From 578a83fcd07da8b9afb3b3a4f26eefe0df19c98d Mon Sep 17 00:00:00 2001 From: netblue30 Date: Sun, 5 Mar 2017 11:52:56 -0500 Subject: testing --- test/root/checkcfg.exp | 106 +++++++++++++++++++++++++++++++++++++++++++++++++ test/root/root.sh | 3 ++ 2 files changed, 109 insertions(+) create mode 100755 test/root/checkcfg.exp (limited to 'test/root') diff --git a/test/root/checkcfg.exp b/test/root/checkcfg.exp new file mode 100755 index 000000000..e1ec6cf79 --- /dev/null +++ b/test/root/checkcfg.exp @@ -0,0 +1,106 @@ +#!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2017 Firejail Authors +# License GPL v2 + +set timeout 10 +cd /home +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --noprofile --overlay\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "Child process initialized" +} +sleep 2 + +send -- "rm /etc/firejail/firejail.config\r" +after 100 + +send -- "firejail\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "firejail.config not found" +} + +# seccomp +send -- "echo \"seccomp no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --seccomp --force\r" +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "seccomp feature is disabled in Firejail configuration file\r" +} +send -- "exit\r" +after 100 + +# whitelist +send -- "echo \"whitelist no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --whitelist=~/.config --force\r" +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "whitelist feature is disabled in Firejail configuration file\r" +} + +# network +send -- "echo \"network no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --net=eth0 --force\r" +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "networking feature is disabled in Firejail configuration file\r" +} + +# bind +send -- "echo \"bind no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --bind=/tmp,/var/tmp --force\r" +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "bind feature is disabled in Firejail configuration file\r" +} + +# overlay +send -- "echo \"overlayfs no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --overlay --force\r" +expect { + timeout {puts "TESTING ERROR 6\n";exit} + "overlayfs feature is disabled in Firejail configuration file\r" +} + +# private-home +send -- "echo \"private-home no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --private-home=/tmp --force\r" +expect { + timeout {puts "TESTING ERROR 7\n";exit} + "private-home feature is disabled in Firejail configuration file\r" +} + +# chroot +send -- "echo \"chroot no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --chroot=/tmp --force\r" +expect { + timeout {puts "TESTING ERROR 8\n";exit} + "chroot feature is disabled in Firejail configuration file\r" +} + +# userns +send -- "echo \"userns no\" > /etc/firejail/firejail.config\r" +after 100 +send -- "firejail --noprofile --noroot --force\r" +expect { + timeout {puts "TESTING ERROR 9\n";exit} + "noroot feature is disabled in Firejail configuration file\r" +} + +send -- "exit\r" +after 100 + + +after 100 +puts "\nall done\n" diff --git a/test/root/root.sh b/test/root/root.sh index 29c618772..e23499d2a 100755 --- a/test/root/root.sh +++ b/test/root/root.sh @@ -80,6 +80,9 @@ echo "TESTING: seccomp chown (test/root/seccomp-chown.exp)" #******************************** # command line options #******************************** +echo "TESTING: firejail configuration (test/root/checkcfg.exp)" +./checkcfg.exp + echo "TESTING: tmpfs (test/root/option_tmpfs.exp)" ./option_tmpfs.exp -- cgit v1.2.3-70-g09d2