From 295a207490bb7338d6f1ad89830620da2597ebdc Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 3 Mar 2023 17:23:43 -0500 Subject: testing: moving apparmor out from filters group --- test/apparmor/apparmor.exp | 59 ++++++++++++++++++++++++++++++++++++++++++++++ test/filters/apparmor.exp | 59 ---------------------------------------------- test/filters/filters.sh | 12 +++++----- 3 files changed, 65 insertions(+), 65 deletions(-) create mode 100755 test/apparmor/apparmor.exp delete mode 100755 test/filters/apparmor.exp (limited to 'test') diff --git a/test/apparmor/apparmor.exp b/test/apparmor/apparmor.exp new file mode 100755 index 000000000..a8f73c797 --- /dev/null +++ b/test/apparmor/apparmor.exp @@ -0,0 +1,59 @@ +#!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2023 Firejail Authors +# License GPL v2 + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --name=test1 --apparmor\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" +} +sleep 1 + +spawn $env(SHELL) +send -- "firejail --name=test2 --apparmor\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" +} +sleep 1 + +spawn $env(SHELL) +send -- "firemon --apparmor\r" +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "test1:firejail --name=test1 --apparmor" +} +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "AppArmor: firejail-default//&unconfined enforce" +} +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "test2:firejail --name=test2 --apparmor" +} +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "AppArmor: firejail-default//&unconfined enforce" +} +after 100 + +send -- "firejail --apparmor.print=test1\r" +expect { + timeout {puts "TESTING ERROR 6\n";exit} + "AppArmor: firejail-default//&unconfined enforce" +} +after 100 + +send -- "firejail --apparmor.print=test2\r" +expect { + timeout {puts "TESTING ERROR 7\n";exit} + "AppArmor: firejail-default//&unconfined enforce" +} +after 100 + +puts "\nall done\n" diff --git a/test/filters/apparmor.exp b/test/filters/apparmor.exp deleted file mode 100755 index a8f73c797..000000000 --- a/test/filters/apparmor.exp +++ /dev/null @@ -1,59 +0,0 @@ -#!/usr/bin/expect -f -# This file is part of Firejail project -# Copyright (C) 2014-2023 Firejail Authors -# License GPL v2 - -set timeout 10 -spawn $env(SHELL) -match_max 100000 - -send -- "firejail --name=test1 --apparmor\r" -expect { - timeout {puts "TESTING ERROR 0\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firejail --name=test2 --apparmor\r" -expect { - timeout {puts "TESTING ERROR 1\n";exit} - -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" -} -sleep 1 - -spawn $env(SHELL) -send -- "firemon --apparmor\r" -expect { - timeout {puts "TESTING ERROR 2\n";exit} - "test1:firejail --name=test1 --apparmor" -} -expect { - timeout {puts "TESTING ERROR 3\n";exit} - "AppArmor: firejail-default//&unconfined enforce" -} -expect { - timeout {puts "TESTING ERROR 4\n";exit} - "test2:firejail --name=test2 --apparmor" -} -expect { - timeout {puts "TESTING ERROR 5\n";exit} - "AppArmor: firejail-default//&unconfined enforce" -} -after 100 - -send -- "firejail --apparmor.print=test1\r" -expect { - timeout {puts "TESTING ERROR 6\n";exit} - "AppArmor: firejail-default//&unconfined enforce" -} -after 100 - -send -- "firejail --apparmor.print=test2\r" -expect { - timeout {puts "TESTING ERROR 7\n";exit} - "AppArmor: firejail-default//&unconfined enforce" -} -after 100 - -puts "\nall done\n" diff --git a/test/filters/filters.sh b/test/filters/filters.sh index 1d145ac4b..2d115db1b 100755 --- a/test/filters/filters.sh +++ b/test/filters/filters.sh @@ -13,12 +13,12 @@ if [[ -f /etc/debian_version ]]; then fi export PATH="$PATH:/usr/lib/firejail:/usr/lib64/firejail" -if [[ -f /sys/kernel/security/apparmor/profiles ]]; then - echo "TESTING: apparmor (test/filters/apparmor.exp)" - ./apparmor.exp -else - echo "TESTING SKIP: no apparmor support in Linux kernel (test/filters/apparmor.exp)" -fi +#if [[ -f /sys/kernel/security/apparmor/profiles ]]; then +# echo "TESTING: apparmor (test/filters/apparmor.exp)" +# ./apparmor.exp +#else +# echo "TESTING SKIP: no apparmor support in Linux kernel (test/filters/apparmor.exp)" +#fi if [[ $(uname -m) == "x86_64" ]]; then echo "TESTING: memory-deny-write-execute (test/filters/memwrexe.exp)" -- cgit v1.2.3-54-g00ecf