+
+send -- "readlink -v /proc/self/fd/\$READ_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"/blabla"
+}
+after 100
+
+
+#
+# inherit environment variables
+#
+send -- "export READ_FD\r"
+send -- "export WRITE_FD\r"
+after 100
+
+
+#
+# close all file descriptors
+# 0, 1, 2 stay open
+#
+send -- "firejail --noprofile\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"Child process initialized"
+}
+after 100
+
+# off by one because of ls
+send -- "ls /proc/self/fd | wc -w\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"4"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$READ_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"No such file or directory"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"No such file or directory"
+}
+after 100
+
+send -- "exit\r"
+after 500
+
+
+#
+# keep one file descriptor
+#
+send -- "firejail --noprofile --keep-fd=\$READ_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 6\n";exit}
+	"Child process initialized"
+}
+after 100
+
+# off by one because of ls
+send -- "ls /proc/self/fd | wc -w\r"
+expect {
+	timeout {puts "TESTING ERROR 7\n";exit}
+	"5"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$READ_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 8\n";exit}
+	"/blabla"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 9\n";exit}
+	"No such file or directory"
+}
+after 100
+
+send -- "exit\r"
+after 500
+
+
+#
+# keep other file descriptor
+#
+send -- "firejail --noprofile --keep-fd=\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 10\n";exit}
+	"Child process initialized"
+}
+after 100
+
+# off by one because of ls
+send -- "ls /proc/self/fd | wc -w\r"
+expect {
+	timeout {puts "TESTING ERROR 11\n";exit}
+	"5"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$READ_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 12\n";exit}
+	"No such file or directory"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 13\n";exit}
+	"/blabla"
+}
+after 100
+
+send -- "exit\r"
+after 500
+
+
+#
+# keep both file descriptors
+#
+send -- "firejail --noprofile --keep-fd=\$READ_FD,\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 14\n";exit}
+	"Child process initialized"
+}
+after 100
+
+# off by one because of ls
+send -- "ls /proc/self/fd | wc -w\r"
+expect {
+	timeout {puts "TESTING ERROR 15\n";exit}
+	"6"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$READ_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 16\n";exit}
+	"/blabla"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 17\n";exit}
+	"/blabla"
+}
+after 100
+
+send -- "exit\r"
+after 500
+
+
+#
+# keep all file descriptors
+#
+send -- "firejail --noprofile --keep-fd=all\r"
+expect {
+	timeout {puts "TESTING ERROR 18\n";exit}
+	"Child process initialized"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$READ_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 19\n";exit}
+	"/blabla"
+}
+after 100
+
+send -- "readlink -v /proc/self/fd/\$WRITE_FD\r"
+expect {
+	timeout {puts "TESTING ERROR 20\n";exit}
+	"/blabla"
+}
+after 100
+
+send -- "exit\r"
+after 500
+
+
+#
+# cleanup
+#
+send -- "rm -f blabla\r"
+after 100
+
+
+puts "\nall done\n"
-- 
cgit v1.2.3-54-g00ecf