From bb6c744fd4f59d0f407c37955ba36f8d40cc60cf Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Mon, 17 Oct 2016 08:41:39 -0400
Subject: allow user access to /sys/fs (--noblacklist=/sys/fs)

---
 test/fs/fs.sh      |  3 +++
 test/fs/sys_fs.exp | 44 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100755 test/fs/sys_fs.exp

(limited to 'test/fs')

diff --git a/test/fs/fs.sh b/test/fs/fs.sh
index d45ef48bd..3139b8eae 100755
--- a/test/fs/fs.sh
+++ b/test/fs/fs.sh
@@ -6,6 +6,9 @@
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 
+echo "TESTING: /sys/fs access (test/fs/sys_fs.exp)"
+./sys_fs.exp
+
 echo "TESTING: kmsg access (test/fs/kmsg.exp)"
 ./kmsg.exp
 
diff --git a/test/fs/sys_fs.exp b/test/fs/sys_fs.exp
new file mode 100755
index 000000000..f512776d9
--- /dev/null
+++ b/test/fs/sys_fs.exp
@@ -0,0 +1,44 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls /sys/fs\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"Permission denied"
+}
+after 100
+
+send -- "exit\r"
+sleep 1
+
+send -- "firejail --noblacklist=/sys/fs\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "ls /sys/fs\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"cgroup"
+}
+after 100
+send -- "exit\r"
+after 100
+
+puts "\nall done\n"
+
-- 
cgit v1.2.3-54-g00ecf