From aa0194eae75871f3fb5e15d31a9060527711adae Mon Sep 17 00:00:00 2001 From: netblue30 Date: Wed, 8 Mar 2023 17:09:17 -0500 Subject: testing --- test/utils/caps-print.exp | 32 ----------- test/utils/caps1.profile | 1 - test/utils/caps2.profile | 1 - test/utils/firemon-caps.exp | 129 -------------------------------------------- test/utils/utils.sh | 10 ---- 5 files changed, 173 deletions(-) delete mode 100755 test/utils/caps-print.exp delete mode 100644 test/utils/caps1.profile delete mode 100644 test/utils/caps2.profile delete mode 100755 test/utils/firemon-caps.exp (limited to 'test/utils') diff --git a/test/utils/caps-print.exp b/test/utils/caps-print.exp deleted file mode 100755 index 381f27574..000000000 --- a/test/utils/caps-print.exp +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/expect -f -# This file is part of Firejail project -# Copyright (C) 2014-2023 Firejail Authors -# License GPL v2 - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --name=test\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 2 - -spawn $env(SHELL) -send -- "firejail --caps.print=test\r" -expect { - timeout {puts "TESTING ERROR 1\n";exit} - "setgid - disabled" -} -expect { - timeout {puts "TESTING ERROR 2\n";exit} - "setuid - disabled" -} -expect { - timeout {puts "TESTING ERROR 3\n";exit} - "net_raw - disabled" -} -after 100 -puts "\nall done\n" diff --git a/test/utils/caps1.profile b/test/utils/caps1.profile deleted file mode 100644 index 78c18fc64..000000000 --- a/test/utils/caps1.profile +++ /dev/null @@ -1 +0,0 @@ -caps.drop chown,kill diff --git a/test/utils/caps2.profile b/test/utils/caps2.profile deleted file mode 100644 index e760d4cb5..000000000 --- a/test/utils/caps2.profile +++ /dev/null @@ -1 +0,0 @@ -caps.keep chown,kill diff --git a/test/utils/firemon-caps.exp b/test/utils/firemon-caps.exp deleted file mode 100755 index 621447d45..000000000 --- a/test/utils/firemon-caps.exp +++ /dev/null @@ -1,129 +0,0 @@ -#!/usr/bin/expect -f -# This file is part of Firejail project -# Copyright (C) 2014-2023 Firejail Authors -# License GPL v2 - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --name=bingo1 --noprofile --caps\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firejail --name=bingo2 --noprofile\r" -expect { - timeout {puts "TESTING ERROR 1\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firejail --name=bingo3 --noprofile --caps.drop=all\r" -expect { - timeout {puts "TESTING ERROR 2\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firejail --noprofile --name=bingo4 --caps.drop=chown,kill\r" -expect { - timeout {puts "TESTING ERROR 3\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firejail --noprofile --name=bingo5 --caps.keep=chown,kill\r" -expect { - timeout {puts "TESTING ERROR 4\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firejail --name=bingo6 --profile=caps1.profile\r" -expect { - timeout {puts "TESTING ERROR 5\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firejail --name=bingo7 --profile=caps2.profile\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firemon --caps\r" -expect { - timeout {puts "TESTING ERROR 8.1\n";exit} - "need to be root" {puts "TESTING SKIP: /proc mounted as hidepid\n"; exit} - "bingo1" -} -expect { - timeout {puts "TESTING ERROR 8.2\n";exit} - "31cffff" -} -expect { - timeout {puts "TESTING ERROR 8.3\n";exit} - "bingo2" -} -expect { - timeout {puts "TESTING ERROR 8.4\n";exit} - "fffffff" -} -expect { - timeout {puts "TESTING ERROR 8.5\n";exit} - "bingo3" -} -expect { - timeout {puts "TESTING ERROR 8.6\n";exit} - "000000000000" -} - -expect { - timeout {puts "TESTING ERROR 8.7\n";exit} - "bingo4" -} -expect { - timeout {puts "TESTING ERROR 8.8\n";exit} - "ffffffde" -} -expect { - timeout {puts "TESTING ERROR 8.9\n";exit} - "bingo5" -} -expect { - timeout {puts "TESTING ERROR 8.10\n";exit} - "0000000000000021" -} - -expect { - timeout {puts "TESTING ERROR 8.11\n";exit} - "bingo6" -} -expect { - timeout {puts "TESTING ERROR 8.12\n";exit} - "ffffffde" -} -expect { - timeout {puts "TESTING ERROR 8.13\n";exit} - "bingo7" -} -expect { - timeout {puts "TESTING ERROR 8.14\n";exit} - "0000000000000021" -} - -after 100 - -puts "all done\n" diff --git a/test/utils/utils.sh b/test/utils/utils.sh index 9f04c2625..49ff8e6de 100755 --- a/test/utils/utils.sh +++ b/test/utils/utils.sh @@ -61,9 +61,6 @@ echo "TESTING: fs.print (test/utils/fs-print.exp)" echo "TESTING: dns.print (test/utils/dns-print.exp)" ./dns-print.exp -echo "TESTING: caps.print (test/utils/caps-print.exp)" -./caps-print.exp - echo "TESTING: seccomp.print (test/utils/seccomp-print.exp)" ./seccomp-print.exp @@ -112,13 +109,6 @@ else echo "TESTING SKIP: seccomp already active (test/utils/firemon-seccomp.exp)" fi -if grep -q "^CapBnd:\\s0000003fffffffff" /proc/self/status; then - echo "TESTING: firemon caps (test/utils/firemon-caps.exp)" - ./firemon-caps.exp -else - echo "TESTING SKIP: other capabilities than expected (test/utils/firemon-caps.exp)" -fi - echo "TESTING: firemon cpu (test/utils/firemon-cpu.exp)" ./firemon-cpu.exp -- cgit v1.2.3-70-g09d2