From 2acc910daf73c284965ca96bc70b4eb980c865cf Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Thu, 8 Nov 2018 10:49:44 -0500
Subject: profile parser testing

---
 test/profiles/profile_appname.exp     | 25 +++++++++++++++++++++++++
 test/profiles/profile_noperm.exp      |  2 +-
 test/profiles/profile_recursivity.exp | 25 +++++++++++++++++++++++++
 test/profiles/profile_syntax2.exp     | 27 +++------------------------
 test/profiles/profiles.sh             | 27 +++++++++++++++++++++++++++
 test/profiles/test2.profile           |  4 +++-
 test/profiles/test3.profile           |  1 +
 7 files changed, 85 insertions(+), 26 deletions(-)
 create mode 100755 test/profiles/profile_appname.exp
 create mode 100755 test/profiles/profile_recursivity.exp
 create mode 100644 test/profiles/test3.profile

(limited to 'test/profiles')

diff --git a/test/profiles/profile_appname.exp b/test/profiles/profile_appname.exp
new file mode 100755
index 000000000..c70e7ad57
--- /dev/null
+++ b/test/profiles/profile_appname.exp
@@ -0,0 +1,25 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --profile=firefox\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Reading profile /etc/firejail/firefox.profile"
+}
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Reading profile /etc/firejail/firefox-common.profile"
+}
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"shell=none configured, but no program specified"
+}
+
+after 100
+puts "\nall done\n"
diff --git a/test/profiles/profile_noperm.exp b/test/profiles/profile_noperm.exp
index b3b031cb2..9f8cb54e2 100755
--- a/test/profiles/profile_noperm.exp
+++ b/test/profiles/profile_noperm.exp
@@ -7,7 +7,7 @@ match_max 100000
 send -- "firejail --profile=/etc/shadow\r"
 expect {
 	timeout {puts "TESTING ERROR 0\n";exit}
-	"cannot access profile"
+	"inaccessible profile file"
 }
 after 100
 puts "\nall done\n"
diff --git a/test/profiles/profile_recursivity.exp b/test/profiles/profile_recursivity.exp
new file mode 100755
index 000000000..66e4510bf
--- /dev/null
+++ b/test/profiles/profile_recursivity.exp
@@ -0,0 +1,25 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --profile=test3.profile\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Reading profile test3.profile"
+}
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"Reading profile test3.profile"
+}
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"maximum profile include level was reached"
+}
+
+after 100
+puts "\nall done\n"
diff --git a/test/profiles/profile_syntax2.exp b/test/profiles/profile_syntax2.exp
index 4d621f3ec..da34b67e8 100755
--- a/test/profiles/profile_syntax2.exp
+++ b/test/profiles/profile_syntax2.exp
@@ -7,7 +7,7 @@ set timeout 10
 spawn $env(SHELL)
 match_max 100000
 
-send -- "firejail --debug --profile=test2.profile\r"
+send -- "firejail --profile=test2.profile\r"
 expect {
 	timeout {puts "TESTING ERROR 0\n";exit}
 	"Reading profile test2.profile"
@@ -18,29 +18,8 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 2\n";exit}
-	"Mounting a new /home directory"
+	"cannot access profile file"
 }
-expect {
-	timeout {puts "TESTING ERROR 3\n";exit}
-	"Disable /bin/rmdir" {puts "Most Linux platforms\n"}
-	"Disable /usr/bin/rmdir" { puts "OpenSUSE platform\n"}
-}
-expect {
-	timeout {puts "TESTING ERROR 4\n";exit}
-	"Drop CAP_SYS_MODULE"
-}
-expect {
-	timeout {puts "TESTING ERROR 5\n";exit}
-	"seccomp entries in /run/firejail/mnt/seccomp"
-}
-expect {
-	timeout {puts "TESTING ERROR 7\n";exit}
-	"jeq mount"
-}
-expect {
-	timeout {puts "TESTING ERROR 8\n";exit}
-	"Child process initialized"
-}
-send -- "exit\r"
+
 after 100
 puts "\nall done\n"
diff --git a/test/profiles/profiles.sh b/test/profiles/profiles.sh
index 7c3549aea..a3d24ac0c 100755
--- a/test/profiles/profiles.sh
+++ b/test/profiles/profiles.sh
@@ -6,6 +6,33 @@
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 
+echo "TESTING: profile recursivity (test/profiles/profile_recursivity.exp)"
+./profile_recursivity.exp
+
+echo "TESTING: profile application name (test/profiles/profile_appname.exp)"
+./profile_appname.exp
+
+echo "TESTING: profile syntax (test/profiles/profile_syntax.exp)"
+./profile_syntax.exp
+
+echo "TESTING: profile syntax 2 (test/profiles/profile_syntax2.exp)"
+./profile_syntax2.exp
+
+echo "TESTING: ignore command (test/profiles/ignore.exp)"
+./ignore.exp
+
+echo "TESTING: profile read-only (test/profiles/profile_readonly.exp)"
+./profile_readonly.exp
+
+echo "TESTING: profile read-only links (test/profiles/profile_readonly.exp)"
+./profile_followlnk.exp
+
+echo "TESTING: profile no permissions (test/profiles/profile_noperm.exp)"
+./profile_noperm.exp
+
+
+
+
 echo "TESTING: default profiles installed in /etc"
 PROFILES=`ls /etc/firejail/*.profile`
 for PROFILE in $PROFILES
diff --git a/test/profiles/test2.profile b/test/profiles/test2.profile
index e219d800d..9fbd5219a 100644
--- a/test/profiles/test2.profile
+++ b/test/profiles/test2.profile
@@ -1,4 +1,6 @@
-caps	
+caps
 seccomp
   private
   include test.profile
+  include test.local
+  include test25.profile
diff --git a/test/profiles/test3.profile b/test/profiles/test3.profile
new file mode 100644
index 000000000..c28ddadb5
--- /dev/null
+++ b/test/profiles/test3.profile
@@ -0,0 +1 @@
+include test3.profile
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf